last executing test programs:

8.766483021s ago: executing program 1 (id=16373):
r0 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r8}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x0, 0x0, 0x0, 0x4}, [@TCA_NETEM_RATE={0x14, 0xd}]}}}]}, 0x60}}, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e00221a850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_clone3(&(0x7f0000000500)={0x40000000, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)=<r10=>0x0, {0x17}, &(0x7f00000003c0)=""/44, 0x2c, &(0x7f0000000400)=""/28, &(0x7f00000004c0)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x6, {r0}}, 0x58)
setpriority(0x2, r10, 0x7f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
write$binfmt_script(r2, 0x0, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

8.423083492s ago: executing program 1 (id=16375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f160085000000860000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fsync(r2)

8.370597036s ago: executing program 1 (id=16376):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
sendfile(r1, r0, 0x0, 0x3a)

7.52884141s ago: executing program 1 (id=16383):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

7.268366323s ago: executing program 1 (id=16386):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f16008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fsync(r2)

7.054562201s ago: executing program 1 (id=16388):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x1}, 0x6e)
connect$unix(r2, &(0x7f0000000080)=@file={0x1}, 0x6e)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000900)=ANY=[@ANYBLOB="54000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="1544010001800000240012800b0001006d61637365630000140002800500060001000000050007000100000008000500", @ANYRES32=r4, @ANYBLOB="08000a0090"], 0x54}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@getchain={0x44, 0x66, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x6}, {0x2, 0xf}, {0xfff1, 0x39f6b708c92336f4}}, [{0x8}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0xa41b}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x40000004)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ptrace(0x10, 0x1)

2.430070897s ago: executing program 0 (id=16419):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES8=0x0], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x400008a, 0x0)
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b11ae6, @void, @value}, 0x90)
dup2(r7, r7)

2.04646053s ago: executing program 0 (id=16420):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="45f7000000000000000032"], 0x1c}}, 0x0)

2.028804812s ago: executing program 4 (id=16422):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000001600)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x10)
getgid()

2.004146744s ago: executing program 4 (id=16423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00')
ppoll(&(0x7f0000000280)=[{r5}], 0x1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
keyctl$negate(0xd, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22000406, &(0x7f0000000700)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@noblock_validity}, {@usrjquota_path={'usrjquota', 0x3d, './file0/file0/file0'}}, {@auto_da_alloc}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@dax}], [{@audit}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}], 0x2c}, 0x84, 0x485, &(0x7f0000000dc0)="$eJzs3LtvHMUfAPDvrh/55Wknv/DIA3IQEBYBO3YCpKAABFIaJCQooDSOiUKcBMVGIlFEAkKhRPwFQImEREVDBQ0CKhAt9AgpQmkSKJDR7u3ad76zcz77fAn3+Uh3ntmdvZnv7o5vdsfrAHpWJXtLIrZFxK8RMVTN1heoVH/cvH5p6q/rl6aSmJ9/+c8kL3fj+qWpsmi53dYiM5JGpB8ksa9JvbMXLp6enJmZPl/kx+bOvDU2e+Hi46fOTJ6cPjl9duLYsaNHxp96cuKJdYkzi+vG3nfP7d9z/LWPX5yaj9d/+CJr77ZifW0cVcNrrrMSlZgvLC4dzN8fXvOn316216ST/i42hFXpi4jscA3k/X8o+mLx4A3FC+93tXFAR2XfTTsblvYVP9OF7y/gvyjRx6FHld/42fVv+drI8Ue3XXs2e5/O479ZvKpr+iPNrmWHq1fsfR2qf1tEvHrl70+yVzS9DwEAsL6+ycY/jzUb/6Vxd025HcUcynBEHIqIXRHx/4jYHRF3ReRl74mIe1dZf2VJvnH88/PmtgJrUTb+e7qY26of/6VFiWQhtz2PfyB549TM9OFin4zEwKYsP75CHd8+/8tHy62r1Iz/sldWfzkWLNrxR/+m+m1OTM5NriHkOtfei9jb3yz+ZGEmINsDeyJibxufn+2zU49+vj9L79jauP7W8a9gHeaZ5j+LeKR6/K/EkvhLSbWm5eYnx/4XM9OHx8qzotGPP119qTY/UJNeGv9Gz51lx39L0/O/iL/sBuV87ezq67j624fLXtM0Hv8kWjn/B5NX8vRgseydybm58+MRg8WCuuUTi9uW+bJ8Fv/Iweb9f1fEP58W2+2LiOwkvi8i7o+IA0XbH4iIByPi4Arxf//cQ2+uvIfaPP/XQRb/iZWOf8RwUjtf30ai7/R3Xy9Xf2u//47mqZFiSSu//1pt4Fr2HQAAANwp0nwOOklHy3TNzandsSWdOTc7d6gSb589UZ2rHo6BtLzTNVRzP3S8uDdc5ieW5I9ExM78L4025/nRqXMz27sZOJA/q1PX/yNNR0er637v1B+9ALePVc051T4d+OVX698YYEN5XhN6l/4PvUv/h96l/0Pvatb/L0fc7EJTgA3m+x96l/4PvUv/h96l/0NPanwkvvx3K+086b+Y2HV8TZv3UKKvQ58ctf+0owOJSLu+69pPpLcs80x0vBkHisSmiGh1q8sdPaZLzx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA7378BAAD//+rs4gk=")

1.995008195s ago: executing program 0 (id=16424):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}, 0x45c)
ioctl$UI_DEV_SETUP(r2, 0x5501, 0x0)
readv(r2, &(0x7f0000000080)=[{&(0x7f0000000580)=""/104, 0x68}], 0x1)
write$input_event(r2, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)

1.897552873s ago: executing program 0 (id=16425):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000001880)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001440)=ANY=[@ANYRES16=r6, @ANYBLOB="290a00000000000000000100000008000100", @ANYRES32=r5, @ANYBLOB="0800050001000000b4000880"], 0xd8}}, 0x0)

1.847669058s ago: executing program 0 (id=16426):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000003c0)='./file2\x00', 0x404a, &(0x7f0000000300), 0x1, 0x751, &(0x7f0000002880)="$eJzs3c1rXFUfB/DfvZNJ0pfnSSqlWhEccFFBnTS19W3VVlGoIqLiukM6LaXTpiQRTOwidelCBAWX6n9RcNONa8FF1a2uFIpUu6koI3demiGZSWKYzEXv5wN3cs49k5zzzSU5984d5gRQWJXsIY04HBFnk4ipzv4kIsqt0ljEyfbz7t25NvfHnWtzSTSbb/2atJ6T7Yue78ns61QmI+Lb00k8UNrY7+LyyqVao1Ff6NRnli5fnVlcXnnq4uXahfqF+pVjx0/MPnviuWeOPz+sqKVDZ558/dAHL976qvnmKy99c2I1yYKNtRt7cwxLJSr3fye9si5fHnZnOSl18vTmTMZyHBD/SNpzDA/FVJRi7eBNxdff5To4AGBXNEsRTQCgYBLzPwAUTPd1gHt3rs11t3xfkRit26eidaNyY/6xONn6OtUsR8Te35O1OyOV9v2u6SH0X4mIG3ffuZVtsUv3ITezej0iHuqXv3V3NKZbd3HX5e/cMzo6hP4r6+r/pvwnh9B/3vkBKKabp9oT2cb5L+3Mb/3nv8k+c9dO5D3/DT7/W8tf6pM/O/97Y5t9fPHRIw8Oaus9/8u2rP/uueAo3L4e8fDY4POfLH8yIP/ZbfZx4+f3a4Pa8s7f/DLiSN/rn7V3tCWbvz9x5vzFRv1o+7FvH5/MnPlwUP9558+O/94B+bc6/le32cdfB388Paht6/zpL+PJ263SeGfPe7WlpYXZiPHktY37j20+lu5zuj8jy//4Y5v//ffLn10Trm4z/+ev/vbZzvPvriz/uR0e/4+32cef8z9NDmrLOz8AAAAAAAAAAAAAAAAAAAAAAAAAjEIaEfsjSav3y2larbbX8D4Ye9PG/OLSE+fn371yLmuLmI5y2v2ky6l2Pcnqs53Pw+/Wj62rPx0RByLi04k9rXp1br5xLu/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCxb936/3cn2uv/AwD/cZN5DwAAGDnzPwAUj/kfAIrH/A8AxWP+B4DiMf8DQPGY/wEAAAAAAAAAAAAAAAAAAAAAYKQOPHrzhyQiVl/Y09oy4522cq4jA3ZbmvcAgNyU8h4AkJuxvAcA5MY1PpBs0T7wI8JXXUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAcRw5b/x+Kyvr/UFxW74Tisv4/FJdrfMD6/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsLX9rS1Jq521wPdHmlarEf+LiOkoJ+cvNupHI+L/EfH9RHkiq8/mPWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLLF5ZVLtUajvqCgoKBwv5D3fyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYvbVFv/MeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlaXF65VGs06gu7WMg7IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAw/R0AAP//8lssMw==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r1}, 0x10)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)

1.604920149s ago: executing program 2 (id=16428):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x8, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1.604123799s ago: executing program 4 (id=16431):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYRES8=0x0], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x400008a, 0x0)
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b11ae6, @void, @value}, 0x90)
dup2(r7, r7)

1.466241691s ago: executing program 0 (id=16432):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x1e, 0x805, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = openat$cgroup_freezer_state(r3, &(0x7f0000000140), 0x2, 0x0)
r7 = openat$cgroup_procs(r3, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f00000000c0), 0x12)
write$cgroup_freezer_state(r6, &(0x7f0000000400)='FROZEN\x00', 0x7)
write$cgroup_freezer_state(r6, &(0x7f0000000080)='THAWED\x00', 0x7)

722.810766ms ago: executing program 4 (id=16436):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000001880)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001440)=ANY=[@ANYRES16=r6, @ANYBLOB="290a00000000000000000100000008000100", @ANYRES32=r5, @ANYBLOB="0800050001000000b4000880"], 0xd8}}, 0x0)

662.745311ms ago: executing program 4 (id=16437):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000580)=""/104, 0x68}], 0x1)
write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)

534.862603ms ago: executing program 4 (id=16438):
getpriority(0x1, 0xe6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xb, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r1}, &(0x7f0000000540), &(0x7f0000000580)='%pI4   \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc02000000000000000000000000000004001200", @ANYRES32=0x0, @ANYBLOB], 0x8c}}, 0x0)

435.342901ms ago: executing program 2 (id=16429):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fsync(r1)

382.643616ms ago: executing program 2 (id=16439):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x8, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

139.431197ms ago: executing program 2 (id=16441):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000480)=ANY=[], 0x298)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r4, &(0x7f0000000b00)='./file0\x00', 0x0, 0x0)
getdents(r4, 0x0, 0x0)

91.238222ms ago: executing program 2 (id=16443):
r0 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r8}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x0, 0x0, 0x0, 0x4}, [@TCA_NETEM_RATE={0x14, 0xd}]}}}]}, 0x60}}, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e00221a850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_clone3(&(0x7f0000000500)={0x40000000, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)=<r10=>0x0, {0x17}, &(0x7f00000003c0)=""/44, 0x2c, &(0x7f0000000400)=""/28, &(0x7f00000004c0)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x6, {r0}}, 0x58)
setpriority(0x2, r10, 0x7f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
write$binfmt_script(r2, 0x0, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

90.971802ms ago: executing program 3 (id=16444):
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @void}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

71.457573ms ago: executing program 3 (id=16445):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0)

56.076955ms ago: executing program 3 (id=16446):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000001880)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001440)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="290a00000000000000000100000008000100", @ANYRES32=r5, @ANYBLOB="0800050001000000b4000880"], 0xd8}}, 0x0)

35.083147ms ago: executing program 3 (id=16447):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

23.825428ms ago: executing program 2 (id=16448):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0)
read$FUSE(r0, &(0x7f0000020940)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)

12.843778ms ago: executing program 3 (id=16449):
r0 = openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
flock(r0, 0x5)
ioctl(0xffffffffffffffff, 0x7f, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{}, [@TCA_NETEM_LOSS={0x18, 0xd, 0x0, 0x1, [@NETEM_LOSS_GE={0x14}]}]}}}]}, 0x64}}, 0x0)

0s ago: executing program 3 (id=16450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)='@\x9f+^\xbe-@(/[+\x9f{\x00', 0xfffffffffffffffe)

kernel console output (not intermixed with test programs):

00
[  784.064875][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  784.093371][   T30] audit: type=1326 audit(1725924957.495:12535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.3.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff39752cef9 code=0x7ffc0000
[  784.118316][   T30] audit: type=1326 audit(1725924957.495:12536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.3.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39752cef9 code=0x7ffc0000
[  784.119239][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  784.149187][   T30] audit: type=1326 audit(1725924957.495:12537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.3.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39752cef9 code=0x7ffc0000
[  784.173318][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  784.190146][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  784.190718][   T30] audit: type=1326 audit(1725924957.495:12538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.3.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff39752cef9 code=0x7ffc0000
[  784.197030][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  784.236769][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  784.255059][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  784.266725][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.271515][ T6332] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  784.273612][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  784.299569][ T6351] fuse: Unknown parameter 'user_i00000000000000000000'
[  784.311200][   T30] audit: type=1326 audit(1725924957.495:12539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.3.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39752cef9 code=0x7ffc0000
[  784.347246][ T6353] netlink: 188 bytes leftover after parsing attributes in process `syz.2.15922'.
[  784.388943][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  784.417588][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  784.494661][ T6362] attempt to access beyond end of device
[  784.494661][ T6362] loop1: rw=10241, want=45104, limit=40427
[  784.517148][ T6362] attempt to access beyond end of device
[  784.517148][ T6362] loop1: rw=2049, want=45112, limit=40427
[  784.744645][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  784.752681][ T6053] attempt to access beyond end of device
[  784.752681][ T6053] loop1: rw=2049, want=45120, limit=40427
[  784.794535][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  784.807454][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  784.829793][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  784.844040][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  784.853515][ T6298] device veth0_vlan entered promiscuous mode
[  784.864276][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  784.873001][ T6374] fuse: Unknown parameter 'user_id00000000000000000000'
[  784.876569][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  784.895521][ T6298] device veth1_macvtap entered promiscuous mode
[  784.934471][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  784.945858][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  784.973166][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  785.006793][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  785.015597][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  785.024031][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  785.032332][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  785.041863][   T10] device bridge_slave_1 left promiscuous mode
[  785.047928][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.055282][   T10] device bridge_slave_0 left promiscuous mode
[  785.061260][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.068995][   T10] device veth1_macvtap left promiscuous mode
[  785.075025][   T10] device veth0_vlan left promiscuous mode
[  785.157357][ T6384] device pim6reg1 entered promiscuous mode
[  785.216541][ T6381] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.223453][ T6381] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.231047][ T6381] device bridge_slave_0 entered promiscuous mode
[  785.238010][ T6381] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.245198][ T6381] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.252807][ T6381] device bridge_slave_1 entered promiscuous mode
[  785.310775][ T6381] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.317731][ T6381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  785.324896][ T6381] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.331740][ T6381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  785.360709][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  785.368676][ T6817] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.376296][ T6817] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.390505][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  785.398687][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  785.406778][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.413624][  T306] bridge0: port 1(bridge_slave_0) entered forwarding state
[  785.421017][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  785.429359][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  785.437768][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.444621][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  785.455133][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  785.462896][  T372] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  785.470629][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  785.489476][ T6381] device veth0_vlan entered promiscuous mode
[  785.496416][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  785.504754][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  785.512791][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  785.521105][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  785.529291][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  785.537139][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  785.545310][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  785.552720][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  785.569917][ T6381] device veth1_macvtap entered promiscuous mode
[  785.576884][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  785.585389][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  785.593385][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  785.607108][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  785.615477][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  785.628749][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  785.637155][ T6817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  785.665376][ T6391] netlink: 188 bytes leftover after parsing attributes in process `syz.0.15933'.
[  785.710533][  T372] usb 5-1: Using ep0 maxpacket: 32
[  785.841740][  T372] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  785.852792][  T372] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  785.862396][  T372] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  785.971356][   T10] device bridge_slave_1 left promiscuous mode
[  785.977351][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.984912][   T10] device bridge_slave_0 left promiscuous mode
[  785.990953][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.998923][   T10] device veth1_macvtap left promiscuous mode
[  786.004963][   T10] device veth0_vlan left promiscuous mode
[  786.040534][  T372] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  786.049416][  T372] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.057396][  T372] usb 5-1: Product: syz
[  786.062611][  T372] usb 5-1: Manufacturer: syz
[  786.067016][  T372] usb 5-1: SerialNumber: syz
[  786.390731][  T372] cdc_ncm 5-1:1.0: bind() failure
[  786.396483][  T372] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  786.403707][  T372] cdc_ncm 5-1:1.1: bind() failure
[  786.409555][  T372] usb 5-1: USB disconnect, device number 2
[  803.525008][ T6414] netlink: 'syz.2.15938': attribute type 3 has an invalid length.
[  803.581070][ T6414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15938'.
[  803.615257][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  803.615274][   T30] audit: type=1400 audit(1725924977.225:12574): avc:  denied  { create } for  pid=6413 comm="syz.2.15938" dev="anon_inodefs" ino=171936 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  803.643540][   T30] audit: type=1400 audit(1725924977.225:12575): avc:  denied  { ioctl } for  pid=6413 comm="syz.2.15938" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=171936 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  803.671244][   T30] audit: type=1400 audit(1725924977.225:12576): avc:  denied  { read } for  pid=6413 comm="syz.2.15938" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=171936 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  803.728619][ T6414] tipc: Enabling <eth:lo> not permitted
[  803.742030][ T6414] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  803.921315][ T6443] loop1: detected capacity change from 0 to 256
[  805.307294][ T6460] loop3: detected capacity change from 0 to 512
[  806.884722][ T6460] EXT4-fs (loop3): Invalid log block size: 33554433
[  806.939523][ T6470] loop0: detected capacity change from 0 to 1024
[  807.014295][ T6479] syz.4.15956[6479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  807.014354][ T6479] syz.4.15956[6479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  807.026323][ T6476] fuse: Unknown parameter 'user_id00000000000000000000'
[  807.113683][ T6470] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #2: comm syz.0.15952: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  807.291132][ T6470] EXT4-fs (loop0): get root inode failed
[  807.346493][ T6470] EXT4-fs (loop0): mount failed
[  807.934601][ T6497] overlayfs: failed to resolve './file0': -2
[  809.433840][   T30] audit: type=1400 audit(1725924981.545:12577): avc:  denied  { bind } for  pid=6469 comm="syz.0.15952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  809.484012][   T30] audit: type=1400 audit(1725924981.545:12578): avc:  denied  { setopt } for  pid=6469 comm="syz.0.15952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  809.501672][ T6511] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  809.514768][   T30] audit: type=1400 audit(1725924983.105:12579): avc:  denied  { read } for  pid=6508 comm="syz.3.15963" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  809.552312][   T30] audit: type=1400 audit(1725924983.105:12580): avc:  denied  { open } for  pid=6508 comm="syz.3.15963" path="/dev/kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  809.575655][   T30] audit: type=1400 audit(1725924983.105:12581): avc:  denied  { ioctl } for  pid=6508 comm="syz.3.15963" path="/dev/kvm" dev="devtmpfs" ino=82 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  810.205594][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15962'.
[  810.215365][ T6520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15962'.
[  810.320777][ T6520] loop1: detected capacity change from 0 to 512
[  810.328492][ T6817] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  810.379816][ T6520] EXT4-fs (loop1): Test dummy encryption mode enabled
[  810.561049][   T30] audit: type=1400 audit(1725924984.175:12582): avc:  denied  { write } for  pid=6523 comm="syz.3.15965" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  810.600983][ T6520] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.15962: inline data xattr refers to an external xattr inode
[  810.616458][ T6520] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.15962: couldn't read orphan inode 12 (err -117)
[  810.628372][ T6520] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,grpjquota=,resuid=0x0000000000000000,prjquota,usrjquota=,usrjquota=,min_batch_time=0x000000000000409e,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  810.690882][ T6530] ovl_get_inode: 2 callbacks suppressed
[  810.690900][ T6530] overlayfs: failed to get inode (-116)
[  810.701932][ T6530] overlayfs: failed to get inode (-116)
[  810.882190][ T6541] device pim6reg1 entered promiscuous mode
[  811.980939][ T6817] usb 3-1: config index 0 descriptor too short (expected 4114, got 18)
[  812.240767][ T6817] usb 3-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  812.255638][ T6817] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.322433][ T6817] usb 3-1: Product: syz
[  812.334860][ T6817] usb 3-1: Manufacturer: syz
[  812.348372][ T6817] usb 3-1: SerialNumber: syz
[  812.416598][ T6817] usb 3-1: config 0 descriptor??
[  812.530604][ T6817] usb 3-1: can't set config #0, error -71
[  812.540309][ T6817] usb 3-1: USB disconnect, device number 2
[  812.941908][ T6564] loop2: detected capacity change from 0 to 512
[  813.852307][ T6564] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  814.088919][ T6580] netlink: 'syz.4.15980': attribute type 12 has an invalid length.
[  814.130576][ T6544] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  814.426549][ T6564] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  814.443425][ T6564] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  814.470418][ T6544] usb 4-1: Using ep0 maxpacket: 8
[  814.590726][ T6544] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  814.954091][ T6544] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  814.963129][ T6544] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  814.971556][ T6544] usb 4-1: SerialNumber: syz
[  814.976777][ T6544] usb 4-1: config 0 descriptor??
[  815.137301][ T6598] loop2: detected capacity change from 0 to 512
[  815.191240][ T6602] loop4: detected capacity change from 0 to 512
[  815.197646][ T6598] EXT4-fs (loop2): 1 truncate cleaned up
[  815.203853][ T6598] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  815.223401][ T6602] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  815.236561][ T6602] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.15986: invalid block
[  815.247744][ T6602] EXT4-fs (loop4): Remounting filesystem read-only
[  815.254245][ T6602] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.15986: couldn't read orphan inode 11 (err -117)
[  815.266915][ T6602] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=continue,max_dir_size_kb=0x0000000000000009,data_err=abort,errors=remount-ro,noinit_itable,mblk_io_submit,i_version,acl,. Quota mode: none.
[  815.416179][ T6606] syz.2.15985[6606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  815.417843][ T6606] syz.2.15985[6606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  816.011968][ T6544] usb 4-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  816.030652][ T6544] usb 4-1: No valid video chain found.
[  816.036756][ T6544] usb 4-1: USB disconnect, device number 2
[  816.263705][   T30] audit: type=1326 audit(1725924989.705:12583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.295205][   T30] audit: type=1326 audit(1725924989.705:12584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.325986][   T30] audit: type=1326 audit(1725924989.715:12585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.371500][ T6613] loop2: detected capacity change from 0 to 512
[  816.386268][   T30] audit: type=1326 audit(1725924989.715:12586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.410078][   T30] audit: type=1326 audit(1725924989.715:12587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.433650][   T30] audit: type=1326 audit(1725924989.715:12588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.457276][   T30] audit: type=1326 audit(1725924989.715:12589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.480752][   T30] audit: type=1326 audit(1725924989.715:12590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.504118][   T30] audit: type=1326 audit(1725924989.715:12591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.527598][   T30] audit: type=1326 audit(1725924989.715:12592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.4.15986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  816.534617][ T6613] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  816.558278][ T6613] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  816.583490][ T6613] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  816.591986][ T6613] System zones: 1-12
[  816.600652][ T6613] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.15988: corrupted in-inode xattr
[  816.612977][ T6613] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.15988: couldn't read orphan inode 15 (err -117)
[  816.625292][ T6613] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000456d,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none.
[  817.716130][ T6627] loop4: detected capacity change from 0 to 256
[  820.548070][ T6651] loop1: detected capacity change from 0 to 512
[  820.615152][ T6654] loop0: detected capacity change from 0 to 512
[  820.647038][ T6651] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.15999: casefold flag without casefold feature
[  820.655154][ T6654] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  820.668799][ T6651] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.15999: missing EA_INODE flag
[  820.681408][ T6651] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.15999: error while reading EA inode 12 err=-117
[  820.701120][ T6651] EXT4-fs (loop1): 1 orphan inode deleted
[  820.707191][ T6651] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  820.758134][ T6665] loop4: detected capacity change from 0 to 256
[  820.910858][ T6654] EXT4-fs (loop0): failed to initialize system zone (-117)
[  820.952879][ T6654] EXT4-fs (loop0): mount failed
[  820.979247][ T6669] loop2: detected capacity change from 0 to 256
[  821.054382][ T6669] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  822.410141][ T6672] exFAT-fs (loop2): hint_cluster is invalid (17)
[  822.417715][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  822.417736][   T30] audit: type=1400 audit(1725924996.015:12629): avc:  denied  { write } for  pid=6668 comm="syz.2.16004" name="file1" dev="loop2" ino=1049025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  822.463263][ T6654] loop0: detected capacity change from 0 to 512
[  822.517671][ T6654] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  822.529072][ T6654] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff)
[  822.563700][ T6688] loop4: detected capacity change from 0 to 512
[  822.590951][ T6654] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 589824 out of range 0-6
[  822.606951][ T6654] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  822.608880][ T6690] loop3: detected capacity change from 0 to 512
[  822.618613][ T6654] EXT4-fs error (device loop0): ext4_acquire_dquot:6187: comm syz.0.16001: Failed to acquire dquot type 1
[  822.646380][ T6696] loop2: detected capacity change from 0 to 512
[  822.653502][ T6688] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[  822.667646][ T6688] ext4 filesystem being mounted at /19/bus supports timestamps until 2038 (0x7fffffff)
[  822.681700][ T6696] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  822.692071][ T6696] EXT4-fs (loop2): Unrecognized mount option "dont_measure" or missing value
[  822.731130][ T6702] netlink: 'syz.1.16015': attribute type 27 has an invalid length.
[  822.780083][ T6702] bridge0: port 2(bridge_slave_1) entered disabled state
[  822.787209][ T6702] bridge0: port 1(bridge_slave_0) entered disabled state
[  822.821234][ T6690] EXT4-fs (loop3): 1 truncate cleaned up
[  822.826725][ T6690] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  824.267096][ T6710] input: syz1 as /devices/virtual/input/input131
[  824.679829][ T6717] loop0: detected capacity change from 0 to 512
[  824.735719][ T6717] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.16018: corrupted in-inode xattr
[  824.750413][T25185] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  824.761550][ T6717] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.16018: couldn't read orphan inode 15 (err -117)
[  824.775244][ T6717] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  825.100547][T25185] usb 2-1: Using ep0 maxpacket: 8
[  825.151662][ T6729] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16011'.
[  825.240962][T25185] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  825.259272][T25185] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.271142][T25185] usb 2-1: config 0 descriptor??
[  825.410448][ T6546] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  825.592480][ T6737] loop4: detected capacity change from 0 to 1024
[  825.650009][ T6733] loop2: detected capacity change from 0 to 40427
[  825.650508][ T6546] usb 4-1: Using ep0 maxpacket: 16
[  825.682735][ T6733] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  825.690876][ T6733] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  825.712962][ T6733] F2FS-fs (loop2): invalid crc value
[  825.768226][ T6744] loop0: detected capacity change from 0 to 2048
[  825.771049][ T6733] F2FS-fs (loop2): Found nat_bits in checkpoint
[  825.780702][ T6546] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  825.810607][ T6733] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  825.817821][ T6733] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  826.266502][ T6744] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[  826.365603][ T6546] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  826.379192][ T6546] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.387124][ T6546] usb 4-1: Product: syz
[  826.394371][ T6546] usb 4-1: Manufacturer: syz
[  826.407254][ T6546] usb 4-1: SerialNumber: syz
[  826.505315][ T6546] usb 4-1: config 0 descriptor??
[  826.510745][ T6114] attempt to access beyond end of device
[  826.510745][ T6114] loop2: rw=2049, want=45104, limit=40427
[  826.544211][ T6546] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  826.952742][ T6546] usb 4-1: Detected FT232RL
[  826.963535][ T6757] fuse: Unknown parameter 'fd0x0000000000000009'
[  826.990502][ T6546] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  827.258730][ T6546] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  827.453579][ T6546] usb 4-1: USB disconnect, device number 3
[  827.465432][ T6546] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  827.477089][ T6546] ftdi_sio 4-1:0.0: device disconnected
[  827.512737][ T6702] device veth0_vlan left promiscuous mode
[  827.518823][ T6702] device veth0_vlan entered promiscuous mode
[  827.526285][ T6702] device veth1_macvtap left promiscuous mode
[  827.533490][ T6702] device veth1_macvtap entered promiscuous mode
[  827.542545][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  827.556094][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  827.563710][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  827.572858][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  827.579741][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  827.682892][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  827.704625][ T6772] loop0: detected capacity change from 0 to 2048
[  827.740693][T25185] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  827.808217][T25185] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  827.839167][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  827.855845][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  827.862764][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  827.865310][ T6776] loop1: detected capacity change from 0 to 2048
[  827.876671][T25185] asix: probe of 2-1:0.0 failed with error -71
[  827.886110][T25185] usb 2-1: USB disconnect, device number 2
[  827.886980][ T6772] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.16031: bad orphan inode 8192
[  827.891982][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  827.902235][ T6772] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  827.911110][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  827.928883][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  827.938281][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  827.946560][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  827.954893][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  827.963032][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  827.969044][ T6776] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz.1.16032: casefold flag without casefold feature
[  827.971300][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  827.984255][ T6776] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  827.992333][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  828.002679][ T6776] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  828.015598][ T6776] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  828.075439][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  828.083714][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  828.092067][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  828.100604][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  828.108948][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  828.110838][ T6788] loop3: detected capacity change from 0 to 512
[  828.117046][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  828.130947][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  828.138911][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  828.147517][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  828.156854][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  828.166554][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  828.179967][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  828.189426][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  828.198046][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  828.244921][ T6791] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  828.253735][ T6791] overlayfs: missing 'lowerdir'
[  828.410450][ T6788] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[  828.410450][ T6788] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  828.410450][ T6788] 
[  828.436959][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  828.445139][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  828.454100][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  828.464557][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  828.473497][ T6788] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz.3.16035: corrupted inode contents
[  828.486241][ T6788] EXT4-fs (loop3): Remounting filesystem read-only
[  828.492784][ T6788] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #3: comm syz.3.16035: mark_inode_dirty error
[  828.504748][ T6788] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #3: comm syz.3.16035: corrupted inode contents
[  828.517248][ T6788] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.16035: mark_inode_dirty error
[  828.531309][ T6788] Quota error (device loop3): write_blk: dquota write failed
[  828.538703][ T6788] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  828.570588][ T6788] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.16035: Failed to acquire dquot type 0
[  828.600991][ T6788] EXT4-fs (loop3): 1 truncate cleaned up
[  828.606843][ T6788] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,. Quota mode: writeback.
[  828.622861][ T6788] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038 (0x7fffffff)
[  828.646139][ T6802] loop1: detected capacity change from 0 to 128
[  828.662214][ T6788] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.16035: inode #59392: comm syz.3.16035: iget: illegal inode #
[  828.666913][ T6805] overlayfs: failed to get inode (-116)
[  828.681158][ T6805] overlayfs: failed to get inode (-116)
[  828.693787][ T6788] EXT4-fs (loop3): Remounting filesystem read-only
[  828.695759][ T6806] loop2: detected capacity change from 0 to 2048
[  828.700309][ T6788] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.16035: error while reading EA inode 59392 err=-117
[  828.702305][ T6807] EXT4-fs (loop3): shut down requested (2)
[  828.726511][ T6802] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  828.737087][  T313] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  828.744301][ T6811] loop0: detected capacity change from 0 to 256
[  828.745530][ T6802] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  828.782353][ T6788] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.16035: inode #59392: comm syz.3.16035: iget: illegal inode #
[  828.796072][ T6788] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.16035: error while reading EA inode 59392 err=-117
[  828.809729][ T6788] EXT4-fs warning (device loop3): ext4_evict_inode:303: xattr delete (err -5)
[  828.826441][ T6811] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  828.831630][ T6517] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  828.859125][ T6517] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  828.869883][ T6517] Quota error (device loop3): write_blk: dquota write failed
[  828.877439][ T6517] Quota error (device loop3): free_dqentry: Can't write quota data block 5
[  828.896252][ T6517] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  828.909000][ T6517] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  828.919436][ T6517] Quota error (device loop3): write_blk: dquota write failed
[  828.928964][ T6517] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  828.938986][ T6517] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  828.950061][ T6517] Quota error (device loop3): write_blk: dquota write failed
[  828.957763][ T6517] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  828.967465][ T6517] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  828.969060][ T6806] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  828.977679][ T6517] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  829.004330][ T6816] loop1: detected capacity change from 0 to 512
[  829.625538][ T6816] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  829.881331][ T6824] netlink: 'syz.3.16043': attribute type 27 has an invalid length.
[  829.883750][ T6816] EXT4-fs (loop1): failed to initialize system zone (-117)
[  829.896331][ T6816] EXT4-fs (loop1): mount failed
[  829.929925][ T6829] loop2: detected capacity change from 0 to 1024
[  829.938194][  T313] usb 5-1: config 0 has no interfaces?
[  829.945633][  T313] usb 5-1: New USB device found, idVendor=056a, idProduct=01bb, bcdDevice= 0.00
[  829.954713][  T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  829.963320][  T313] usb 5-1: config 0 descriptor??
[  829.969356][ T6824] bridge0: port 2(bridge_slave_1) entered disabled state
[  829.976436][ T6824] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.991128][ T6829] EXT4-fs (loop2): Ignoring removed orlov option
[  830.001473][ T6829] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  830.019717][ T6816] loop1: detected capacity change from 0 to 512
[  830.031307][ T6829] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[  830.039334][ T6829] System zones: 0-1, 3-36
[  830.045637][ T6829] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,inlinecrypt,usrquota,,errors=continue. Quota mode: writeback.
[  830.083826][ T6816] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  830.095166][ T6816] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038 (0x7fffffff)
[  830.124316][ T6816] EXT4-fs error (device loop1): ext4_acquire_dquot:6187: comm syz.1.16044: Failed to acquire dquot type 1
[  830.230809][T25185] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  830.330766][ T6796] loop4: detected capacity change from 0 to 1024
[  830.493192][ T6850] overlayfs: failed to get inode (-116)
[  830.499983][ T6850] overlayfs: failed to get inode (-116)
[  830.505588][T25185] usb 4-1: Using ep0 maxpacket: 8
[  830.514703][ T6838] netlink: 'syz.2.16045': attribute type 4 has an invalid length.
[  830.537373][ T6796] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  830.543125][ T6855] loop0: detected capacity change from 0 to 512
[  830.571697][ T6854] loop1: detected capacity change from 0 to 128
[  830.602853][ T6855] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  830.630675][ T6854] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  830.641742][ T6854] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  830.657914][ T6855] EXT4-fs (loop0): failed to initialize system zone (-117)
[  830.683527][ T6855] EXT4-fs (loop0): mount failed
[  830.700517][T25185] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  830.709381][T25185] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.717912][T25185] usb 4-1: config 0 descriptor??
[  831.788419][ T6868] loop1: detected capacity change from 0 to 2048
[  831.801887][ T6817] usb 5-1: USB disconnect, device number 3
[  831.815379][ T6855] loop0: detected capacity change from 0 to 512
[  831.847900][ T6872] loop4: detected capacity change from 0 to 256
[  831.862461][ T6868] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  832.748530][ T6855] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  832.764513][ T6855] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038 (0x7fffffff)
[  832.790950][ T6855] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  832.802776][ T6885] loop2: detected capacity change from 0 to 512
[  832.841448][ T6885] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  832.897574][ T6885] EXT4-fs (loop2): failed to initialize system zone (-117)
[  832.904968][ T6885] EXT4-fs (loop2): mount failed
[  832.970486][ T6885] loop2: detected capacity change from 0 to 512
[  833.001471][ T6898] syz.1.16063[6898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.001536][ T6898] syz.1.16063[6898] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.075839][ T6885] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  833.110480][ T6885] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038 (0x7fffffff)
[  833.141416][ T6885] EXT4-fs error (device loop2): ext4_acquire_dquot:6187: comm syz.2.16061: Failed to acquire dquot type 1
[  833.160459][  T313] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  833.298968][ T6898] loop1: detected capacity change from 0 to 40427
[  833.351927][ T6898] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  833.363545][ T6898] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  833.382949][ T6898] F2FS-fs (loop1): invalid crc value
[  833.389993][ T6898] F2FS-fs (loop1): Found nat_bits in checkpoint
[  833.400462][  T313] usb 1-1: Using ep0 maxpacket: 32
[  833.424343][ T6898] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  833.431880][ T6898] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  833.694465][ T6898] binder: 6897:6898 unknown command 0
[  833.699882][ T6898] binder: 6897:6898 ioctl c0306201 200004c0 returned -22
[  833.779630][ T6544] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  833.830622][  T313] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  833.841128][  T313] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  833.851968][  T313] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  833.861534][  T313] usb 1-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  833.874091][  T313] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  833.883731][  T313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.900499][ T6544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  834.924691][ T6544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  834.940914][T25185] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  834.961835][  T313] ntrig 0003:1B96:000A.0001: unknown main item tag 0x0
[  834.968572][T25185] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  834.971591][  T313] ntrig 0003:1B96:000A.0001: unknown main item tag 0x0
[  834.994097][  T313] ntrig 0003:1B96:000A.0001: unknown main item tag 0x0
[  835.000931][  T313] ntrig 0003:1B96:000A.0001: unknown main item tag 0x0
[  835.007623][  T313] ntrig 0003:1B96:000A.0001: unknown main item tag 0x0
[  835.018520][  T313] ntrig 0003:1B96:000A.0001: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[  835.038084][T25185] asix: probe of 4-1:0.0 failed with error -71
[  835.044498][ T6544] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  835.054703][T25185] usb 4-1: USB disconnect, device number 4
[  835.060935][ T6544] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  835.077522][ T6544] usb 5-1: config 0 descriptor??
[  835.334040][ T6950] loop2: detected capacity change from 0 to 512
[  835.344457][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  835.344484][   T30] audit: type=1400 audit(1725925008.815:12634): avc:  denied  { write } for  pid=6938 comm="syz.3.16078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  835.440790][ T6950] EXT4-fs (loop2): Ignoring removed orlov option
[  835.474617][   T30] audit: type=1400 audit(1725925009.035:12635): avc:  denied  { write } for  pid=6889 comm="syz.0.16062" name="hidraw0" dev="devtmpfs" ino=1932 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  835.517490][ T6950] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  835.518363][ T6891] loop0: detected capacity change from 0 to 256
[  835.598919][ T6950] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0002]
[  835.613889][ T6950] System zones: 1-12
[  835.625151][ T6950] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.16081: casefold flag without casefold feature
[  835.641091][ T6950] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.16081: missing EA_INODE flag
[  835.654531][ T6950] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.16081: error while reading EA inode 12 err=-117
[  835.667326][ T6950] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.16081: missing EA_INODE flag
[  835.679479][ T6950] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.16081: error while reading EA inode 12 err=-117
[  835.693381][  T313] usb 1-1: USB disconnect, device number 2
[  835.693377][ T6950] EXT4-fs (loop2): 1 orphan inode deleted
[  835.704786][ T6950] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,abort,debug_want_extra_isize=0x000000000000005c,debug,noinit_itable,errors=continue,usrjquota=,orlov,minixdf,resgid=0x0000000000000000,,errors=continue. Quota mode: none.
[  835.820727][ T6544] hid (null): bogus close delimiter
[  836.176955][ T6959] overlayfs: failed to resolve './file0': -2
[  836.224077][ T6544] usb 5-1: language id specifier not provided by device, defaulting to English
[  836.228825][ T6966] loop1: detected capacity change from 0 to 1024
[  836.295885][ T6966] EXT4-fs (loop1): Test dummy encryption mode enabled
[  836.302620][ T6966] EXT4-fs (loop1): Ignoring removed orlov option
[  836.327902][ T6966] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  836.664377][ T6974] binder: 6969:6974 ioctl 4018620d 0 returned -22
[  836.872276][ T6544] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input133
[  836.893975][ T6544] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0002/input/input134
[  837.520835][ T6544] uclogic 0003:256C:006D.0002: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[  837.538954][ T6544] usb 5-1: USB disconnect, device number 4
[  837.578983][ T6989] loop3: detected capacity change from 0 to 512
[  837.722778][   T30] audit: type=1326 audit(1725925011.205:12636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  837.857118][ T6993] loop0: detected capacity change from 0 to 2048
[  837.866839][ T6989] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  837.912723][   T30] audit: type=1326 audit(1725925011.205:12637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  837.936753][   T30] audit: type=1326 audit(1725925011.215:12638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  837.965364][   T30] audit: type=1326 audit(1725925011.215:12639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  837.990869][   T30] audit: type=1326 audit(1725925011.215:12640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  838.014806][   T30] audit: type=1326 audit(1725925011.215:12641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  838.038633][   T30] audit: type=1326 audit(1725925011.215:12642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  838.172957][ T6989] EXT4-fs (loop3): failed to initialize system zone (-117)
[  838.311358][   T30] audit: type=1326 audit(1725925011.215:12643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6984 comm="syz.1.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x7ffc0000
[  838.332186][ T6993] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz.0.16093: casefold flag without casefold feature
[  838.334900][ T6989] EXT4-fs (loop3): mount failed
[  838.347839][ T6993] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  838.363679][ T7001] input: syz0 as /devices/virtual/input/input136
[  838.383986][ T6993] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  838.391510][ T6993] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  839.446206][ T7022] loop0: detected capacity change from 0 to 2048
[  839.516003][ T7025] 9pnet: Could not find request transport: fd0x0000000000000008
[  839.575029][ T7022] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  839.586531][ T7029] loop3: detected capacity change from 0 to 2048
[  839.662759][ T7039] input: syz0 as /devices/virtual/input/input137
[  839.719194][ T7045] loop4: detected capacity change from 0 to 512
[  839.863984][ T7045] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  839.986611][ T7045] EXT4-fs (loop4): failed to initialize system zone (-117)
[  840.007914][ T7045] EXT4-fs (loop4): mount failed
[  840.056810][ T7029] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.16105: bad orphan inode 8192
[  840.067146][ T7029] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  841.998225][ T7075] loop3: detected capacity change from 0 to 512
[  842.028609][ T7076] 9pnet: Could not find request transport: fd0x0000000000000004
[  842.063876][ T7075] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  842.162639][ T7075] EXT4-fs (loop3): failed to initialize system zone (-117)
[  842.169900][ T7075] EXT4-fs (loop3): mount failed
[  842.420540][ T6544] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  842.699149][ T7098] netlink: 9 bytes leftover after parsing attributes in process `syz.3.16116'.
[  842.709370][ T7098] device gretap0 entered promiscuous mode
[  842.723012][ T7098] netlink: 5 bytes leftover after parsing attributes in process `syz.3.16116'.
[  842.732399][ T7098] 0ªX¹¦D: renamed from gretap0
[  842.742758][ T7098] device 
30ªX¹¦D left promiscuous mode
[  842.751168][ T7098] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  843.000528][ T6544] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  843.022649][ T6544] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  843.045561][ T6544] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  843.060671][ T6544] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.071577][ T6544] usb 1-1: config 0 descriptor??
[  843.149473][ T7108] loop1: detected capacity change from 0 to 512
[  843.207080][ T7115] loop3: detected capacity change from 0 to 2048
[  843.231793][ T7108] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  843.510714][ T7115] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.16130: bad orphan inode 8192
[  843.535657][ T7115] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  843.639531][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.650421][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.661311][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.672216][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.684133][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.696364][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.710553][ T6544] isku 0003:1E7D:319C.0003: unknown main item tag 0x0
[  843.766681][ T7121] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  843.775541][ T7121] overlayfs: missing 'lowerdir'
[  843.793246][ T6544] isku 0003:1E7D:319C.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[  844.063173][ T7127] 9pnet: Could not find request transport: fd0x0000000000000008
[  844.095997][ T6544] usb 1-1: USB disconnect, device number 3
[  844.810848][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  844.810932][   T30] audit: type=1326 audit(1725925017.875:12675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  844.958543][ T7139] loop2: detected capacity change from 0 to 256
[  844.989251][   T30] audit: type=1326 audit(1725925017.875:12676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.023109][   T30] audit: type=1326 audit(1725925017.885:12677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.057622][ T7139] FAT-fs (loop2): Directory bread(block 64) failed
[  845.089913][ T7139] FAT-fs (loop2): Directory bread(block 65) failed
[  845.115810][ T7139] FAT-fs (loop2): Directory bread(block 66) failed
[  845.139234][   T30] audit: type=1326 audit(1725925017.885:12678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.163798][ T7139] FAT-fs (loop2): Directory bread(block 67) failed
[  845.172087][ T7139] FAT-fs (loop2): Directory bread(block 68) failed
[  845.178500][ T7139] FAT-fs (loop2): Directory bread(block 69) failed
[  845.227725][ T7139] FAT-fs (loop2): Directory bread(block 70) failed
[  845.329226][ T7139] FAT-fs (loop2): Directory bread(block 71) failed
[  845.373610][   T30] audit: type=1326 audit(1725925017.895:12679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.403132][ T7139] FAT-fs (loop2): Directory bread(block 72) failed
[  845.409511][ T7139] FAT-fs (loop2): Directory bread(block 73) failed
[  845.420831][   T30] audit: type=1326 audit(1725925017.895:12680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.448164][   T30] audit: type=1326 audit(1725925017.905:12681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.481242][   T30] audit: type=1326 audit(1725925017.905:12682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.507725][   T30] audit: type=1326 audit(1725925017.905:12683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.531565][   T30] audit: type=1326 audit(1725925017.905:12684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7124 comm="syz.4.16132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68091e3ef9 code=0x7ffc0000
[  845.597750][ T7162] 9pnet: Insufficient options for proto=fd
[  845.746839][ T6544] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  845.750687][ T7171] netlink: 188 bytes leftover after parsing attributes in process `syz.0.16142'.
[  846.231292][ T7175] syz.1.16148[7175] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  846.232619][ T7175] syz.1.16148[7175] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  846.286197][ T7180] loop1: detected capacity change from 0 to 1024
[  846.357083][ T7180] EXT4-fs (loop1): Test dummy encryption mode enabled
[  846.364132][ T7180] EXT4-fs (loop1): Ignoring removed orlov option
[  846.373285][ T7180] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  846.410563][ T6544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  846.421469][ T6544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  846.430428][ T9444] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  846.431076][ T6544] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  846.451143][ T6544] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  846.460286][ T6544] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.478100][ T6544] usb 5-1: config 0 descriptor??
[  846.492017][ T7191] loop2: detected capacity change from 0 to 1024
[  846.540622][ T7191] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000007,resgid=0x0000000000000000,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  846.627027][ T7196] loop3: detected capacity change from 0 to 512
[  846.649344][ T7199] 9pnet: Insufficient options for proto=fd
[  846.675956][ T7196] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  846.863041][ T7196] EXT4-fs (loop3): failed to initialize system zone (-117)
[  846.877618][ T7196] EXT4-fs (loop3): mount failed
[  847.000442][ T9444] usb 1-1: Using ep0 maxpacket: 8
[  847.021087][ T7196] loop3: detected capacity change from 0 to 512
[  847.033224][ T7196] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  847.044354][ T7196] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038 (0x7fffffff)
[  847.056363][ T7196] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.16154: Failed to acquire dquot type 1
[  847.127517][ T7217] loop1: detected capacity change from 0 to 16
[  847.150861][ T9444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  847.162077][ T9444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8192, setting to 1024
[  847.173404][ T9444] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  847.191390][ T7217] erofs: (device loop1): erofs_read_inode: bogus i_mode (262) @ nid 36
[  847.225408][ T6544] usbhid 5-1:0.0: can't add hid device: -71
[  847.230843][ T9444] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  847.232296][ T6544] usbhid: probe of 5-1:0.0 failed with error -71
[  847.262553][ T9444] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  847.405837][ T9444] usb 1-1: config 0 descriptor??
[  847.438387][ T6544] usb 5-1: USB disconnect, device number 5
[  847.498012][ T7222] loop2: detected capacity change from 0 to 128
[  847.652586][ T7231] 9pnet: Insufficient options for proto=fd
[  848.056584][ T7238] loop3: detected capacity change from 0 to 128
[  848.358015][ T7241] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  848.700988][T25435] Bluetooth: hci0: sending frame failed (-49)
[  848.792282][ T7246] loop2: detected capacity change from 0 to 512
[  848.796187][ T7248] overlayfs: failed to get inode (-116)
[  848.803997][ T7248] overlayfs: failed to get inode (-116)
[  848.821873][ T7251] loop1: detected capacity change from 0 to 512
[  848.841238][ T7246] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  848.841238][ T7246] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  848.841238][ T7246] 
[  848.860465][ T7251] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  848.877901][ T7246] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #3: comm syz.2.16170: corrupted inode contents
[  848.890046][ T7246] EXT4-fs (loop2): Remounting filesystem read-only
[  848.892613][ T7251] EXT4-fs (loop1): failed to initialize system zone (-117)
[  848.896936][ T7246] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #3: comm syz.2.16170: mark_inode_dirty error
[  848.903529][ T7251] EXT4-fs (loop1): mount failed
[  848.915661][ T7246] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #3: comm syz.2.16170: corrupted inode contents
[  848.931522][ T7246] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.16170: mark_inode_dirty error
[  848.943165][ T7246] EXT4-fs error (device loop2): ext4_acquire_dquot:6187: comm syz.2.16170: Failed to acquire dquot type 0
[  848.954875][ T7246] EXT4-fs (loop2): 1 truncate cleaned up
[  848.960436][ T7246] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,. Quota mode: writeback.
[  848.972664][ T7246] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038 (0x7fffffff)
[  848.987713][ T7246] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.16170: inode #59392: comm syz.2.16170: iget: illegal inode #
[  849.001470][ T7246] EXT4-fs (loop2): Remounting filesystem read-only
[  849.007823][ T7246] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.16170: error while reading EA inode 59392 err=-117
[  849.020637][ T7246] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.16170: inode #59392: comm syz.2.16170: iget: illegal inode #
[  849.038051][ T7246] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.16170: error while reading EA inode 59392 err=-117
[  849.041142][ T7251] loop1: detected capacity change from 0 to 512
[  849.060396][  T416] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  849.070435][ T6544] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  849.071223][  T416] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  849.088482][  T416] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  849.099242][  T416] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  849.109256][  T416] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  849.132292][ T7251] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  849.143274][ T7251] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038 (0x7fffffff)
[  849.155500][ T7251] EXT4-fs error (device loop1): ext4_acquire_dquot:6187: comm syz.1.16172: Failed to acquire dquot type 1
[  849.262837][ T7271] 9pnet: Insufficient options for proto=fd
[  849.307732][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16181'.
[  849.440107][ T6544] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  849.451240][ T6544] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  849.458527][ T7281] overlayfs: failed to get inode (-116)
[  849.461467][ T6544] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  849.475420][ T7281] overlayfs: failed to get inode (-116)
[  849.480903][ T6544] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.489697][ T6544] usb 4-1: config 0 descriptor??
[  849.500564][ T1844] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  849.521163][ T9444] usbhid 1-1:0.0: can't add hid device: -71
[  849.527029][ T9444] usbhid: probe of 1-1:0.0 failed with error -71
[  849.536383][ T9444] usb 1-1: USB disconnect, device number 4
[  849.565794][ T7289] loop0: detected capacity change from 0 to 128
[  849.650529][T25185] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  850.020839][T25185] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  850.032410][T25185] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  850.042276][T25185] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  850.049749][ T1844] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  850.051583][T25185] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  850.065368][ T1844] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  850.079567][ T1844] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  850.092170][ T1844] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  850.100988][ T1844] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  850.110258][ T1844] usb 2-1: config 0 descriptor??
[  850.613990][ T7296] device pim6reg1 entered promiscuous mode
[  850.660504][ T6544] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71
[  850.660537][ T1844] usbhid 2-1:0.0: can't add hid device: -71
[  850.669508][ T6544] uclogic 0003:256C:006D.0004: failed probing parameters: -71
[  850.675033][ T1844] usbhid: probe of 2-1:0.0 failed with error -71
[  850.690727][ T1844] usb 2-1: USB disconnect, device number 3
[  850.698989][ T7298] 9pnet: Insufficient options for proto=fd
[  850.699830][ T6544] uclogic: probe of 0003:256C:006D.0004 failed with error -71
[  850.724827][ T6544] usb 4-1: USB disconnect, device number 5
[  850.737846][  T306] Bluetooth: hci0: command 0x1003 tx timeout
[  850.743824][ T7242] Bluetooth: hci0: sending frame failed (-49)
[  851.050782][T25185] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  851.071456][T25185] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input140
[  851.081395][T25185] input: failed to attach handler kbd to device input140, error: -5
[  851.117665][ T7307] loop1: detected capacity change from 0 to 512
[  851.140813][ T7309] overlayfs: failed to get inode (-116)
[  851.146317][ T7309] overlayfs: failed to get inode (-116)
[  851.156151][ T7307] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  851.173863][ T7307] EXT4-fs (loop1): orphan cleanup on readonly fs
[  851.180943][ T7307] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3880: comm syz.1.16193: Allocating blocks 41-42 which overlap fs metadata
[  851.195467][ T7307] EXT4-fs (loop1): Remounting filesystem read-only
[  851.202228][ T7307] __quota_error: 104 callbacks suppressed
[  851.202248][ T7307] Quota error (device loop1): write_blk: dquota write failed
[  851.215596][ T7307] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  851.225452][ T7307] EXT4-fs error (device loop1): ext4_acquire_dquot:6187: comm syz.1.16193: Failed to acquire dquot type 0
[  851.236961][ T7307] EXT4-fs (loop1): 1 truncate cleaned up
[  851.242640][ T7307] EXT4-fs (loop1): pa ffff88810df60150: logic 1, phys. 41, len 23
[  851.250271][ T7307] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4897: group 0, free 22, pa_free 23
[  851.260718][ T7307] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000005,noblock_validity,usrquota,grpjquota=,nogrpid,errors=remount-ro,noinit_itable,inode_readahead_blks=0x0000000000000000,resuid=0x00000000000000002. Quota mode: writeback.
[  851.286372][    T6] usb 3-1: USB disconnect, device number 3
[  851.349913][   T30] audit: type=1326 audit(1725925024.955:12772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.1.16193" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fae695ef9 code=0x0
[  851.379258][ T7315] loop3: detected capacity change from 0 to 2048
[  851.453264][   T30] audit: type=1400 audit(1725925025.065:12773): avc:  denied  { create } for  pid=7306 comm="syz.1.16193" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[  851.474261][ T7315] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.16196: bad orphan inode 8192
[  851.484722][ T7315] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  851.667723][ T7322] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  851.677031][ T7322] overlayfs: missing 'lowerdir'
[  851.954501][ T6053] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  851.973604][ T6053] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  852.244991][ T7341] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.252114][ T7341] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.259542][ T7341] device bridge_slave_0 entered promiscuous mode
[  852.266765][ T7341] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.273874][ T7341] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.281391][ T7341] device bridge_slave_1 entered promiscuous mode
[  852.356928][ T7341] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.363803][ T7341] bridge0: port 2(bridge_slave_1) entered forwarding state
[  852.370926][ T7341] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.377758][ T7341] bridge0: port 1(bridge_slave_0) entered forwarding state
[  852.400870][T25185] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  852.444211][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  852.518902][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.528751][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.576259][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  852.587941][ T6544] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.594862][ T6544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  852.652184][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  852.660333][ T6544] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.667230][ T6544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  852.674894][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  852.682849][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  852.696204][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  852.708435][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  852.716413][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  852.723817][ T1844] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  852.732349][ T7341] device veth0_vlan entered promiscuous mode
[  852.746154][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  852.755916][ T7341] device veth1_macvtap entered promiscuous mode
[  852.763827][ T6517] device bridge_slave_1 left promiscuous mode
[  852.769878][ T6517] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.777400][T25185] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  852.788250][T25185] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  852.788532][ T6517] device bridge_slave_0 left promiscuous mode
[  852.797947][T25185] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  852.804042][ T6517] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.816843][T25185] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  852.840636][ T6517] device veth1_macvtap left promiscuous mode
[  852.846688][ T6517] device veth0_vlan left promiscuous mode
[  852.879974][T25185] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.888443][T25185] usb 3-1: config 0 descriptor??
[  852.893678][ T6544] Bluetooth: hci0: command 0x1001 tx timeout
[  852.899509][ T7242] Bluetooth: hci0: sending frame failed (-49)
[  852.978324][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  852.986938][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  853.158545][ T7359] loop3: detected capacity change from 0 to 128
[  853.183903][ T7359] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  853.197027][ T7359] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038 (0x7fffffff)
[  853.218560][   T30] audit: type=1400 audit(1725925026.825:12774): avc:  denied  { execute_no_trans } for  pid=7358 comm="syz.3.16210" path="/58/file0/file2" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  853.398273][ T7375] loop3: detected capacity change from 0 to 2048
[  853.413889][ T7375] EXT4-fs error (device loop3): ext4_fill_super:4831: inode #2: comm syz.3.16217: casefold flag without casefold feature
[  853.414880][ T7367] loop1: detected capacity change from 0 to 40427
[  853.427254][ T7375] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  853.442264][T25185] usbhid 3-1:0.0: can't add hid device: -71
[  853.445852][ T7367] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  853.448033][T25185] usbhid: probe of 3-1:0.0 failed with error -71
[  853.457967][ T7375] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  853.463869][T25185] usb 3-1: USB disconnect, device number 4
[  853.473869][ T7375] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  853.477317][ T7367] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  853.498274][ T7367] F2FS-fs (loop1): invalid crc value
[  853.505196][ T7367] F2FS-fs (loop1): Found nat_bits in checkpoint
[  853.539532][ T7367] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  853.547122][ T7367] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  854.098252][ T6517] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  854.121209][ T6517] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  854.166179][ T7402] loop0: detected capacity change from 0 to 2048
[  854.232454][ T7402] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  854.292248][ T7400] loop2: detected capacity change from 0 to 40427
[  854.344880][ T7407] loop1: detected capacity change from 0 to 512
[  854.352026][ T7400] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  854.360146][ T7400] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  854.371231][ T7400] F2FS-fs (loop2): Found nat_bits in checkpoint
[  854.589439][ T7400] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  854.599410][ T7407] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  854.622249][ T7400] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  854.637448][ T7407] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  854.683689][ T7421] loop0: detected capacity change from 0 to 2048
[  854.721510][ T7421] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz.0.16228: casefold flag without casefold feature
[  854.734764][ T7421] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  854.745364][ T7421] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  854.753234][ T7421] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  854.961505][ T6544] Bluetooth: hci0: command 0x1009 tx timeout
[  855.131239][ T6114] attempt to access beyond end of device
[  855.131239][ T6114] loop2: rw=2049, want=45104, limit=40427
[  855.158511][ T7446] overlayfs: failed to get inode (-116)
[  855.164254][ T7446] overlayfs: failed to get inode (-116)
[  855.198817][ T7448] loop3: detected capacity change from 0 to 2048
[  855.282790][ T7448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  855.596716][ T6544] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  855.634262][ T7459] loop1: detected capacity change from 0 to 2048
[  855.713481][ T7459] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz.1.16241: casefold flag without casefold feature
[  855.729741][ T7459] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  855.740924][ T7459] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  855.748458][ T7459] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  855.960568][ T6544] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  855.973550][ T6544] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  855.983273][ T6544] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  855.993618][ T7480] overlayfs: failed to get inode (-116)
[  855.999824][ T6544] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  856.001694][ T7480] overlayfs: failed to get inode (-116)
[  856.010703][ T6544] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  856.034237][ T6544] usb 3-1: config 0 descriptor??
[  856.100448][ T1844] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  856.125545][ T7484] loop3: detected capacity change from 0 to 2048
[  856.389276][ T7484] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.16252: bad orphan inode 8192
[  856.405235][ T7484] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  856.596155][ T7490] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  856.604969][ T7490] overlayfs: missing 'lowerdir'
[  856.620493][ T6544] usbhid 3-1:0.0: can't add hid device: -71
[  856.626653][ T6544] usbhid: probe of 3-1:0.0 failed with error -71
[  856.658308][ T6544] usb 3-1: USB disconnect, device number 5
[  856.908851][ T1844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  856.919807][ T1844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  856.929387][ T1844] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  856.938258][ T1844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  856.946907][ T1844] usb 1-1: config 0 descriptor??
[  857.051735][ T7497] loop3: detected capacity change from 0 to 512
[  857.137948][ T7497] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  857.149013][ T7497] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038 (0x7fffffff)
[  857.174388][ T7497] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #2: block 3: comm syz.3.16254: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[  857.246051][ T7505] loop2: detected capacity change from 0 to 2048
[  857.342095][ T7505] EXT4-fs error (device loop2): ext4_fill_super:4831: inode #2: comm syz.2.16257: casefold flag without casefold feature
[  857.354931][ T7505] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  857.365477][ T7505] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  857.373237][ T7505] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  857.452307][ T1844] arvo 0003:1E7D:30D4.0005: unknown main item tag 0x0
[  857.478045][ T1844] arvo 0003:1E7D:30D4.0005: item fetching failed at offset 5/7
[  857.485984][ T1844] arvo 0003:1E7D:30D4.0005: parse failed
[  857.491716][ T1844] arvo: probe of 0003:1E7D:30D4.0005 failed with error -22
[  857.652182][ T9444] usb 1-1: USB disconnect, device number 5
[  857.695501][ T7519] loop2: detected capacity change from 0 to 2048
[  857.772497][ T7519] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  857.788619][ T7521] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.795673][ T7521] bridge0: port 1(bridge_slave_0) entered disabled state
[  857.803674][ T7521] device bridge_slave_0 entered promiscuous mode
[  857.811229][ T7521] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.818301][ T7521] bridge0: port 2(bridge_slave_1) entered disabled state
[  857.825873][ T7521] device bridge_slave_1 entered promiscuous mode
[  858.703161][ T7521] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.710135][ T7521] bridge0: port 2(bridge_slave_1) entered forwarding state
[  858.717258][ T7521] bridge0: port 1(bridge_slave_0) entered blocking state
[  858.724146][ T7521] bridge0: port 1(bridge_slave_0) entered forwarding state
[  858.772511][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  858.788555][ T7538] loop1: detected capacity change from 0 to 2048
[  858.794223][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  858.847147][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  858.856621][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  858.866091][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  858.870677][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  858.873634][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  859.050513][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  859.076553][ T6546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  859.085516][ T6546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  859.089471][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  859.093542][ T6546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  859.123084][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  859.131278][ T6546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  859.144750][ T6278] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  859.152497][ T7538] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.16265: bad orphan inode 8192
[  859.183228][ T7538] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  859.194008][ T6278] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1)
[  859.200911][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  859.208823][ T6278] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #2: block 3: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[  859.226739][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  859.236800][ T7551] loop2: detected capacity change from 0 to 16
[  859.271171][ T7521] device veth0_vlan entered promiscuous mode
[  859.281956][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  859.290228][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  859.316205][ T7521] device veth1_macvtap entered promiscuous mode
[  859.327845][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  859.336010][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  859.343550][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  859.351497][ T6546] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  859.359272][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  859.371896][ T7551] erofs: (device loop2): erofs_read_inode: bogus i_mode (262) @ nid 36
[  859.480382][ T7553] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  859.489279][ T7553] overlayfs: missing 'lowerdir'
[  859.701919][ T9444] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  859.719635][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  859.728274][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  859.737362][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  859.745718][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  859.896816][ T7562] bridge0: port 1(bridge_slave_0) entered blocking state
[  859.904040][ T7562] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.911514][ T7562] device bridge_slave_0 entered promiscuous mode
[  859.919944][ T7562] bridge0: port 2(bridge_slave_1) entered blocking state
[  859.926951][ T7562] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.934372][ T7562] device bridge_slave_1 entered promiscuous mode
[  860.318273][ T7562] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.325190][ T7562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  860.332328][ T7562] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.339203][ T7562] bridge0: port 1(bridge_slave_0) entered forwarding state
[  860.360503][ T6546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  860.372170][ T6546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  860.374932][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  860.381833][ T6546] usb 1-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  860.397778][ T6546] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  860.397898][ T6544] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.406522][ T6546] usb 1-1: config 0 descriptor??
[  860.421935][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.457728][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  860.470834][ T6544] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.477722][ T6544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  860.486056][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  860.494893][ T6544] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.501916][ T6544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  860.580555][    T8] device bridge_slave_1 left promiscuous mode
[  860.588784][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.600306][    T8] device bridge_slave_0 left promiscuous mode
[  860.607991][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.713615][ T7574] overlayfs: failed to get inode (-116)
[  860.729806][ T7574] overlayfs: failed to get inode (-116)
[  860.741669][ T7576] loop4: detected capacity change from 0 to 512
[  860.749719][ T7576] EXT4-fs (loop4): Test dummy encryption mode enabled
[  860.779662][ T7576] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.16276: invalid block
[  860.790716][ T7576] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.16276: couldn't read orphan inode 11 (err -117)
[  860.803085][ T7576] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  860.854519][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  860.862922][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  860.879602][ T7562] device veth0_vlan entered promiscuous mode
[  860.888481][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  860.897129][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  860.905557][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  860.913831][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  860.922051][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  860.929446][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  860.945032][ T7562] device veth1_macvtap entered promiscuous mode
[  860.952473][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  860.960718][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  860.968906][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  860.977243][ T6546] petalynx 0003:18B1:0037.0006: collection stack underflow
[  860.988342][ T6546] petalynx 0003:18B1:0037.0006: item 0 1 0 12 parsing failed
[  860.993604][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  860.995869][ T6546] petalynx 0003:18B1:0037.0006: parse failed
[  861.011747][ T6546] petalynx: probe of 0003:18B1:0037.0006 failed with error -22
[  861.012487][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  861.049847][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  861.075876][ T6544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  861.524502][  T306] usb 1-1: USB disconnect, device number 6
[  861.545681][ T7592] loop2: detected capacity change from 0 to 256
[  861.646647][ T7592] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  862.666961][ T7607] loop4: detected capacity change from 0 to 2048
[  862.727301][ T7614] loop1: detected capacity change from 0 to 128
[  862.732279][ T7607] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.16283: bad orphan inode 8192
[  862.743880][ T7607] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  862.767168][ T7617] overlayfs: failed to get inode (-116)
[  862.772730][ T7617] overlayfs: failed to get inode (-116)
[  862.827380][ T7614] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  862.841437][ T7619] loop0: detected capacity change from 0 to 128
[  862.843855][ T7614] ext4 filesystem being mounted at /21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  862.897648][ T7619] EXT4-fs (loop0): Test dummy encryption mode enabled
[  862.912106][ T7619] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[  862.924619][ T7619] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038 (0x7fffffff)
[  863.918670][ T7644] loop1: detected capacity change from 0 to 2048
[  863.929583][ T7645] loop3: detected capacity change from 0 to 2048
[  864.004816][ T7644] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz.1.16296: casefold flag without casefold feature
[  864.017613][ T7644] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  864.322687][ T7647] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16295'.
[  864.338629][ T7645] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.16297: bad orphan inode 8192
[  864.349150][ T7644] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  864.357016][ T7645] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  864.358765][ T7644] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  864.392627][ T7657] overlayfs: failed to get inode (-116)
[  864.398167][ T7657] overlayfs: failed to get inode (-116)
[  864.476753][ T7663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16302'.
[  864.509013][ T7666] loop0: detected capacity change from 0 to 128
[  864.521331][ T7666] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  864.535452][ T7666] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  864.709754][ T7670] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  864.718618][ T7670] overlayfs: missing 'lowerdir'
[  864.990300][ T7674] loop2: detected capacity change from 0 to 2048
[  865.094371][ T7674] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.16304: bad orphan inode 8192
[  865.555316][ T7674] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  867.044486][ T7703] overlayfs: failed to get inode (-116)
[  867.051304][ T7703] overlayfs: failed to get inode (-116)
[  867.174190][ T7714] loop0: detected capacity change from 0 to 128
[  867.319021][ T7718] loop1: detected capacity change from 0 to 256
[  868.581966][ T7714] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  868.620595][ T7714] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  868.658136][ T7717] loop2: detected capacity change from 0 to 2048
[  868.714752][ T7717] EXT4-fs error (device loop2): ext4_fill_super:4831: inode #2: comm syz.2.16311: casefold flag without casefold feature
[  868.727751][ T7717] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  868.743703][ T7717] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  868.752470][ T7717] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  869.132811][ T7740] loop1: detected capacity change from 0 to 512
[  869.211791][ T7740] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  869.291171][ T7746] netlink: 32 bytes leftover after parsing attributes in process `syz.0.16320'.
[  870.028249][ T7740] EXT4-fs (loop1): 1 truncate cleaned up
[  870.064947][ T7740] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  871.351767][ T7765] loop3: detected capacity change from 0 to 128
[  871.378795][ T7768] loop0: detected capacity change from 0 to 512
[  871.387474][ T7765] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  871.398350][ T7765] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  871.424829][ T7773] loop2: detected capacity change from 0 to 2048
[  872.598133][ T7776] loop4: detected capacity change from 0 to 256
[  872.647664][ T7768] EXT4-fs (loop0): quotafile must be on filesystem root
[  872.778247][ T7773] EXT4-fs error (device loop2): ext4_fill_super:4831: inode #2: comm syz.2.16333: casefold flag without casefold feature
[  872.931021][ T7773] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  872.945850][ T7773] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  872.953473][ T7773] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  873.071078][ T7785] loop0: detected capacity change from 0 to 2048
[  873.082356][ T7785] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  873.163253][ T7794] loop4: detected capacity change from 0 to 512
[  873.243798][ T7794] EXT4-fs (loop4): Unrecognized mount option "appraise_type=imasig" or missing value
[  873.952193][ T7805] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16339'.
[  874.154648][   T30] audit: type=1400 audit(1725925047.555:12775): avc:  denied  { accept } for  pid=7793 comm="syz.4.16339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  874.227821][ T7814] loop0: detected capacity change from 0 to 256
[  874.234725][ T7816] loop4: detected capacity change from 0 to 512
[  874.253477][ T7818] loop1: detected capacity change from 0 to 128
[  874.271549][ T7816] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  874.626644][ T7818] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  874.637641][ T7816] EXT4-fs (loop4): 1 truncate cleaned up
[  874.645366][ T7816] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  875.843483][ T7818] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  875.873517][ T7833] loop3: detected capacity change from 0 to 2048
[  875.900792][ T7835] loop2: detected capacity change from 0 to 2048
[  875.985148][ T7833] EXT4-fs error (device loop3): ext4_fill_super:4831: inode #2: comm syz.3.16347: casefold flag without casefold feature
[  875.999265][ T7835] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  876.010187][ T7833] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  876.050569][ T7833] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  876.058133][ T7833] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  878.416316][   T30] audit: type=1326 audit(1725925052.025:12776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.4.16359" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f138d891ef9 code=0x0
[  878.530460][  T311] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  878.572962][ T7877] loop2: detected capacity change from 0 to 256
[  878.705227][ T7879] loop4: detected capacity change from 0 to 128
[  879.083582][ T7879] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  879.100183][ T7879] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  879.167060][ T7890] loop1: detected capacity change from 0 to 2048
[  879.200520][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  879.211794][ T7895] loop4: detected capacity change from 0 to 512
[  879.211887][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  879.227677][ T7890] EXT4-fs error (device loop1): ext4_fill_super:4831: inode #2: comm syz.1.16366: casefold flag without casefold feature
[  879.227909][ T7895] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  879.240722][  T311] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  879.250675][ T7890] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  879.258081][  T311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  879.270646][ T7890] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  879.282778][  T311] usb 4-1: config 0 descriptor??
[  879.287178][ T7890] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  879.304568][ T7895] EXT4-fs (loop4): failed to initialize system zone (-117)
[  879.311825][ T7895] EXT4-fs (loop4): mount failed
[  879.368218][ T7899] loop1: detected capacity change from 0 to 2048
[  879.381000][ T7895] loop4: detected capacity change from 0 to 512
[  879.436644][ T7899] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  879.462050][ T7895] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  879.473682][ T7895] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[  879.528956][ T7895] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 589824 out of range 0-6
[  879.539137][ T7895] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  879.549084][ T7895] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.16368: Failed to acquire dquot type 1
[  879.568033][ T7895] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  879.960667][  T311] usbhid 4-1:0.0: can't add hid device: -71
[  879.966641][  T311] usbhid: probe of 4-1:0.0 failed with error -71
[  879.988008][ T7912] loop2: detected capacity change from 0 to 256
[  880.013826][  T311] usb 4-1: USB disconnect, device number 6
[  880.215634][ T7914] loop4: detected capacity change from 0 to 2048
[  880.237011][ T7914] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  880.311963][ T7921] loop4: detected capacity change from 0 to 2048
[  880.361887][ T7921] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.16374: bad orphan inode 8192
[  880.372672][ T7921] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  880.772158][ T7931] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  880.780955][ T7931] overlayfs: missing 'lowerdir'
[  881.133363][ T7934] loop2: detected capacity change from 0 to 128
[  881.223334][ T7934] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  881.241104][ T7934] ext4 filesystem being mounted at /120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  881.646416][ T7949] loop4: detected capacity change from 0 to 2048
[  881.663794][ T7951] loop3: detected capacity change from 0 to 2048
[  881.732364][ T7951] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  881.853356][ T7967] loop3: detected capacity change from 0 to 1024
[  882.110819][ T7967] EXT4-fs (loop3): Ignoring removed orlov option
[  882.131138][ T7967] EXT4-fs (loop3): Ignoring removed bh option
[  882.152347][ T7967] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  882.252476][  T311] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  883.232807][ T6546] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  883.272560][ T7994] loop3: detected capacity change from 0 to 128
[  883.285980][ T7994] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  883.303467][ T7994] ext4 filesystem being mounted at /24/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  883.590749][ T6546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  883.605226][ T6546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  883.616021][ T6546] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  883.626180][ T6546] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  883.664329][ T6546] usb 1-1: config 0 descriptor??
[  883.770493][  T311] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  883.781356][  T311] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  883.792501][  T311] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  883.803685][  T311] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  883.812655][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  883.850674][ T7960] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  883.950469][   T60] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  884.086561][  T373] usb 3-1: USB disconnect, device number 6
[  884.200479][ T6546] usbhid 1-1:0.0: can't add hid device: -71
[  884.206409][ T6546] usbhid: probe of 1-1:0.0 failed with error -71
[  884.216643][ T6546] usb 1-1: USB disconnect, device number 7
[  884.310491][   T60] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  884.535179][   T60] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  884.544992][   T60] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  884.553827][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.614232][ T8020] loop2: detected capacity change from 0 to 512
[  884.639447][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #3: comm syz.2.16407: corrupted inode contents
[  884.654742][ T8020] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #3: comm syz.2.16407: mark_inode_dirty error
[  884.662767][ T8027] loop0: detected capacity change from 0 to 1024
[  884.667223][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #3: comm syz.2.16407: corrupted inode contents
[  884.684274][ T8020] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.16407: mark_inode_dirty error
[  884.695551][ T8027] EXT4-fs (loop0): Ignoring removed orlov option
[  884.696129][ T8020] Quota error (device loop2): write_blk: dquota write failed
[  884.701937][ T8027] EXT4-fs (loop0): Ignoring removed bh option
[  884.709588][ T8020] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  884.725252][ T8020] EXT4-fs error (device loop2): ext4_acquire_dquot:6187: comm syz.2.16407: Failed to acquire dquot type 0
[  884.737232][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #16: comm syz.2.16407: corrupted inode contents
[  884.749518][ T8020] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #16: comm syz.2.16407: mark_inode_dirty error
[  884.751425][ T8027] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  884.761495][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #16: comm syz.2.16407: corrupted inode contents
[  884.805476][ T8020] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.16407: mark_inode_dirty error
[  884.817199][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #16: comm syz.2.16407: corrupted inode contents
[  884.829362][ T8020] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  884.838129][ T8020] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #16: comm syz.2.16407: corrupted inode contents
[  884.850508][ T8020] EXT4-fs error (device loop2): ext4_truncate:4292: inode #16: comm syz.2.16407: mark_inode_dirty error
[  884.862029][ T8020] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  884.871434][ T8020] EXT4-fs (loop2): 1 truncate cleaned up
[  884.877348][ T8020] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  884.888619][ T8020] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038 (0x7fffffff)
[  885.840590][ T8046] loop2: detected capacity change from 0 to 1024
[  885.868833][ T8046] EXT4-fs (loop2): Invalid journal IO priority (must be 0-7)
[  885.878870][ T8043] loop0: detected capacity change from 0 to 128
[  886.216085][ T8043] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  886.238731][ T8043] ext4 filesystem being mounted at /93/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  886.283515][   T60] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  886.298139][   T60] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input146
[  886.301095][ T8055] loop2: detected capacity change from 0 to 512
[  886.318363][   T60] input: failed to attach handler kbd to device input146, error: -5
[  886.374015][ T8057] loop0: detected capacity change from 0 to 256
[  886.375180][ T8055] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  886.391071][ T8055] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038 (0x7fffffff)
[  886.486069][ T7690] usb 4-1: USB disconnect, device number 7
[  886.662861][ T6114] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  886.673677][ T6114] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  886.684293][ T6114] EXT4-fs error (device loop2): ext4_acquire_dquot:6187: comm syz-executor: Failed to acquire dquot type 0
[  886.732425][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16420'.
[  886.772478][ T8070] input: syz0 as /devices/virtual/input/input147
[  887.093703][ T8080] loop0: detected capacity change from 0 to 2048
[  887.151141][ T8080] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz.0.16426: casefold flag without casefold feature
[  887.155543][ T8085] loop4: detected capacity change from 0 to 256
[  887.175607][ T8080] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  887.191580][ T8080] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  887.226773][ T8080] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  887.316829][ T8087] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.328912][ T8087] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.340162][ T8096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16434'.
[  887.342265][ T8087] device bridge_slave_0 entered promiscuous mode
[  887.400588][ T8087] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.460667][ T8087] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.571414][ T8087] device bridge_slave_1 entered promiscuous mode
[  887.761232][ T8087] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.768131][ T8087] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.775299][ T8087] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.782345][ T8087] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.856416][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  887.864961][  T311] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.872208][  T311] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.884471][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  887.892759][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  887.900821][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.907666][  T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.915693][   T45] device bridge_slave_1 left promiscuous mode
[  887.921719][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.929219][   T45] device bridge_slave_0 left promiscuous mode
[  887.935479][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.943587][   T45] device veth1_macvtap left promiscuous mode
[  887.949528][   T45] device veth0_vlan left promiscuous mode
[  888.053191][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  888.061956][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  888.070210][T25185] bridge0: port 2(bridge_slave_1) entered blocking state
[  888.077113][T25185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  888.095093][ T8111] input: syz0 as /devices/virtual/input/input148
[  888.100687][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  888.109281][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  888.117363][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  888.126024][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  888.141337][ T8087] device veth0_vlan entered promiscuous mode
[  888.150949][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  888.159167][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  888.168205][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  888.177121][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  888.185847][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  888.193406][T25185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  888.204264][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  888.212585][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  888.225322][ T8087] device veth1_macvtap entered promiscuous mode
[  888.248893][ T7690] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  888.258855][ T7690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  888.268279][ T7690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  888.282557][ T7690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  888.291159][ T7690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  988.770383][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  988.777169][    C0] 	(detected by 0, t=10002 jiffies, g=166789, q=134)
[  988.783664][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10002 (4295036093-4295026091), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  988.797005][    C0] rcu: rcu_preempt kthread starved for 10002 jiffies! g166789 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  988.808115][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  988.818183][    C0] rcu: RCU grace-period kthread stack dump:
[  988.823899][    C0] task:rcu_preempt     state:R  running task     stack:28288 pid:   14 ppid:     2 flags:0x00004000
[  988.834479][    C0] Call Trace:
[  988.837638][    C0]  <TASK>
[  988.840404][    C0]  __schedule+0xccc/0x1590
[  988.844647][    C0]  ? release_firmware_map_entry+0x190/0x190
[  988.850539][    C0]  ? __kasan_check_write+0x14/0x20
[  988.855477][    C0]  schedule+0x11f/0x1e0
[  988.859470][    C0]  schedule_timeout+0x18c/0x370
[  988.864162][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  988.869214][    C0]  ? console_conditional_schedule+0x30/0x30
[  988.874918][    C0]  ? update_process_times+0x200/0x200
[  988.880131][    C0]  ? prepare_to_swait_event+0x308/0x320
[  988.885603][    C0]  rcu_gp_fqs_loop+0x2af/0xf80
[  988.890903][    C0]  ? debug_smp_processor_id+0x17/0x20
[  988.896097][    C0]  ? __note_gp_changes+0x4ab/0x920
[  988.901044][    C0]  ? rcu_gp_init+0xc30/0xc30
[  988.905468][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  988.910503][    C0]  ? rcu_gp_init+0x9cf/0xc30
[  988.914941][    C0]  rcu_gp_kthread+0xa4/0x350
[  988.919522][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  988.924196][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  988.928711][    C0]  ? __kasan_check_read+0x11/0x20
[  988.933650][    C0]  ? __kthread_parkme+0xb2/0x200
[  988.938537][    C0]  kthread+0x421/0x510
[  988.942541][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  988.947050][    C0]  ? kthread_blkcg+0xd0/0xd0
[  988.951647][    C0]  ret_from_fork+0x1f/0x30
[  988.955898][    C0]  </TASK>
[  988.958761][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  988.964969][    C0] Sending NMI from CPU 0 to CPUs 1:
[  988.969998][    C1] NMI backtrace for cpu 1
[  988.970010][    C1] CPU: 1 PID: 8142 Comm: syz.3.16450 Tainted: G        W         5.15.158-syzkaller-00979-gc53388f01037 #0
[  988.970030][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  988.970042][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  988.970063][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 9b ec 12 04 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  988.970078][    C1] RSP: 0018:ffffc90000bd7320 EFLAGS: 00000246
[  988.970094][    C1] RAX: 0000000000000003 RBX: 1ffff9200017ae68 RCX: ffffffff81552fff
[  988.970109][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888121dd5e08
[  988.970122][    C1] RBP: ffffc90000bd73d0 R08: dffffc0000000000 R09: ffffed10243babc2
[  988.970136][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  988.970149][    C1] R13: ffff888121dd5e08 R14: 0000000000000003 R15: 1ffff9200017ae6c
[  988.970162][    C1] FS:  00007fce2c4e36c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  988.970178][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  988.970191][    C1] CR2: 00007fce2c4e2f98 CR3: 00000001275c1000 CR4: 00000000003506a0
[  988.970207][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  988.970218][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  988.970229][    C1] Call Trace:
[  988.970235][    C1]  <NMI>
[  988.970242][    C1]  ? show_regs+0x58/0x60
[  988.970260][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  988.970282][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  988.970308][    C1]  ? kvm_wait+0x147/0x180
[  988.970323][    C1]  ? kvm_wait+0x147/0x180
[  988.970339][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  988.970364][    C1]  ? nmi_handle+0xa8/0x280
[  988.970381][    C1]  ? kvm_wait+0x147/0x180
[  988.970398][    C1]  ? default_do_nmi+0x69/0x160
[  988.970415][    C1]  ? exc_nmi+0xad/0x100
[  988.970429][    C1]  ? end_repeat_nmi+0x16/0x31
[  988.970448][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  988.970480][    C1]  ? kvm_wait+0x147/0x180
[  988.970496][    C1]  ? kvm_wait+0x147/0x180
[  988.970513][    C1]  ? kvm_wait+0x147/0x180
[  988.970528][    C1]  </NMI>
[  988.970534][    C1]  <TASK>
[  988.970539][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  988.970557][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  988.970575][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  988.970596][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  988.970619][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  988.970639][    C1]  ? __schedule+0xcd4/0x1590
[  988.970657][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  988.970676][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  988.970695][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[  988.970717][    C1]  sock_hash_delete_elem+0x177/0x400
[  988.970736][    C1]  ? freezing_slow_path+0x141/0x190
[  988.970756][    C1]  ? sock_hash_lookup+0x610/0x610
[  988.970776][    C1]  ? sock_map_unref+0x352/0x4d0
[  988.970795][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe88
[  988.970810][    C1]  bpf_trace_run2+0xec/0x210
[  988.970831][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  988.970849][    C1]  ? 0xffffffffa0028f88
[  988.970860][    C1]  ? sock_map_unref+0x352/0x4d0
[  988.970879][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  988.970896][    C1]  ? sock_map_unref+0x352/0x4d0
[  988.970915][    C1]  __bpf_trace_kfree+0x6f/0x90
[  988.970933][    C1]  ? sock_map_unref+0x352/0x4d0
[  988.970951][    C1]  kfree+0x1f3/0x220
[  988.970972][    C1]  sock_map_unref+0x352/0x4d0
[  988.970993][    C1]  sock_hash_delete_elem+0x388/0x400
[  988.971014][    C1]  ? sock_hash_lookup+0x610/0x610
[  988.971034][    C1]  ? ____kasan_kmalloc+0xed/0x110
[  988.971050][    C1]  ? ____kasan_kmalloc+0xdb/0x110
[  988.971066][    C1]  ? __kasan_kmalloc+0x9/0x10
[  988.971081][    C1]  ? __kmalloc+0x13a/0x270
[  988.971099][    C1]  ? key_user_lookup+0x1b9/0x470
[  988.971120][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe88
[  988.971134][    C1]  bpf_trace_run2+0xec/0x210
[  988.971153][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  988.971171][    C1]  ? key_user_lookup+0x1b9/0x470
[  988.971191][    C1]  ? key_user_lookup+0x1b9/0x470
[  988.971210][    C1]  __bpf_trace_kfree+0x6f/0x90
[  988.971227][    C1]  ? key_user_lookup+0x1b9/0x470
[  988.971245][    C1]  kfree+0x1f3/0x220
[  988.971264][    C1]  key_user_lookup+0x1b9/0x470
[  988.971284][    C1]  key_alloc+0x125/0xe70
[  988.971302][    C1]  ? selinux_cred_prepare+0x76/0x90
[  988.971325][    C1]  keyring_alloc+0x45/0xb0
[  988.971341][    C1]  lookup_user_key+0x55e/0x15c0
[  988.971373][    C1]  ? lookup_user_key_possessed+0x40/0x40
[  988.971392][    C1]  ? search_process_keyrings_rcu+0x280/0x280
[  988.971414][    C1]  ? _copy_from_user+0x96/0xd0
[  988.971432][    C1]  __se_sys_request_key+0x1fa/0x3b0
[  988.971449][    C1]  ? __x64_sys_request_key+0xb0/0xb0
[  988.971468][    C1]  ? __kasan_check_read+0x11/0x20
[  988.971487][    C1]  __x64_sys_request_key+0x9b/0xb0
[  988.971505][    C1]  x64_sys_call+0x687/0x9a0
[  988.971521][    C1]  do_syscall_64+0x3b/0xb0
[  988.971540][    C1]  ? clear_bhb_loop+0x35/0x90
[  988.971555][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  988.971575][    C1] RIP: 0033:0x7fce2d868ef9
[  988.971591][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  988.971606][    C1] RSP: 002b:00007fce2c4e3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  988.971623][    C1] RAX: ffffffffffffffda RBX: 00007fce2da21f80 RCX: 00007fce2d868ef9
[  988.971636][    C1] RDX: 0000000020000300 RSI: 00000000200002c0 RDI: 0000000020000280
[  988.971648][    C1] RBP: 00007fce2d8db046 R08: 0000000000000000 R09: 0000000000000000
[  988.971659][    C1] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000000
[  988.971671][    C1] R13: 0000000000000000 R14: 00007fce2da21f80 R15: 00007ffe2de75eb8
[  988.971687][    C1]  </TASK>
[ 1123.097494][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 225s! [syz.3.16450:8142]
[ 1123.105794][    C1] Modules linked in:
[ 1123.109855][    C1] CPU: 1 PID: 8142 Comm: syz.3.16450 Tainted: G        W         5.15.158-syzkaller-00979-gc53388f01037 #0
[ 1123.121132][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1123.131126][    C1] RIP: 0010:kvm_wait+0x147/0x180
[ 1123.136255][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 9b ec 12 04 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1123.159452][    C1] RSP: 0018:ffffc90000bd7320 EFLAGS: 00000246
[ 1123.166268][    C1] RAX: 0000000000000003 RBX: 1ffff9200017ae68 RCX: ffffffff81552fff
[ 1123.174388][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888121dd5e08
[ 1123.183374][    C1] RBP: ffffc90000bd73d0 R08: dffffc0000000000 R09: ffffed10243babc2
[ 1123.191300][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1123.199570][    C1] R13: ffff888121dd5e08 R14: 0000000000000003 R15: 1ffff9200017ae6c
[ 1123.208194][    C1] FS:  00007fce2c4e36c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1123.217945][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1123.224586][    C1] CR2: 00007fce2c4e2f98 CR3: 00000001275c1000 CR4: 00000000003506a0
[ 1123.235805][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1123.245478][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1123.254277][    C1] Call Trace:
[ 1123.258040][    C1]  <IRQ>
[ 1123.260972][    C1]  ? show_regs+0x58/0x60
[ 1123.265320][    C1]  ? watchdog_timer_fn+0x4b1/0x5f0
[ 1123.270843][    C1]  ? proc_watchdog_cpumask+0xd0/0xd0
[ 1123.278879][    C1]  ? __hrtimer_run_queues+0x41a/0xad0
[ 1123.284808][    C1]  ? hrtimer_interrupt+0xaa0/0xaa0
[ 1123.290105][    C1]  ? clockevents_program_event+0x22f/0x300
[ 1123.295884][    C1]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 1123.301869][    C1]  ? hrtimer_interrupt+0x40c/0xaa0
[ 1123.307009][    C1]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1123.312889][    C1]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[ 1123.318824][    C1]  </IRQ>
[ 1123.321576][    C1]  <TASK>
[ 1123.324442][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1123.330668][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1123.336781][    C1]  ? kvm_wait+0x147/0x180
[ 1123.341435][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1123.347756][    C1]  ? kvm_arch_para_hints+0x30/0x30
[ 1123.352884][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1123.359171][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 1123.365396][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1123.371640][    C1]  ? __schedule+0xcd4/0x1590
[ 1123.376333][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[ 1123.381853][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1123.387364][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1123.393745][    C1]  sock_hash_delete_elem+0x177/0x400
[ 1123.401333][    C1]  ? freezing_slow_path+0x141/0x190
[ 1123.408054][    C1]  ? sock_hash_lookup+0x610/0x610
[ 1123.414354][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1123.421027][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe88
[ 1123.426729][    C1]  bpf_trace_run2+0xec/0x210
[ 1123.431810][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1123.436604][    C1]  ? 0xffffffffa0028f88
[ 1123.441463][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1123.446416][    C1]  ? stack_trace_save+0x1c0/0x1c0
[ 1123.453225][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1123.458843][    C1]  __bpf_trace_kfree+0x6f/0x90
[ 1123.464210][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1123.469470][    C1]  kfree+0x1f3/0x220
[ 1123.474300][    C1]  sock_map_unref+0x352/0x4d0
[ 1123.479283][    C1]  sock_hash_delete_elem+0x388/0x400
[ 1123.484401][    C1]  ? sock_hash_lookup+0x610/0x610
[ 1123.489620][    C1]  ? ____kasan_kmalloc+0xed/0x110
[ 1123.494834][    C1]  ? ____kasan_kmalloc+0xdb/0x110
[ 1123.499838][    C1]  ? __kasan_kmalloc+0x9/0x10
[ 1123.504354][    C1]  ? __kmalloc+0x13a/0x270
[ 1123.508886][    C1]  ? key_user_lookup+0x1b9/0x470
[ 1123.514763][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe88
[ 1123.521712][    C1]  bpf_trace_run2+0xec/0x210
[ 1123.527024][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1123.532044][    C1]  ? key_user_lookup+0x1b9/0x470
[ 1123.536816][    C1]  ? key_user_lookup+0x1b9/0x470
[ 1123.541594][    C1]  __bpf_trace_kfree+0x6f/0x90
[ 1123.546348][    C1]  ? key_user_lookup+0x1b9/0x470
[ 1123.551221][    C1]  kfree+0x1f3/0x220
[ 1123.554951][    C1]  key_user_lookup+0x1b9/0x470
[ 1123.559769][    C1]  key_alloc+0x125/0xe70
[ 1123.563799][    C1]  ? selinux_cred_prepare+0x76/0x90
[ 1123.568840][    C1]  keyring_alloc+0x45/0xb0
[ 1123.573100][    C1]  lookup_user_key+0x55e/0x15c0
[ 1123.577867][    C1]  ? lookup_user_key_possessed+0x40/0x40
[ 1123.583497][    C1]  ? search_process_keyrings_rcu+0x280/0x280
[ 1123.589708][    C1]  ? _copy_from_user+0x96/0xd0
[ 1123.594349][    C1]  __se_sys_request_key+0x1fa/0x3b0
[ 1123.599404][    C1]  ? __x64_sys_request_key+0xb0/0xb0
[ 1123.604587][    C1]  ? __kasan_check_read+0x11/0x20
[ 1123.609444][    C1]  __x64_sys_request_key+0x9b/0xb0
[ 1123.614834][    C1]  x64_sys_call+0x687/0x9a0
[ 1123.619165][    C1]  do_syscall_64+0x3b/0xb0
[ 1123.623637][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1123.628146][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1123.633895][    C1] RIP: 0033:0x7fce2d868ef9
[ 1123.638125][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1123.657656][    C1] RSP: 002b:00007fce2c4e3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[ 1123.666098][    C1] RAX: ffffffffffffffda RBX: 00007fce2da21f80 RCX: 00007fce2d868ef9
[ 1123.673994][    C1] RDX: 0000000020000300 RSI: 00000000200002c0 RDI: 0000000020000280
[ 1123.681811][    C1] RBP: 00007fce2d8db046 R08: 0000000000000000 R09: 0000000000000000
[ 1123.689613][    C1] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000000
[ 1123.697639][    C1] R13: 0000000000000000 R14: 00007fce2da21f80 R15: 00007ffe2de75eb8
[ 1123.705452][    C1]  </TASK>
[ 1123.708407][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1123.713845][    C0] NMI backtrace for cpu 0
[ 1123.713862][    C0] CPU: 0 PID: 8143 Comm: syz.2.16448 Tainted: G        W         5.15.158-syzkaller-00979-gc53388f01037 #0
[ 1123.713884][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1123.713895][    C0] RIP: 0010:kvm_wait+0x147/0x180
[ 1123.713920][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 9b ec 12 04 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1123.713936][    C0] RSP: 0018:ffffc90000aa7980 EFLAGS: 00000246
[ 1123.713952][    C0] RAX: 0000000000000001 RBX: 1ffff92000154f34 RCX: 1ffffffff0d5ab14
[ 1123.713966][    C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7038ad4
[ 1123.713978][    C0] RBP: ffffc90000aa7a30 R08: dffffc0000000000 R09: ffffed103ee0715b
[ 1123.713991][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1123.714004][    C0] R13: ffff8881f7038ad4 R14: 0000000000000001 R15: 1ffff92000154f38
[ 1123.714017][    C0] FS:  00007f1be922b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1123.714033][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1123.714046][    C0] CR2: 00007f1be922bd58 CR3: 0000000124d59000 CR4: 00000000003506b0
[ 1123.714063][    C0] Call Trace:
[ 1123.714070][    C0]  <NMI>
[ 1123.714079][    C0]  ? show_regs+0x58/0x60
[ 1123.714100][    C0]  ? nmi_cpu_backtrace+0x29f/0x300
[ 1123.714123][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 1123.714145][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714161][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714177][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1123.714197][    C0]  ? nmi_handle+0xa8/0x280
[ 1123.714215][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714231][    C0]  ? default_do_nmi+0x69/0x160
[ 1123.714249][    C0]  ? exc_nmi+0xad/0x100
[ 1123.714263][    C0]  ? end_repeat_nmi+0x16/0x31
[ 1123.714283][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714299][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714316][    C0]  ? kvm_wait+0x147/0x180
[ 1123.714331][    C0]  </NMI>
[ 1123.714337][    C0]  <TASK>
[ 1123.714342][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1123.714360][    C0]  ? kvm_arch_para_hints+0x30/0x30
[ 1123.714380][    C0]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[ 1123.714404][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1123.714428][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[ 1123.714447][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1123.714466][    C0]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1123.714488][    C0]  sock_hash_delete_elem+0x177/0x400
[ 1123.714508][    C0]  ? ioctl_has_perm+0x3f5/0x560
[ 1123.714527][    C0]  ? sock_hash_lookup+0x610/0x610
[ 1123.714546][    C0]  ? has_cap_mac_admin+0x3c0/0x3c0
[ 1123.714564][    C0]  ? kcov_ioctl+0x20c/0x610
[ 1123.714583][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe88
[ 1123.714598][    C0]  bpf_trace_run2+0xec/0x210
[ 1123.714618][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1123.714636][    C0]  ? kcov_ioctl+0x20c/0x610
[ 1123.714655][    C0]  ? __kasan_check_write+0x14/0x20
[ 1123.714674][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1123.714700][    C0]  ? kcov_ioctl+0x20c/0x610
[ 1123.714719][    C0]  __bpf_trace_kfree+0x6f/0x90
[ 1123.714737][    C0]  ? kcov_ioctl+0x20c/0x610
[ 1123.714755][    C0]  kfree+0x1f3/0x220
[ 1123.714775][    C0]  kcov_ioctl+0x20c/0x610
[ 1123.714794][    C0]  ? security_file_ioctl+0x84/0xb0
[ 1123.714814][    C0]  ? kcov_remote_reset+0xc0/0xc0
[ 1123.714833][    C0]  __se_sys_ioctl+0x114/0x190
[ 1123.714857][    C0]  __x64_sys_ioctl+0x7b/0x90
[ 1123.714873][    C0]  x64_sys_call+0x98/0x9a0
[ 1123.714890][    C0]  do_syscall_64+0x3b/0xb0
[ 1123.714909][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1123.714924][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1123.714945][    C0] RIP: 0033:0x7f1bea5d1afb
[ 1123.714972][    C0] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1123.714986][    C0] RSP: 002b:00007f1be922b060 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1123.715010][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1bea5d1afb
[ 1123.715023][    C0] RDX: 0000000000000000 RSI: 0000000000006364 RDI: 00000000000000d9
[ 1123.715034][    C0] RBP: 00007f1bea78b058 R08: 0000000000000000 R09: 00007ffe3bffe3d7
[ 1123.715046][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f1bea78b064
[ 1123.715057][    C0] R13: 0000000000000001 R14: 00007ffe3bffe2f0 R15: 00007ffe3bffe3d8
[ 1123.715074][    C0]  </TASK>