last executing test programs:

1m23.906498916s ago: executing program 4 (id=5):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f0000000840)=""/215, 0xd7}], 0x1}, 0x8}], 0x1, 0x10041, 0x0)

1m23.854949267s ago: executing program 4 (id=6):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000500)={@link_local, @local, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x4, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}}}, 0x0)

1m23.588844352s ago: executing program 4 (id=11):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000340)={[{@noblock_validity}, {@dioread_nolock}, {@noinit_itable}, {@acl}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0xc5, 0x452, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
socket$inet6(0xa, 0x6, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=')

1m23.178781269s ago: executing program 4 (id=28):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1ff}]}}]}, 0x38}}, 0x0)

1m22.868581484s ago: executing program 4 (id=37):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e3, &(0x7f0000000080))

1m22.833907134s ago: executing program 32 (id=37):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e3, &(0x7f0000000080))

1m16.120662716s ago: executing program 5 (id=235):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000700000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0x25)

1m16.065639307s ago: executing program 5 (id=236):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000180)=0xfffffff7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @private2}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)

1m16.045937188s ago: executing program 5 (id=237):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x141142, 0xc)
fstatfs(r1, &(0x7f00000000c0)=""/126)

1m15.998286789s ago: executing program 5 (id=238):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f0000000280)='.\x00', &(0x7f00000002c0)='./file0\x00')

1m15.820569561s ago: executing program 5 (id=246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)

1m15.330176329s ago: executing program 5 (id=262):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
epoll_create1(0x0)
select(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x40000000, 0xc32, 0x7fffffff, 0x3, 0x6}, &(0x7f0000000040)={0x7, 0x2, 0x80000004, 0x0, 0x1, 0x8, 0x800000002, 0x3}, &(0x7f0000000100)={0x1f, 0xefffffffffffffff, 0x0, 0x6, 0x0, 0x80000000, 0x0, 0x12}, 0x0)

1m15.29697511s ago: executing program 33 (id=262):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
epoll_create1(0x0)
select(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x40000000, 0xc32, 0x7fffffff, 0x3, 0x6}, &(0x7f0000000040)={0x7, 0x2, 0x80000004, 0x0, 0x1, 0x8, 0x800000002, 0x3}, &(0x7f0000000100)={0x1f, 0xefffffffffffffff, 0x0, 0x6, 0x0, 0x80000000, 0x0, 0x12}, 0x0)

39.252317993s ago: executing program 3 (id=1466):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000800)='rdma.current\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3590bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d080000000000000014f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bdd277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabaf18647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15283217e03d02a4054f34af3a65ef6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a62bc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b391b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815501681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add38a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889581c750c34586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7004757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11c39d6fdcf5926d6ad5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a038813f2bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa500a0000000000006a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xfffffffffffffe43}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000340)={0x5, 0x800})

39.251952813s ago: executing program 3 (id=1467):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x110a, 0x1})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000006380)={0x2020}, 0x2020)

39.232780264s ago: executing program 3 (id=1469):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r2 = dup(r0)
sendmsg$netlink(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0)

39.177659154s ago: executing program 3 (id=1470):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
fadvise64(r0, 0x7, 0x4, 0x5)

39.005795337s ago: executing program 3 (id=1476):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0))

38.737654842s ago: executing program 3 (id=1481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
getrlimit(0x2, &(0x7f0000000300))

38.677247032s ago: executing program 34 (id=1481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
getrlimit(0x2, &(0x7f0000000300))

37.874117616s ago: executing program 1 (id=1496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1}, 0xc)

37.814121467s ago: executing program 1 (id=1497):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)

37.788993168s ago: executing program 1 (id=1498):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)

37.696500189s ago: executing program 1 (id=1500):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.events\x00', 0x275a, 0x0)
fadvise64(r0, 0x7, 0x4, 0x5)

37.517195512s ago: executing program 1 (id=1505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x1, 0x0, 0x0)

37.112171309s ago: executing program 1 (id=1515):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

37.065492879s ago: executing program 35 (id=1515):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)

18.981588492s ago: executing program 2 (id=2144):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone3(&(0x7f00000001c0)={0x68081000, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fb, &(0x7f00000004c0)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIcZEuBOCP26eKi0EKZTQGi2SWBK8mBgvHkw8eRD/CyXx6sGrBy+eDAkxhoMYImtmO1Om293SX7tbup9PMnSeme48z5R++5199nlmAuhYI9k/acT+iLiaRAyV9nVHvnNk6fvu/3njXLYkUam8/UcSNz5JFsvHSvKvg/mL/xmK5Oc0Yl/X6nrnFq5fmpyZmb6Wl8fmL18dm1u4fvji5ckL0xemr0y8OnHi+LHjJ8aPbOn8ylWfvvX+h0OfnXn3268fJuPf/XomiZPxKP+G7LxqX9u3pZqzn9lIVJY8KG/Pfq4ntnjsneKvoeL35LGkdgM7Vpr/Pv4vIp6Noegq/W8OxadvtrVxQFNVkihyFNBxkk3Ff//2NwRoseI6oHhvX+998Gppk69KgFa4d2qpA2Ap9nsiooj/7qW+weiPbOvA/WRFP08SEVvrmVuS1fHTj2duZUs06IcDmmPxZtHLXZv/k2psDkd/tTRwP10R/2lpyba/tcn6R2rK4h9aZ/FmRDyX5//e2FD8j5Ti/71N1i/+AQAAAAAAYPvcORURr9Qb/5cuj//prTP+ZzAiTm5D/U/+/C+9m68k21AdUHLvVMTrdcf/Lo/xHe7KS/+tjgfoSc5fnJk+ks8ZPBQ9fVl5vOa45RHChz/f91Wj+svj/7Ilq78YC5gf6W53zUTcqcn5ya2eNxBx72bE89XxvwfyLSvH/2T5P6mT/7P4vrrOOva9dPtso31Pjn+gWSrfRBysm/8fX24na9+fY6x6PTBWXBWs9sLHX3zfqH7xD+2T5f+BteO/Lynfr2duY8fvjYijC92VRvs3e/3fm7zTVRw/89Hk/Py18Yje5PTq7RMbazPsVkU8FPGSxf+hF9fu/1u+/i/F4Z6IWFxnnc88Gvyt0T75H9oni/+ptfP/8Mr8v/GVidvDPzSq/+y68v+xak4/lG/R/wdlq+/Hsd4AbUtzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOApl0bEfyJJR5fX03R0NGIwIv4fA+nM7Nz8y+dnP7gyle2rPv8/LZ70O7RUTorn/w+XyhM15aMRsTcivuzaUy2PnpudmWr3yQMAAAAAAAAAAAAAAAAAAMAOMVid81/pq53/n/m9q92tA5quO/8q3qHzdG/6lZW+bW0I0HKbj3/gabf++O9pajuA1msc/w8eVqpa2hyghVz/Q+faZPz7uAB2AfkfOtU6+/T6m90OoB3kfwAAAAAA2FX2HrjzSxIRi6/tqS6Z3nyfwf6wu6XtbgDQNsbwQufqnm13C4B28R4fSJbX/q472b/x6P+kOQ0CAAAAAAAAAAAAAFY5uN/8f+hUa8//N7YfdrM15v/XC363C4BdpPGjP+R+2O28xweelO3N/wcAAAAAAAAAAACAHaD/+qXJmZnpa3MLT9/KGzujGRtbWZzcEc3Y1pVHzTlyT0TsjBNs9UpxC442NqPNf5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBl/wYAAP//SlcnIw==")

18.49742103s ago: executing program 2 (id=2156):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

16.445044965s ago: executing program 2 (id=2193):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getpid()
sendmsg$unix(r2, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x14, 0x1, 0x1, [r1]}}], 0x30, 0x20000880}, 0x0)

16.430086785s ago: executing program 2 (id=2194):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000001740)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@jqfmt_vfsv0}, {@noblock_validity}, {@resgid}, {@sysvgroups}, {@usrquota}, {@usrquota}]}, 0x12, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x2, 0x0)
rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000080)='./file2\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)

16.206943188s ago: executing program 2 (id=2198):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x145)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f00000000c0), 0x9)
read$FUSE(r1, &(0x7f00000017c0)={0x2020}, 0x2020)

15.841666765s ago: executing program 2 (id=2205):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

15.817106405s ago: executing program 36 (id=2205):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

12.167142936s ago: executing program 8 (id=2278):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='mm_page_alloc\x00', r0}, 0x10)
io_setup(0xffff, &(0x7f0000000780))

12.026489179s ago: executing program 8 (id=2285):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000000c0)={[{@auto_da_alloc}, {@inlinecrypt}]}, 0x2, 0x5ed, &(0x7f0000000740)="$eJzs3c1vFGUYAPBnph+0FG0hRsWDNDEGDtLSAoYYD3DUkAY/4sWLlRZECjS0RosmlAQvJsaDxph48iD+F0rkyklPHrx4MiREDUcT1+zuTD9ntx+0u6Tz+yXLzrzvDM87bZ/OzNv3nQ2gtAar/6QR+yNiOonoT+YX6jojqxysb/fgn0/OVl9JVCpv/JVEkpXl2yfZe1+2c09E/PJzEvu+XB13Zu7a7fGpqcmr2frw7KXp4Zm5a4cvXBo/P3l+8vLoi6Mnjh87fmLkyKaO63pB2emb73/Y/9nY299/+28y8sPvY0mcjFezDZcex1YZjMHa1yRZXdV3YquDtUlH9nPSsaQs6Wxjg9iQ/PuXRsRT0R8dsfjN649PX2tr44BtVUkiKkBJJfIfSiq/Dsjv7VfeB6dtuSoBWuH+qXoHwOr876z3DUZPdEXE7gdJLO3WSSJicz1zy+2JiLt3xm6euzN2M5r2w6WLgYEtMX8jIp4uyv+klv8D0RMDtfxPl+V/NRvPZO/V8tebRmmctCu7irejHx4oVs//nqb5Hw3y/50l+f/uJuMPLi6+17ss/3s3e0gAAAAAAABQWrdPRcQLRX//TxfG/0TB+J++iDi5BfEHV6yv/vt/em8LwgAF7p+KeLlw/G+aj7kb6MiWHquNB+hKzl2YmjwSEY9HxKHo2lVdH2kS4/Dn+75pVDeYjf/LX9X4d7OxgFk77nXuWr7PxPjs+MMeNxBx/0bEM4Xjf5OF839ScP6v/j6YXmeMfc/fOtOobu38B7ZL5buIg4Xn/8Uxu0nz53MM164HhvOrgtWe/fiLHxvF32z+e8QEPLzq+X938/wfSOrP67lYe17PzMZjHJ3rrDSq2+z1f3fyZu2RM91Z2Ufjs7NXRyK6k9Md1dJl5aMbbzPsRHk+5PlSzf9DzzXv/yu6/u+NiPkV/3fy9/I5xbkn/+v7o1F7XP9D+1Tzf2JD5/+NL4zeGvipUfz1nf+P1c71h7IS/X9Q93Wept3LywvSsbOoqtXtBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdII2IPZGkQwvLaTo0FNEXEU/EQH2jc1c+uDxRrat9/n+af9Jvf309yT//f2DJ+uiK9aMRsTcivurora0Pnb0yNdHugwcAAAAAAAAAAAAAAAAAAIBHRF+D+f9Vf3a0u3XAtutsdwOAtinI/1/b0Q6g9Zz/obzkP5SX/Ifykv9QXvIfykv+Q3nJfygv+Q8AAAAAADvK3gO3f0siYv6l3tqrqjur62pry4Dtlra7AUDbeMQPlFfx0J9d2fsrLW0L0Fru8YFkjfqehjuttWcz02cfYmcAAAAAAAAAAAAAKJ2D+83/h7Iy/x/Ky/x/KK98/v+BNrcDaD33+ECsMZO/cP7/mnsBAAAAAAAAAAAAAFtpZu7axfGpqcmrO3shH6TcbJu3Ho2mtnKhUqlcX+vLYmHdC/lPWStipRuPlc/1W1+I1v8uAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiv0fAAD//+KWHSQ=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000000)=ANY=[@ANYBLOB='fi'], 0x0)
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

11.668558314s ago: executing program 8 (id=2304):
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}}, 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0xc, 0x42, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r0, &(0x7f0000002340), &(0x7f00000002c0)=""/102}, 0x20)

11.622946435s ago: executing program 8 (id=2305):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000002ac0), 0x0, 0x0)
read$rfkill(r1, 0x0, 0x2e98399f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)

8.665095675s ago: executing program 6 (id=2373):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="70000000100009040000b90db7c3df2500000000", @ANYRES32=r2, @ANYBLOB="000200009300040050001280110001006272696467655f736c61766500000000380005800400180005001b0001000000050001"], 0x70}}, 0x800)

8.614239515s ago: executing program 6 (id=2374):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x9, 0x6, 0x9, '\x00', 0x7b686231})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@textreal={0x8, 0x0}], 0x1, 0xc5, 0x0, 0x0)

8.574693746s ago: executing program 6 (id=2375):
r0 = socket(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

8.548489067s ago: executing program 6 (id=2376):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000001000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

8.529916777s ago: executing program 6 (id=2377):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r1, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)

8.487016018s ago: executing program 6 (id=2379):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)

1.924984367s ago: executing program 0 (id=2591):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

928.589064ms ago: executing program 0 (id=2598):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, 0x0, 0x0, 0xe7e, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
readlink(&(0x7f0000000280)='./file1\x00', &(0x7f0000000800)=""/205, 0xcd)

892.659675ms ago: executing program 0 (id=2600):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0xb59633e9a4a037f2, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000a06000/0x3000)=nil, 0x3000, 0x1)
mremap(&(0x7f0000cb4000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000f86000/0x3000)=nil)
munlockall()

883.943265ms ago: executing program 9 (id=2601):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000cc0)=@newqdisc={0x50, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x4}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

852.384785ms ago: executing program 0 (id=2603):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010400000000fddbdf", @ANYRES32=0x0, @ANYBLOB="00000000201200001c00128009000100626f6e64000000000c0002"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/19, @ANYRES32=0x0], 0x50}}, 0x0)

805.217506ms ago: executing program 0 (id=2604):
chdir(&(0x7f0000000340)='./cgroup\x00')
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000001c0)=""/54, 0x36)
getdents(r0, 0x0, 0x58)

791.555946ms ago: executing program 0 (id=2605):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x51, 0x0, 0x0, 0x0, 0x20, 0x56a, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x1d0, 0x4, [{{0x9, 0x4, 0x0, 0x0, 0xf2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x2, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xfe, 0x0, 0x4}}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000000)={0x0, 0x23, 0x4, {0x4, 0x4, "441a"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

689.179018ms ago: executing program 9 (id=2609):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
dup2(r2, r2)

669.551389ms ago: executing program 9 (id=2610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000009000000000000000020000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getrlimit(0x6, &(0x7f0000000100))

650.252979ms ago: executing program 9 (id=2612):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x5452, &(0x7f0000000a00)={'dvmrp0\x00', @random='c\b\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

584.06501ms ago: executing program 7 (id=2614):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

564.55703ms ago: executing program 9 (id=2615):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x8000000000000, &(0x7f0000000300)=@base={0x14, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

524.705001ms ago: executing program 9 (id=2616):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

454.142072ms ago: executing program 8 (id=2617):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

424.613263ms ago: executing program 7 (id=2618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x6, &(0x7f0000000140)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}])

419.565683ms ago: executing program 8 (id=2619):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001a80)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r1}, 0x10)
ioperm(0x0, 0x2, 0x2)

300.161815ms ago: executing program 7 (id=2620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
fchownat(0xffffffffffffffff, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x1000)

282.010625ms ago: executing program 7 (id=2621):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff9}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

150.817598ms ago: executing program 7 (id=2622):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000b3180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
get_robust_list(0x0, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@id={0x1e, 0x3, 0x0, {0x4e24, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40080c1}, 0x800)

0s ago: executing program 7 (id=2623):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r1, &(0x7f0000000500)={[], 0x23}, 0x0, 0x800)

kernel console output (not intermixed with test programs):

 T300] usb 7-1: config 0 descriptor??
[   60.268683][ T3043] loop1: detected capacity change from 0 to 128
[   60.615749][  T300] savu 0003:1E7D:2D5A.0008: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[   60.623485][  T976] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   60.885189][  T490] usb 7-1: USB disconnect, device number 5
[   61.981474][ T3078] loop2: detected capacity change from 0 to 1024
[   62.035494][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   62.053294][  T976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   62.067539][ T3078] EXT4-fs (loop2): Ignoring removed orlov option
[   62.079895][  T976] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[   62.088857][  T976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.095391][ T3078] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,lazytime,noauto_da_alloc,stripe=0x0000000000000005,orlov,,errors=continue. Quota mode: writeback.
[   62.098018][  T976] usb 4-1: config 0 descriptor??
[   62.129245][ T3078] EXT4-fs error (device loop2): ext4_check_all_de:664: inode #12: block 7: comm syz.2.1182: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   62.150756][ T3078] EXT4-fs error (device loop2): ext4_check_all_de:664: inode #12: block 7: comm syz.2.1182: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   62.171905][ T3091] xt_hashlimit: max too large, truncated to 1048576
[   62.204986][ T3094] loop1: detected capacity change from 0 to 128
[   62.235315][ T3101] loop2: detected capacity change from 0 to 16
[   62.264281][ T3101] erofs: (device loop2): mounted with root inode @ nid 36.
[   62.409542][ T3115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1196'.
[   62.420959][ T3115] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   62.420992][ T3119] syz.6.1198[3119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.431971][ T3119] syz.6.1198[3119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.476281][ T3119] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3119 comm=syz.6.1198
[   62.500078][ T3119] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3119 comm=syz.6.1198
[   62.582802][ T3135] devtmpfs: Unknown parameter 'Pr„Ñ…žP'
[   62.605052][  T976] playstation 0003:054C:0DF2.0009: item fetching failed at offset 1/5
[   62.615667][  T976] playstation 0003:054C:0DF2.0009: Parse failed
[   62.621772][  T976] playstation: probe of 0003:054C:0DF2.0009 failed with error -22
[   62.745111][ T3158] loop2: detected capacity change from 0 to 2048
[   62.794747][ T3158] GPT:first_usable_lbas don't match.
[   62.799927][ T3158] GPT:34 != 290
[   62.803169][ T3158] GPT: Use GNU Parted to correct GPT errors.
[   62.820204][ T3158]  loop2: p1 p2 p3
[   62.837482][    T6] usb 4-1: USB disconnect, device number 4
[   62.926801][ T3177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1227'.
[   62.945529][ T3179] netem: change failed
[   62.961182][ T2309] udevd[2309]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   62.972056][ T1009] udevd[1009]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   62.972535][  T593] udevd[593]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   63.053460][ T3192] loop6: detected capacity change from 0 to 256
[   64.132766][ T3203] incfs: Backing dir is not set, filesystem can't be mounted.
[   64.140371][ T3203] incfs: mount failed -2
[   64.207231][ T3209] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[   64.225775][  T986] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   64.239409][ T3205] loop6: detected capacity change from 0 to 8192
[   64.255864][ T3201] loop1: detected capacity change from 0 to 40427
[   64.272937][   T30] kauditd_printk_skb: 199 callbacks suppressed
[   64.272952][   T30] audit: type=1326 audit(1743573468.395:5450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3212 comm="syz.0.1244" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6301f4169 code=0x0
[   64.307881][ T3205]  loop6: p1 p2 p3 p4 < >
[   64.312236][ T3205] loop6: partition table partially beyond EOD, truncated
[   64.320608][ T3201] F2FS-fs (loop1): invalid crc value
[   64.329171][ T3205] loop6: p1 size 8388608 extends beyond EOD, truncated
[   64.341737][ T3205] loop6: p2 size 589824 extends beyond EOD, truncated
[   64.354849][ T3201] F2FS-fs (loop1): Found nat_bits in checkpoint
[   64.361906][ T3205] loop6: p3 start 150994944 is beyond EOD, truncated
[   64.373228][ T3205] loop6: p4 start 1526857729 is beyond EOD, truncated
[   64.415380][ T3201] F2FS-fs (loop1): Start checkpoint disabled!
[   64.422132][ T3201] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   64.448929][   T30] audit: type=1400 audit(1743573468.552:5451): avc:  denied  { mounton } for  pid=3226 comm="syz.3.1250" path="/248/file0" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   64.449225][ T3227] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   64.485491][ T1009] udevd[1009]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[   64.507432][  T986] usb 3-1: Using ep0 maxpacket: 32
[   64.507632][ T2309] udevd[2309]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[   64.512958][ T3227] FAT-fs (loop7): unable to read boot sector
[   64.641467][  T418] attempt to access beyond end of device
[   64.641467][  T418] loop1: rw=2049, want=40968, limit=40427
[   64.652961][  T986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.664269][  T986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.674385][  T986] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[   64.683754][  T986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.700291][  T986] usb 3-1: config 0 descriptor??
[   64.732361][   T30] audit: type=1400 audit(1743573468.810:5452): avc:  denied  { setopt } for  pid=3242 comm="syz.3.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.859478][ T3256] incfs: Error accessing: ./file0.
[   64.864487][ T3256] incfs: mount failed -20
[   64.913761][   T30] audit: type=1326 audit(1743573468.986:5453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3262 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   64.947322][   T30] audit: type=1326 audit(1743573469.004:5454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3262 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   64.971211][   T30] audit: type=1326 audit(1743573469.014:5455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3262 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   64.997968][   T30] audit: type=1326 audit(1743573469.014:5456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3262 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   65.021710][   T30] audit: type=1326 audit(1743573469.014:5457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3268 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2038544a25 code=0x7ffc0000
[   65.112920][   T30] audit: type=1326 audit(1743573469.161:5458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3268 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   65.157793][   T30] audit: type=1326 audit(1743573469.189:5459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3262 comm="syz.6.1267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20384ae359 code=0x7ffc0000
[   65.182822][ T3265] loop3: detected capacity change from 0 to 40427
[   65.235509][ T3265] F2FS-fs (loop3): invalid crc value
[   65.249863][ T3265] F2FS-fs (loop3): Found nat_bits in checkpoint
[   65.266415][ T3277] netlink: 9 bytes leftover after parsing attributes in process `syz.6.1271'.
[   65.267457][  T986] uclogic 0003:5543:0003.000A: item fetching failed at offset 0/3
[   65.283746][ T3277] device gretap0 entered promiscuous mode
[   65.300807][ T3277] netlink: 5 bytes leftover after parsing attributes in process `syz.6.1271'.
[   65.304885][  T986] uclogic 0003:5543:0003.000A: parse failed
[   65.317706][  T986] uclogic: probe of 0003:5543:0003.000A failed with error -22
[   65.319504][ T3277] 0ªX¹¦D: renamed from gretap0
[   65.335115][ T3265] F2FS-fs (loop3): Start checkpoint disabled!
[   65.345142][ T3277] device 
30ªX¹¦D left promiscuous mode
[   65.357532][ T3277] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   65.373182][ T3265] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   65.421935][ T3277] syz.6.1271 (3277) used greatest stack depth: 19744 bytes left
[   65.504452][  T490] usb 3-1: USB disconnect, device number 6
[   65.515909][ T3296] IPv6: NLM_F_REPLACE set, but no existing node found!
[   65.578430][   T45] attempt to access beyond end of device
[   65.578430][   T45] loop3: rw=2049, want=40968, limit=40427
[   65.723392][ T3316] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1288'.
[   66.262216][ T3353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1304'.
[   66.281390][ T3353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1304'.
[   66.305744][ T3330] loop2: detected capacity change from 0 to 40427
[   66.362332][ T3330] F2FS-fs (loop2): invalid crc value
[   66.377161][ T3330] F2FS-fs (loop2): Found nat_bits in checkpoint
[   66.387317][ T3367] loop6: detected capacity change from 0 to 512
[   66.423802][ T3330] F2FS-fs (loop2): Start checkpoint disabled!
[   66.430508][ T3330] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   66.466129][ T3367] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,mb_optimize_scan=0x0000000000000001,grpjquota=,journal_ioprio=0x0000000000000007,dioread_lock,,errors=continue. Quota mode: writeback.
[   66.487058][ T3367] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.619234][   T45] attempt to access beyond end of device
[   66.619234][   T45] loop2: rw=2049, want=40968, limit=40427
[   66.683340][ T3394] syz.0.1322[3394] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.683414][ T3394] syz.0.1322[3394] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.905933][ T3423] loop2: detected capacity change from 0 to 512
[   66.941862][ T3423] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   66.962242][    T6] kernel write not supported for file bpf-prog (pid: 6 comm: kworker/0:0)
[   66.972586][ T3423] EXT4-fs (loop2): 1 truncate cleaned up
[   66.978294][ T3423] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   67.130504][ T3450] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1346'.
[   67.160030][ T3459] loop3: detected capacity change from 0 to 256
[   67.214263][ T3468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3468 comm=syz.0.1355
[   67.229186][ T3469] loop1: detected capacity change from 0 to 2048
[   67.240740][ T3459] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[   67.253241][ T3469] EXT4-fs (loop1): Ignoring removed bh option
[   67.274048][ T3459] exFAT-fs (loop3): error, invalid size(size(9) > aligned(9223372036854777344)
[   67.274048][ T3459] 
[   67.293575][ T3459] exFAT-fs (loop3): Filesystem has been set read-only
[   67.300404][ T3459] exFAT-fs (loop3): error, invalid size(size(11) > aligned(9223372036854777344)
[   67.300404][ T3459] 
[   67.323653][ T3469] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[   67.460767][ T3490] loop3: detected capacity change from 0 to 512
[   67.531243][ T3490] EXT4-fs (loop3): Ignoring removed bh option
[   67.539630][ T3490] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   67.550508][ T3488] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   67.576671][ T3490] EXT4-fs (loop3): 1 truncate cleaned up
[   67.577562][ T3488] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   67.594377][ T3488] EXT4-fs (loop1): This should not happen!! Data will be lost
[   67.594377][ T3488] 
[   67.604488][ T3488] EXT4-fs (loop1): Total free blocks count 0
[   67.609823][ T3490] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none.
[   67.611124][ T3488] EXT4-fs (loop1): Free/Dirty block details
[   67.633277][ T3488] EXT4-fs (loop1): free_blocks=2415919104
[   67.639297][ T3488] EXT4-fs (loop1): dirty_blocks=8208
[   67.644513][ T3488] EXT4-fs (loop1): Block reservation details
[   67.650545][ T3488] EXT4-fs (loop1): i_reserved_data_blocks=513
[   67.666559][ T3498] loop2: detected capacity change from 0 to 512
[   67.712010][   T45] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   67.724608][   T45] EXT4-fs (loop1): This should not happen!! Data will be lost
[   67.724608][   T45] 
[   67.745235][ T3498] EXT4-fs (loop2): Test dummy encryption mode enabled
[   67.761261][ T3498] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   67.782595][ T3505] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1370'.
[   67.796009][ T3498] EXT4-fs (loop2): 1 truncate cleaned up
[   67.807417][ T3505] device gretap0 entered promiscuous mode
[   67.811943][ T3498] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x0000000000000001,stripe=0x0000000000000000,test_dummy_encryption,,errors=continue. Quota mode: none.
[   67.839793][ T3505] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1370'.
[   67.853715][ T3505] 0ªX¹¦D: renamed from gretap0
[   67.863441][ T3505] device 
30ªX¹¦D left promiscuous mode
[   67.873317][ T3505] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   67.937137][ T3516] loop9: detected capacity change from 0 to 8
[   68.016775][ T3528] fuse: Invalid user_id
[   68.071990][ T3535] loop3: detected capacity change from 0 to 256
[   68.164493][ T3553] SELinux:  Context : is not valid (left unmapped).
[   68.283387][ T3569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1399'.
[   68.321402][ T3573] input: syz0 as /devices/virtual/input/input7
[   68.404465][ T3585] tipc: Enabled bearer <udp:syz2>, priority 10
[   68.425490][ T3590] loop3: detected capacity change from 0 to 128
[   68.565211][ T3609] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3609 comm=syz.1.1419
[   69.054056][ T3671] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   69.112426][ T3682] binfmt_misc: register: failed to install interpreter file ./file0
[   69.670067][ T3719] loop3: detected capacity change from 0 to 1024
[   69.741297][ T3725] blk_update_request: I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   69.754006][ T3725] FAT-fs (loop13): unable to read boot sector
[   69.775014][ T3719] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[   69.798073][   T30] kauditd_printk_skb: 129 callbacks suppressed
[   69.798089][   T30] audit: type=1400 audit(2000000001.569:5589): avc:  denied  { setattr } for  pid=3718 comm="syz.3.1470" name="work" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   69.843619][   T30] audit: type=1400 audit(2000000001.569:5590): avc:  denied  { remove_name } for  pid=3718 comm="syz.3.1470" name="#9" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   69.868727][  T297] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   69.881592][  T297] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   69.921738][   T30] audit: type=1400 audit(2000000001.569:5591): avc:  denied  { unlink } for  pid=3718 comm="syz.3.1470" name="#9" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   69.960057][   T30] audit: type=1400 audit(2000000001.606:5592): avc:  denied  { write } for  pid=3718 comm="syz.3.1470" name="/" dev="overlay" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   70.018551][   T30] audit: type=1400 audit(2000000001.606:5593): avc:  denied  { add_name } for  pid=3718 comm="syz.3.1470" name="pids.events" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   70.040001][   T30] audit: type=1326 audit(2000000001.670:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3733 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   70.064020][   T30] audit: type=1326 audit(2000000001.670:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3733 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   70.088827][   T30] audit: type=1326 audit(2000000001.670:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3733 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   70.112699][   T30] audit: type=1326 audit(2000000001.670:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3733 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   70.136306][   T30] audit: type=1326 audit(2000000001.670:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3733 comm="syz.2.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   70.268413][ T3750] loop2: detected capacity change from 0 to 512
[   70.351667][ T3750] EXT4-fs (loop2): Ignoring removed nobh option
[   70.362510][ T3750] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[   70.376475][ T3751] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.384986][ T3751] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.392455][ T3751] device bridge_slave_0 entered promiscuous mode
[   70.399506][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.406635][ T3751] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.414546][ T3750] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.1486: corrupted in-inode xattr
[   70.414860][ T3751] device bridge_slave_1 entered promiscuous mode
[   70.442893][ T3757] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1487'.
[   70.442926][ T3750] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.1486: couldn't read orphan inode 15 (err -117)
[   70.463347][ T3757] device gretap0 entered promiscuous mode
[   70.463487][ T3750] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,prjquota,auto_da_alloc,mblk_io_submit,acl,,errors=continue. Quota mode: writeback.
[   70.501488][ T3757] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1487'.
[   70.510737][ T3757] 0ªX¹¦D: renamed from gretap0
[   70.516501][ T3757] device 
30ªX¹¦D left promiscuous mode
[   70.523944][ T3757] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   70.670483][ T3732] loop6: detected capacity change from 0 to 131072
[   70.692693][  T418] device bridge_slave_1 left promiscuous mode
[   70.699993][  T418] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.715260][  T418] device bridge_slave_0 left promiscuous mode
[   70.721496][  T418] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.739179][ T3732] F2FS-fs (loop6): invalid crc value
[   70.747436][  T418] device veth1_macvtap left promiscuous mode
[   70.757966][  T418] device veth0_vlan left promiscuous mode
[   70.777435][ T3732] F2FS-fs (loop6): Found nat_bits in checkpoint
[   70.849073][ T3732] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   70.868812][ T3759] loop2: detected capacity change from 0 to 40427
[   70.944096][ T3759] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[   70.951745][ T3759] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   70.997996][ T3759] F2FS-fs (loop2): Found nat_bits in checkpoint
[   71.086050][ T3759] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   71.105522][ T3759] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   71.132303][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.139237][ T3751] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.146304][ T3751] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.153095][ T3751] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.160504][  T291] attempt to access beyond end of device
[   71.160504][  T291] loop2: rw=2049, want=45104, limit=40427
[   71.182499][ T3732] F2FS-fs (loop6): Corrupted max_depth of 3: 16842753
[   71.182911][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.201000][ T3790] loop1: detected capacity change from 0 to 1024
[   71.203351][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.267434][ T3790] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[   71.274660][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   71.295476][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.333720][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   71.342531][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   71.351238][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.358134][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.366318][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   71.374550][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   71.375456][  T295] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   71.383349][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.400516][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.408063][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   71.420492][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   71.442217][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   71.450163][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   71.458738][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   71.467100][  T295] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   71.479272][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.496215][ T3751] device veth0_vlan entered promiscuous mode
[   71.504479][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   71.520649][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.549234][ T3751] device veth1_macvtap entered promiscuous mode
[   71.565203][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.575107][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.593545][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   71.622236][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.631076][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   71.669214][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.677456][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.696184][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.723369][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.737414][ T3822] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[   71.773983][ T3824] loop2: detected capacity change from 0 to 1024
[   71.846767][ T3824] EXT4-fs (loop2): Ignoring removed nobh option
[   71.867143][ T3824] EXT4-fs (loop2): Ignoring removed bh option
[   71.873058][ T3824] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   71.940284][ T3824] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   72.116626][ T3835] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.118903][ T3831] loop6: detected capacity change from 0 to 40427
[   72.123494][ T3835] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.127955][ T3824] EXT4-fs error (device loop2): mb_free_blocks:1865: group 0, inode 15: block 145:freeing already freed block (bit 9); block bitmap corrupt.
[   72.158096][ T3835] device bridge_slave_0 entered promiscuous mode
[   72.172980][ T3835] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.180433][ T3835] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.187834][ T3835] device bridge_slave_1 entered promiscuous mode
[   72.240627][ T3831] F2FS-fs (loop6): invalid crc value
[   72.282742][ T3831] F2FS-fs (loop6): Found nat_bits in checkpoint
[   72.373753][ T3831] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   72.413917][ T3868] loop7: detected capacity change from 0 to 512
[   72.432142][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   72.440226][ T3831] attempt to access beyond end of device
[   72.440226][ T3831] loop6: rw=10241, want=53256, limit=40427
[   72.449299][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.460908][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   72.470859][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.479311][  T965] attempt to access beyond end of device
[   72.479311][  T965] loop6: rw=2049, want=45104, limit=40427
[   72.490878][  T534] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.493341][ T3868] EXT4-fs (loop7): Test dummy encryption mode enabled
[   72.497772][  T534] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.514083][ T3868] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   72.537678][   T10] device bridge_slave_1 left promiscuous mode
[   72.544332][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.556137][ T3868] EXT4-fs (loop7): 1 truncate cleaned up
[   72.564184][ T3868] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,usrquota,max_dir_size_kb=0x000000000000148a,,errors=continue. Quota mode: writeback.
[   72.565388][   T10] device bridge_slave_0 left promiscuous mode
[   72.611170][ T3868] EXT4-fs warning (device loop7): __ext4fs_dirhash:270: inode #2: comm syz.7.1531: Siphash requires key
[   72.622560][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.631005][   T10] device veth1_macvtap left promiscuous mode
[   72.642694][   T10] device veth0_vlan left promiscuous mode
[   72.736012][ T3873] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1534'.
[   72.901833][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   72.912994][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   72.922114][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.930667][  T534] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.937551][  T534] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.962746][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.986508][  T534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.032450][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.051408][ T3900] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1545'.
[   73.069241][ T3835] device veth0_vlan entered promiscuous mode
[   73.077131][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.102531][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.123876][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.146850][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.156142][ T3835] device veth1_macvtap entered promiscuous mode
[   73.173087][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   73.195722][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.247290][  T418] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.261835][  T418] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.376042][ T3931] 9pnet: p9_errstr2errno: server reported unknown error �@íÎÿ0x0000000000000004
[   73.452901][ T3940] loop8: detected capacity change from 0 to 128
[   73.560938][ T3957] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1569'.
[   73.604099][ T3963] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   73.614177][ T3963] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev tmpfs, type tmpfs) errno=-22
[   73.724322][ T3973] loop6: detected capacity change from 0 to 512
[   73.788749][ T3973] EXT4-fs (loop6): 1 orphan inode deleted
[   73.794628][ T3973] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   73.803387][  T300] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   73.806715][ T3973] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.812776][   T26] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   73.871103][ T3993] loop6: detected capacity change from 0 to 512
[   73.889691][ T3997] syz.8.1588[3997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.889765][ T3997] syz.8.1588[3997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.914282][ T4000] xt_hashlimit: max too large, truncated to 1048576
[   73.925173][ T3993] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   73.948994][ T3993] EXT4-fs (loop6): 1 truncate cleaned up
[   73.954481][ T3993] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,block_validity,quota,. Quota mode: writeback.
[   74.074160][   T39] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   74.230842][ T4043] loop8: detected capacity change from 0 to 512
[   74.264488][ T4043] EXT4-fs error (device loop8): ext4_orphan_get:1401: inode #15: comm syz.8.1609: casefold flag without casefold feature
[   74.277227][ T4043] EXT4-fs error (device loop8): ext4_orphan_get:1406: comm syz.8.1609: couldn't read orphan inode 15 (err -117)
[   74.289237][  T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.300118][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.303731][ T4043] EXT4-fs (loop8): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[   74.313083][  T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.333249][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.342903][   T26] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[   74.351797][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.359660][  T300] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   74.372589][  T300] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   74.381737][   T26] usb 3-1: config 0 descriptor??
[   74.386581][  T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.411364][  T300] usb 1-1: config 0 descriptor??
[   74.486216][   T39] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   74.495701][   T39] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   74.507803][   T39] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   74.617068][ T4058] loop8: detected capacity change from 0 to 40427
[   74.726145][ T4058] F2FS-fs (loop8): invalid crc value
[   74.733016][ T4058] F2FS-fs (loop8): Found nat_bits in checkpoint
[   74.745911][   T39] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   74.770084][   T39] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.778227][   T39] usb 8-1: Product: syz
[   74.780625][ T4058] F2FS-fs (loop8): Start checkpoint disabled!
[   74.788857][   T39] usb 8-1: Manufacturer: syz
[   74.792989][ T4058] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   74.800602][   T39] usb 8-1: SerialNumber: syz
[   74.869642][ T4080] loop6: detected capacity change from 0 to 256
[   74.898809][   T26] playstation 0003:054C:0DF2.000B: item fetching failed at offset 1/5
[   74.900441][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   74.907253][   T26] playstation 0003:054C:0DF2.000B: Parse failed
[   74.920052][   T26] playstation: probe of 0003:054C:0DF2.000B failed with error -22
[   74.932379][   T10] attempt to access beyond end of device
[   74.932379][   T10] loop8: rw=2049, want=40968, limit=40427
[   74.944527][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   74.952021][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   74.958753][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   74.966248][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   74.972945][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   74.980409][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   74.987937][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   74.994621][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   75.002335][ T4082] FAT-fs (loop6): Directory bread(block 1285) failed
[   75.009558][  T300] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[   75.009900][ T4082] FAT-fs (loop6): Directory bread(block 1285) failed
[   75.017366][  T300] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[   75.023363][ T4082] FAT-fs (loop6): Directory bread(block 1285) failed
[   75.034742][  T300] plantronics 0003:047F:FFFF.000C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   75.040836][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   75.056374][ T4080] FAT-fs (loop6): FAT read failed (blocknr 1281)
[   75.073852][ T4080] FAT-fs (loop6): Directory bread(block 1285) failed
[   75.093150][   T39] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   75.127757][  T976] usb 3-1: USB disconnect, device number 7
[   75.167180][ T4091] loop6: detected capacity change from 0 to 256
[   75.211594][ T4091] FAT-fs (loop6): Directory bread(block 64) failed
[   75.218315][ T4091] FAT-fs (loop6): Directory bread(block 65) failed
[   75.225319][ T4091] FAT-fs (loop6): Directory bread(block 66) failed
[   75.231691][ T4091] FAT-fs (loop6): Directory bread(block 67) failed
[   75.238219][ T4091] FAT-fs (loop6): Directory bread(block 68) failed
[   75.244769][ T4091] FAT-fs (loop6): Directory bread(block 69) failed
[   75.251286][ T4091] FAT-fs (loop6): Directory bread(block 70) failed
[   75.258511][   T39] usb 1-1: USB disconnect, device number 6
[   75.264874][ T4091] FAT-fs (loop6): Directory bread(block 71) failed
[   75.273447][ T4091] FAT-fs (loop6): Directory bread(block 72) failed
[   75.280122][ T4091] FAT-fs (loop6): Directory bread(block 73) failed
[   75.298879][ T4091] attempt to access beyond end of device
[   75.298879][ T4091] loop6: rw=2049, want=1360, limit=256
[   75.311857][ T4091] attempt to access beyond end of device
[   75.311857][ T4091] loop6: rw=0, want=1352, limit=256
[   75.313711][  T300] usb 8-1: USB disconnect, device number 2
[   75.340193][  T300] usblp0: removed
[   75.360095][ T4105] loop8: detected capacity change from 0 to 512
[   75.428755][ T4105] EXT4-fs (loop8): Ignoring removed orlov option
[   75.442038][ T4105] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   75.455349][ T4105] EXT4-fs error (device loop8): ext4_orphan_get:1401: inode #15: comm syz.8.1635: casefold flag without casefold feature
[   75.468101][ T4105] EXT4-fs (loop8): Remounting filesystem read-only
[   75.474521][ T4105] EXT4-fs error (device loop8): ext4_orphan_get:1406: comm syz.8.1635: couldn't read orphan inode 15 (err -117)
[   75.486438][ T4105] EXT4-fs (loop8): Remounting filesystem read-only
[   75.492775][ T4105] EXT4-fs (loop8): mounted filesystem without journal. Opts: orlov,nodelalloc,errors=remount-ro,grpquota,auto_da_alloc,dioread_nolock,quota,. Quota mode: writeback.
[   75.599937][ T4112] loop8: detected capacity change from 0 to 8192
[   75.655890][    T6] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   75.704476][   T30] kauditd_printk_skb: 150 callbacks suppressed
[   75.704495][   T30] audit: type=1326 audit(2000000007.024:5749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.2.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   75.734281][   T30] audit: type=1326 audit(2000000007.024:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.2.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   75.757736][   T30] audit: type=1326 audit(2000000007.024:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.2.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   75.781190][   T30] audit: type=1326 audit(2000000007.024:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.2.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   75.810518][ T4118] netlink: 'syz.2.1640': attribute type 280 has an invalid length.
[   75.838716][   T30] audit: type=1326 audit(2000000007.024:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4113 comm="syz.2.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1300b169 code=0x7ffc0000
[   75.873769][ T4123] tmpfs: Unknown parameter 'm'
[   75.879995][   T30] audit: type=1326 audit(2000000007.180:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4122 comm="syz.2.1644" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9b1300b169 code=0x0
[   75.926806][    T6] usb 7-1: Using ep0 maxpacket: 16
[   75.939320][   T30] audit: type=1400 audit(2000000007.245:5755): avc:  denied  { ioctl } for  pid=4128 comm="syz.7.1646" path="socket:[31558]" dev="sockfs" ino=31558 ioctlcmd=0x48cb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   75.981694][ T4136] device veth1_macvtap left promiscuous mode
[   75.987594][ T4136] device macsec0 entered promiscuous mode
[   76.050756][   T30] audit: type=1326 audit(2000000007.347:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.8.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   76.074341][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.091113][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   76.110206][    T6] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[   76.119131][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.127024][   T30] audit: type=1326 audit(2000000007.384:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.8.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   76.150685][    T6] usb 7-1: config 0 descriptor??
[   76.156145][   T30] audit: type=1326 audit(2000000007.384:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.8.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   76.675248][    T6] appleir 0003:05AC:8241.000D: unknown main item tag 0x0
[   76.682342][    T6] appleir 0003:05AC:8241.000D: No inputs registered, leaving
[   76.692200][    T6] appleir 0003:05AC:8241.000D: hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.6-1/input0
[   76.710162][ T4178] syz.0.1666[4178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.710242][ T4178] syz.0.1666[4178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.790326][ T4185] loop2: detected capacity change from 0 to 128
[   76.833948][ T4185] attempt to access beyond end of device
[   76.833948][ T4185] loop2: rw=1, want=222, limit=128
[   76.919067][ T4198] loop2: detected capacity change from 0 to 256
[   76.968563][   T39] usb 7-1: USB disconnect, device number 6
[   77.022330][ T4202] loop2: detected capacity change from 0 to 512
[   77.076537][ T4202] EXT4-fs (loop2): too many log groups per flexible block group
[   77.084121][ T4202] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   77.090692][ T4202] EXT4-fs (loop2): mount failed
[   77.169622][ T4206] capability: warning: `syz.2.1678' uses 32-bit capabilities (legacy support in use)
[   77.246166][ T4215] loop2: detected capacity change from 0 to 512
[   77.324763][ T4215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   77.336426][ T4215] EXT4-fs (loop2): 1 orphan inode deleted
[   77.341987][ T4215] EXT4-fs (loop2): 1 truncate cleaned up
[   77.347602][ T4215] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[   77.377893][ T4215] EXT4-fs error (device loop2): ext4_search_dir:1549: inode #12: block 7: comm syz.2.1682: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0
[   77.396929][ T4215] EXT4-fs (loop2): Remounting filesystem read-only
[   77.403971][ T4215] EXT4-fs error (device loop2): empty_inline_dir:1869: inode #12: block 7: comm syz.2.1682: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0
[   77.422807][ T4215] EXT4-fs (loop2): Remounting filesystem read-only
[   77.429195][ T4215] EXT4-fs warning (device loop2): empty_inline_dir:1876: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60
[   77.467022][ T4222] xt_hashlimit: max too large, truncated to 1048576
[   77.500323][ T4226] loop2: detected capacity change from 0 to 2048
[   77.509071][ T4228] syz.8.1688[4228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.509149][ T4228] syz.8.1688[4228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.596917][ T4226] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   77.850601][ T4256] input: syz0 as /devices/virtual/input/input9
[   78.104063][ T4285] loop6: detected capacity change from 0 to 1024
[   78.146821][ T4285] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   78.169478][  T619] Bluetooth: hci0: command 0x1003 tx timeout
[   78.175576][ T4134] Bluetooth: hci0: sending frame failed (-49)
[   78.203228][ T4285] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,noinit_itable,,errors=continue. Quota mode: none.
[   78.323852][ T4285] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   78.355038][ T4285] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[   78.368733][ T4285] EXT4-fs (loop6): This should not happen!! Data will be lost
[   78.368733][ T4285] 
[   78.386098][ T4285] EXT4-fs (loop6): Total free blocks count 0
[   78.391925][ T4285] EXT4-fs (loop6): Free/Dirty block details
[   78.407787][ T4285] EXT4-fs (loop6): free_blocks=20480
[   78.412926][ T4285] EXT4-fs (loop6): dirty_blocks=64
[   78.421055][ T4285] EXT4-fs (loop6): Block reservation details
[   78.426875][ T4285] EXT4-fs (loop6): i_reserved_data_blocks=4
[   78.435745][ T4302] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1719'.
[   78.452440][ T4285] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 2 with error 28
[   78.464675][ T4285] EXT4-fs (loop6): This should not happen!! Data will be lost
[   78.464675][ T4285] 
[   78.785172][ T4342] loop6: detected capacity change from 0 to 512
[   78.856687][ T4355] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[   78.866234][ T4355] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[   78.906154][ T4342] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[   78.923677][ T4342] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.954651][ T4367] binfmt_misc: register: failed to install interpreter file ./file0/../file0
[   79.004572][ T4370] loop2: detected capacity change from 0 to 128
[   79.056891][ T4370] EXT4-fs (loop2): Ignoring removed nobh option
[   79.080445][ T4370] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,abort,,errors=continue. Quota mode: none.
[   79.117043][ T4370] ext4 filesystem being mounted at /302/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   79.212313][ T4385] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1757'.
[   79.284622][ T4393] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1762'.
[   79.321398][ T4396] loop8: detected capacity change from 0 to 2048
[   79.340870][ T4396]  loop8: p1 < > p4
[   79.346599][ T4396] loop8: p4 size 8388608 extends beyond EOD, truncated
[   79.356149][  T101]  loop8: p1 < > p4
[   79.360320][  T101] loop8: p4 size 8388608 extends beyond EOD, truncated
[   79.430280][ T4407] device batadv_slave_1 entered promiscuous mode
[   79.442167][ T4406] device batadv_slave_1 left promiscuous mode
[   79.505868][ T4414] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1771'.
[   79.554495][ T1009] udevd[1009]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[   79.566667][ T2309] udevd[2309]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[   79.584473][ T2309] udevd[2309]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[   79.596244][ T1009] udevd[1009]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[   79.690745][ T4426] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1774'.
[   79.703747][ T4426] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1774'.
[   79.738162][ T4432] 9pnet_virtio: no channels available for device syz
[   80.024048][ T4445] input: syz1 as /devices/virtual/input/input10
[   80.094947][ T4449] loop2: detected capacity change from 0 to 256
[   80.112883][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.134383][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.140956][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.148070][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.156913][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.170275][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.178293][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.187728][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.196230][ T4449] FAT-fs (loop2): FAT read failed (blocknr 1281)
[   80.204120][ T4449] FAT-fs (loop2): Directory bread(block 1285) failed
[   80.292444][ T4462] syz.2.1790[4462] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.292533][ T4462] syz.2.1790[4462] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.412087][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[   80.430109][ T4482] xt_hashlimit: size too large, truncated to 1048576
[   80.433032][ T4134] Bluetooth: hci0: sending frame failed (-49)
[   80.773958][ T4522] loop2: detected capacity change from 0 to 512
[   80.848260][ T4522] EXT4-fs (loop2): 1 truncate cleaned up
[   80.854032][ T4522] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,grpquota,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,nolazytime,discard,grpjquota=,errors=remount-ro,nobarrier,. Quota mode: writeback.
[   80.900952][ T4535] tipc: Enabling <eth:lo> not permitted
[   80.906437][ T4535] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[   80.931509][ T4537] loop2: detected capacity change from 0 to 256
[   80.965309][ T4537] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[   81.163357][ T4566] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1840'.
[   81.179044][   T30] kauditd_printk_skb: 129 callbacks suppressed
[   81.179061][   T30] audit: type=1326 audit(2000000012.072:5888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.208576][   T30] audit: type=1326 audit(2000000012.072:5889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.232479][   T30] audit: type=1326 audit(2000000012.082:5890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.256370][   T30] audit: type=1326 audit(2000000012.082:5891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.288556][   T30] audit: type=1326 audit(2000000012.082:5892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4567 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.313372][   T30] audit: type=1326 audit(2000000012.174:5893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4569 comm="syz.0.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.354222][   T30] audit: type=1326 audit(2000000012.202:5894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4569 comm="syz.0.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.377846][   T30] audit: type=1326 audit(2000000012.220:5895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4569 comm="syz.0.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.401360][   T30] audit: type=1326 audit(2000000012.220:5896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4569 comm="syz.0.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.425533][   T30] audit: type=1326 audit(2000000012.220:5897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4569 comm="syz.0.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[   81.539590][ T4592] xt_hashlimit: max too large, truncated to 1048576
[   81.540202][ T4590] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1851'.
[   81.562679][ T4590] tipc: Invalid UDP bearer configuration
[   81.562708][ T4590] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   81.648628][ T4604] sit: Src spoofed 1.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[   82.315202][ T4673] loop2: detected capacity change from 0 to 128
[   82.361573][ T4673] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[   82.376321][   T39] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   82.384222][ T4673] ext4 filesystem being mounted at /350/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.447382][ T4673] overlayfs: upper fs needs to support d_type.
[   82.495840][  T291] ------------[ cut here ]------------
[   82.505169][  T291] WARNING: CPU: 0 PID: 291 at fs/overlayfs/util.c:473 ovl_dir_modified+0x1a5/0x1e0
[   82.514641][  T291] Modules linked in:
[   82.518428][  T291] CPU: 1 PID: 291 Comm: syz-executor Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[   82.528677][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.539005][  T291] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   82.544601][  T291] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 b2 70 9f ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 7b 05 5d ff <0f> 0b e9 06 ff ff ff e8 6f 05 5d ff 0f 0b e9 3d ff ff ff 44 89 e1
[   82.564454][  T291] RSP: 0018:ffffc900009d7b60 EFLAGS: 00010293
[   82.570893][  T291] RAX: ffffffff82136735 RBX: 0000000000000000 RCX: ffff88810b220000
[   82.578816][  T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   82.586971][  T291] RBP: ffffc900009d7b90 R08: ffffffff82136634 R09: ffffed1025053b76
[   82.595092][  T291] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888130e76bb0
[   82.603974][  T291] R13: ffff888130e76be0 R14: 1ffff110261ced7c R15: ffff88812829db08
[   82.619295][  T291] FS:  00005555697bd500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   82.628420][  T291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   82.640334][ T4685] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1895'.
[   82.649350][  T291] CR2: 00002000000000c0 CR3: 0000000121928000 CR4: 00000000003506a0
[   82.658039][  T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   82.667490][  T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   82.675560][ T4685] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   82.676607][  T619] Bluetooth: hci0: command 0x1009 tx timeout
[   82.690682][  T291] Call Trace:
[   82.690692][  T291]  <TASK>
[   82.690713][  T291]  ? show_regs+0x58/0x60
[   82.690741][  T291]  ? __warn+0x160/0x2f0
[   82.711640][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   82.723557][  T291]  ? report_bug+0x3d9/0x5b0
[   82.727915][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   82.733143][  T291]  ? handle_bug+0x41/0x70
[   82.737302][  T291]  ? exc_invalid_op+0x1b/0x50
[   82.742356][  T291]  ? asm_exc_invalid_op+0x1b/0x20
[   82.747320][  T291]  ? ovl_dir_modified+0xa4/0x1e0
[   82.752777][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   82.757636][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   82.763384][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.780222][  T291]  ovl_do_remove+0x64c/0xa30
[   82.784673][  T291]  ? ovl_set_redirect+0x690/0x690
[   82.789969][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.804454][  T291]  ? selinux_inode_rmdir+0x22/0x30
[   82.809700][   T39] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   82.822738][  T291]  ovl_rmdir+0x1a/0x20
[   82.828930][  T291]  vfs_rmdir+0x324/0x470
[   82.833036][  T291]  incfs_kill_sb+0x113/0x230
[   82.838003][  T291]  deactivate_locked_super+0xad/0x110
[   82.843746][   T39] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   82.862573][  T291]  deactivate_super+0xbe/0xf0
[   82.869758][  T291]  cleanup_mnt+0x45c/0x510
[   82.874722][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.882933][  T291]  __cleanup_mnt+0x19/0x20
[   82.887239][  T291]  task_work_run+0x129/0x190
[   82.891613][  T291]  exit_to_user_mode_loop+0xc4/0xe0
[   82.904668][   T39] usb 1-1: config 0 descriptor??
[   82.910931][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   82.916320][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   82.921631][  T291]  do_syscall_64+0x47/0xb0
[   82.947308][  T291]  ? clear_bhb_loop+0x35/0x90
[   82.951893][  T291]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   82.957737][  T291] RIP: 0033:0x7f9b1300c497
[   82.966950][  T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   82.986748][  T291] RSP: 002b:00007ffe288cd9e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   82.999040][  T291] RAX: 0000000000000000 RBX: 00007f9b1308c08c RCX: 00007f9b1300c497
[   83.007286][  T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe288cdaa0
[   83.015861][  T291] RBP: 00007ffe288cdaa0 R08: 0000000000000000 R09: 0000000000000000
[   83.023958][  T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe288ceb90
[   83.031858][  T291] R13: 00007f9b1308c08c R14: 0000000000013c94 R15: 00007ffe288cfc60
[   83.044687][  T291]  </TASK>
[   83.048323][  T291] ---[ end trace e41d2f6a5b8f3e48 ]---
[   83.055682][  T291] ------------[ cut here ]------------
[   83.060961][  T291] WARNING: CPU: 0 PID: 291 at fs/overlayfs/util.c:473 ovl_dir_modified+0x1a5/0x1e0
[   83.070881][  T291] Modules linked in:
[   83.072185][ T4703] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[   83.074604][  T291] CPU: 0 PID: 291 Comm: syz-executor Tainted: G        W         5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[   83.095294][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   83.105740][  T291] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   83.113752][ T4703] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[   83.129122][  T291] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 b2 70 9f ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 7b 05 5d ff <0f> 0b e9 06 ff ff ff e8 6f 05 5d ff 0f 0b e9 3d ff ff ff 44 89 e1
[   83.151853][  T291] RSP: 0018:ffffc900009d7b60 EFLAGS: 00010293
[   83.158117][  T291] RAX: ffffffff82136735 RBX: 0000000000000000 RCX: ffff88810b220000
[   83.166464][  T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   83.174491][  T291] RBP: ffffc900009d7b90 R08: ffffffff82136634 R09: ffffed1025053b76
[   83.189926][  T291] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888130e76bb0
[   83.197940][  T291] R13: ffff888130e76be0 R14: 1ffff110261ced7c R15: ffff88812829db08
[   83.205922][  T291] FS:  00005555697bd500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   83.215003][  T291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   83.221559][  T291] CR2: 00007f2036b7bf98 CR3: 0000000121928000 CR4: 00000000003506a0
[   83.234665][  T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   83.242591][  T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   83.250309][  T291] Call Trace:
[   83.253605][  T291]  <TASK>
[   83.256356][  T291]  ? show_regs+0x58/0x60
[   83.260435][  T291]  ? __warn+0x160/0x2f0
[   83.264537][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   83.276951][  T291]  ? report_bug+0x3d9/0x5b0
[   83.281335][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   83.289813][  T291]  ? handle_bug+0x41/0x70
[   83.294276][  T291]  ? exc_invalid_op+0x1b/0x50
[   83.299214][  T291]  ? asm_exc_invalid_op+0x1b/0x20
[   83.304079][  T291]  ? ovl_dir_modified+0xa4/0x1e0
[   83.309164][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   83.314109][  T291]  ? ovl_dir_modified+0x1a5/0x1e0
[   83.319187][  T291]  ovl_do_remove+0x64c/0xa30
[   83.323606][  T291]  ? ovl_set_redirect+0x690/0x690
[   83.338155][  T291]  ? selinux_inode_rmdir+0x22/0x30
[   83.344831][  T291]  ovl_rmdir+0x1a/0x20
[   83.349263][  T291]  vfs_rmdir+0x324/0x470
[   83.353421][  T291]  incfs_kill_sb+0x1b4/0x230
[   83.357780][  T291]  deactivate_locked_super+0xad/0x110
[   83.363527][  T291]  deactivate_super+0xbe/0xf0
[   83.368045][  T291]  cleanup_mnt+0x45c/0x510
[   83.372631][  T291]  __cleanup_mnt+0x19/0x20
[   83.376891][  T291]  task_work_run+0x129/0x190
[   83.381434][  T291]  exit_to_user_mode_loop+0xc4/0xe0
[   83.386749][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   83.393834][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   83.399297][  T291]  do_syscall_64+0x47/0xb0
[   83.403603][  T291]  ? clear_bhb_loop+0x35/0x90
[   83.408110][  T291]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   83.417462][  T291] RIP: 0033:0x7f9b1300c497
[   83.421764][  T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   83.441685][  T291] RSP: 002b:00007ffe288cd9e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   83.442388][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.450301][  T291] RAX: 0000000000000000 RBX: 00007f9b1308c08c RCX: 00007f9b1300c497
[   83.465368][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.471023][  T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe288cdaa0
[   83.484931][  T291] RBP: 00007ffe288cdaa0 R08: 0000000000000000 R09: 0000000000000000
[   83.491138][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.493636][  T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe288ceb90
[   83.508263][  T291] R13: 00007f9b1308c08c R14: 0000000000013c94 R15: 00007ffe288cfc60
[   83.508296][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.516479][  T291]  </TASK>
[   83.526572][  T291] ---[ end trace e41d2f6a5b8f3e49 ]---
[   83.527476][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.540500][   T39] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   83.553845][   T39] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[   83.563136][   T39] plantronics 0003:047F:FFFF.000E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   83.728220][  T300] usb 1-1: USB disconnect, device number 7
[   83.805442][ T4762] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   83.885899][ T4773] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1935'.
[   83.895200][ T4773] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1935'.
[   83.998258][   T39] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   84.055975][ T4786] loop8: detected capacity change from 0 to 512
[   84.143066][ T4786] EXT4-fs (loop8): 1 truncate cleaned up
[   84.148581][ T4786] EXT4-fs (loop8): mounted filesystem without journal. Opts: prjquota,grpquota,debug_want_extra_isize=0x000000000000005c,sysvgroups,nodiscard,errors=continue,noquota,,errors=continue. Quota mode: none.
[   84.226140][ T4791] loop8: detected capacity change from 0 to 16
[   84.295145][ T4791] erofs: (device loop8): mounted with root inode @ nid 36.
[   84.314165][ T4791] attempt to access beyond end of device
[   84.314165][ T4791] loop8: rw=0, want=14546590696, limit=16
[   84.326860][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 40 @ nid 36
[   84.336226][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 39 @ nid 36
[   84.346053][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 35 @ nid 36
[   84.355023][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 34 @ nid 36
[   84.364360][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 27 @ nid 36
[   84.374004][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 26 @ nid 36
[   84.383721][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 25 @ nid 36
[   84.392698][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.393228][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 21 @ nid 36
[   84.412424][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.414164][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 20 @ nid 36
[   84.431119][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 18 @ nid 36
[   84.440344][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 10 @ nid 36
[   84.442515][   T39] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   84.451822][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 4 @ nid 36
[   84.470966][   T39] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   84.475588][ T4791] erofs: (device loop8): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36
[   84.480327][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.490204][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 0 @ nid 36
[   84.498844][   T39] usb 7-1: config 0 descriptor??
[   84.514337][ T4791] attempt to access beyond end of device
[   84.514337][ T4791] loop8: rw=524288, want=312, limit=16
[   84.525234][ T4791] attempt to access beyond end of device
[   84.525234][ T4791] loop8: rw=524288, want=1049280, limit=16
[   84.536820][ T4791] attempt to access beyond end of device
[   84.536820][ T4791] loop8: rw=524288, want=6536, limit=16
[   84.547869][ T4791] attempt to access beyond end of device
[   84.547869][ T4791] loop8: rw=524288, want=34359736344, limit=16
[   84.560627][ T4791] attempt to access beyond end of device
[   84.560627][ T4791] loop8: rw=524288, want=736, limit=16
[   84.575789][ T4791] attempt to access beyond end of device
[   84.575789][ T4791] loop8: rw=524288, want=536576872, limit=16
[   84.588035][ T4791] attempt to access beyond end of device
[   84.588035][ T4791] loop8: rw=524288, want=13478624040, limit=16
[   84.599956][ T4791] attempt to access beyond end of device
[   84.599956][ T4791] loop8: rw=524288, want=13716630384, limit=16
[   84.611883][ T4791] attempt to access beyond end of device
[   84.611883][ T4791] loop8: rw=524288, want=133693456, limit=16
[   84.624779][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 84 @ nid 36
[   84.633928][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 81 @ nid 36
[   84.643282][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 80 @ nid 36
[   84.652535][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 78 @ nid 36
[   84.661995][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 77 @ nid 36
[   84.670996][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 76 @ nid 36
[   84.680044][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 74 @ nid 36
[   84.689335][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 73 @ nid 36
[   84.698394][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 72 @ nid 36
[   84.707440][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 66 @ nid 36
[   84.716448][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 64 @ nid 36
[   84.725721][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 63 @ nid 36
[   84.734663][ T4791] erofs: (device loop8): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   84.743813][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 62 @ nid 36
[   84.767530][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 58 @ nid 36
[   84.778008][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 57 @ nid 36
[   84.787072][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 54 @ nid 36
[   84.796136][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 53 @ nid 36
[   84.805892][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 52 @ nid 36
[   84.815756][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 51 @ nid 36
[   84.825137][ T4791] erofs: (device loop8): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   84.836319][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 50 @ nid 36
[   84.845370][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 47 @ nid 36
[   84.854592][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 46 @ nid 36
[   84.863452][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 45 @ nid 36
[   84.884285][ T4791] erofs: (device loop8): z_erofs_readahead: readahead error at page 44 @ nid 36
[   85.029525][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.042620][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.063322][ T4832] loop2: detected capacity change from 0 to 512
[   85.073500][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.081374][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.089495][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.097077][   T39] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[   85.100753][ T4832] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   85.105182][   T39] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[   85.116822][ T4832] EXT4-fs (loop2): 1 truncate cleaned up
[   85.124819][   T39] plantronics 0003:047F:FFFF.000F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[   85.127382][ T4832] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=ignore,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   85.259354][ T4847] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1966'.
[   85.299729][ T4853] loop8: detected capacity change from 0 to 2048
[   85.330007][ T4859] syz.0.1971[4859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.330084][ T4859] syz.0.1971[4859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.355270][ T4853] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   85.377319][ T4853] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.398985][ T4865] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4865 comm=syz.2.1974
[   85.411732][ T4865] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4865 comm=syz.2.1974
[   85.611037][ T4885] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.618088][ T4885] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.666700][  T619] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   85.903508][ T4921] SELinux:  Context @ is not valid (left unmapped).
[   85.926720][  T619] usb 1-1: Using ep0 maxpacket: 32
[   85.932081][ T4924] loop8: detected capacity change from 0 to 512
[   85.986186][ T4924] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   85.998761][ T4924] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.089338][  T619] usb 1-1: config 0 has no interfaces?
[   86.172612][ T4934] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2005'.
[   86.201261][ T4936] loop8: detected capacity change from 0 to 128
[   86.270704][ T4936] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   86.281348][ T4936] ext4 filesystem being mounted at /157/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   86.297992][  T619] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=21.78
[   86.312350][ T4936] syz.8.2006 (pid 4936) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   86.333211][  T619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.351174][  T619] usb 1-1: Product: syz
[   86.355259][  T619] usb 1-1: Manufacturer: syz
[   86.359639][  T619] usb 1-1: SerialNumber: syz
[   86.368598][  T619] usb 1-1: config 0 descriptor??
[   86.633902][  T976] usb 1-1: USB disconnect, device number 8
[   86.946094][ T4966] device wireguard0 entered promiscuous mode
[   87.032769][   T30] kauditd_printk_skb: 146 callbacks suppressed
[   87.032786][   T30] audit: type=1326 audit(2000000017.481:6044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4975 comm="syz.7.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44c643169 code=0x7ffc0000
[   87.062391][   T30] audit: type=1326 audit(2000000017.481:6045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4975 comm="syz.7.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44c643169 code=0x7ffc0000
[   87.102952][   T30] audit: type=1326 audit(2000000017.481:6046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4975 comm="syz.7.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fa44c643169 code=0x7ffc0000
[   87.127548][   T30] audit: type=1326 audit(2000000017.481:6047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4975 comm="syz.7.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44c643169 code=0x7ffc0000
[   87.152653][   T30] audit: type=1326 audit(2000000017.481:6048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4975 comm="syz.7.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44c643169 code=0x7ffc0000
[   87.176223][   T30] audit: type=1400 audit(2000000017.573:6049): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   87.212345][ T4982] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[   87.253637][ T4984] loop2: detected capacity change from 0 to 512
[   87.325102][ T4994] xt_hashlimit: max too large, truncated to 1048576
[   87.344925][   T30] audit: type=1400 audit(2000000017.767:6050): avc:  denied  { view } for  pid=4999 comm="syz.8.2032" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   87.365237][ T4984] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,inode_readahead_blks=0x0000000000000800,grpid,,errors=continue. Quota mode: writeback.
[   87.394294][ T4984] ext4 filesystem being mounted at /390/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   87.443876][  T300] usb 7-1: USB disconnect, device number 7
[   87.472199][ T5014] netlink: 'syz.0.2040': attribute type 3 has an invalid length.
[   87.481405][ T5007] loop2: detected capacity change from 0 to 512
[   87.518167][ T5020] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2044'.
[   87.593767][ T5007] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   87.613216][ T5007] EXT4-fs (loop2): invalid journal inode
[   87.619590][ T5007] EXT4-fs (loop2): can't get journal size
[   87.626663][ T5007] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002]
[   87.635958][ T5007] System zones: 1-12, 13-13
[   87.641796][ T5007] EXT4-fs (loop2): 1 truncate cleaned up
[   87.647282][ T5007] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,grpquota,debug,discard,,errors=continue. Quota mode: writeback.
[   87.792252][ T5055] device wireguard0 entered promiscuous mode
[   87.846145][ T5060] incfs: Error accessing: ./bus.
[   87.851040][ T5060] incfs: mount failed -2
[   87.996076][  T619] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   88.015887][ T5079] xt_hashlimit: max too large, truncated to 1048576
[   88.046229][   T30] audit: type=1400 audit(2000000018.413:6051): avc:  denied  { getattr } for  pid=5088 comm="syz.7.2074" name="/" dev="incremental-fs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   88.069762][   T30] audit: type=1400 audit(2000000018.413:6052): avc:  denied  { remount } for  pid=5088 comm="syz.7.2074" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   88.142121][ T5098] syz.6.2076[5098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.142200][ T5098] syz.6.2076[5098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.158626][   T30] audit: type=1400 audit(2000000018.515:6053): avc:  denied  { mount } for  pid=5095 comm="syz.2.2078" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   88.245864][ T5111] syz.2.2084[5111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.245945][ T5111] syz.2.2084[5111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   88.299752][  T619] usb 9-1: Using ep0 maxpacket: 32
[   88.462056][  T619] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.481605][  T619] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.646296][  T619] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   88.649127][ T5143] loop6: detected capacity change from 0 to 512
[   88.655199][  T619] usb 9-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   88.673301][ T5143] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   88.687804][ T5143] EXT4-fs (loop6): 1 truncate cleaned up
[   88.693724][ T5143] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[   88.700296][  T619] usb 9-1: Product: syz
[   88.754938][  T619] usb 9-1: Manufacturer: syz
[   88.798421][  T619] hub 9-1:4.0: USB hub found
[   89.036393][  T619] hub 9-1:4.0: 2 ports detected
[   89.109225][ T5163] loop6: detected capacity change from 0 to 8192
[   89.394531][  T619] hub 9-1:4.0: hub_hub_status failed (err = -71)
[   89.408797][  T619] hub 9-1:4.0: config failed, can't get hub status (err -71)
[   89.461177][  T619] usb 9-1: USB disconnect, device number 2
[   89.564605][ T5216] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22
[   89.573841][ T5216] SELinux: security_context_str_to_sid(root) failed for (dev incremental-fs, type incremental-fs) errno=-22
[   90.002059][ T5245] loop2: detected capacity change from 0 to 1024
[   90.037936][ T5245] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   90.065779][ T5245] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   90.095950][ T5245] EXT4-fs (loop2): invalid journal inode
[   90.130463][ T5245] EXT4-fs (loop2): can't get journal size
[   90.148327][ T5245] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #3: comm syz.2.2144: blocks 2-2 from inode overlap system zone
[   90.208248][ T5245] EXT4-fs (loop2): failed to initialize system zone (-117)
[   90.215330][ T5245] EXT4-fs (loop2): mount failed
[   90.319601][ T5267] loop7: detected capacity change from 0 to 512
[   90.358047][ T5267] EXT4-fs (loop7): Ignoring removed orlov option
[   90.381110][ T5267] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.2154: casefold flag without casefold feature
[   90.394402][ T5267] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.2154: couldn't read orphan inode 15 (err -117)
[   90.420190][ T5267] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpid,orlov,,errors=continue. Quota mode: writeback.
[   90.672125][  T490] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   90.697845][ T5285] netlink: 'syz.7.2161': attribute type 4 has an invalid length.
[   90.763308][ T5289] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2164'.
[   90.816859][ T5295] tipc: Started in network mode
[   90.822925][ T5295] tipc: Node identity 7f000001, cluster identity 4711
[   90.834490][ T5295] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   90.843890][ T5297] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2167'.
[   90.942969][  T490] usb 3-1: Using ep0 maxpacket: 32
[   91.091644][ T5311] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2174'.
[   91.100733][  T490] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.112081][  T490] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.192234][  T986] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   91.203165][  T976] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   91.268310][  T490] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   91.277257][  T490] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   91.285783][  T490] usb 3-1: Product: syz
[   91.289961][  T490] usb 3-1: Manufacturer: syz
[   91.344358][  T490] hub 3-1:4.0: USB hub found
[   91.452212][  T986] usb 8-1: Using ep0 maxpacket: 32
[   91.571396][  T490] hub 3-1:4.0: 2 ports detected
[   91.582639][  T986] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.597699][  T986] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.607707][  T986] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   91.616744][  T976] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   91.617225][  T986] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.633365][  T976] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[   91.639789][  T986] usb 8-1: config 0 descriptor??
[   91.659957][  T976] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   91.669067][  T976] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.677651][  T976] usb 7-1: config 0 descriptor??
[   91.723585][  T976] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[   91.896415][  T490] hub 3-1:4.0: hub_hub_status failed (err = -71)
[   91.902667][  T490] hub 3-1:4.0: config failed, can't get hub status (err -71)
[   91.940072][  T490] usb 3-1: USB disconnect, device number 8
[   91.944631][ T5307] UDC core: couldn't find an available UDC or it's busy: -16
[   91.953424][ T5307] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   91.994867][   T26] usb 7-1: USB disconnect, device number 8
[   92.169717][  T986] savu 0003:1E7D:2D5A.0010: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0
[   92.450101][ T5357] loop2: detected capacity change from 0 to 512
[   92.472526][  T490] usb 8-1: USB disconnect, device number 3
[   92.518669][ T5357] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   92.538009][ T5357] EXT4-fs (loop2): 1 orphan inode deleted
[   92.543583][ T5357] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,jqfmt=vfsv0,noblock_validity,resgid=0x0000000000000000,sysvgroups,usrquota,usrquota,. Quota mode: writeback.
[   92.575835][ T5357] ext4 filesystem being mounted at /417/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.667817][  T291] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 16
[   92.694012][  T291] EXT4-fs (loop2): Remounting filesystem read-only
[   92.701389][  T291] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 16
[   92.716746][   T30] kauditd_printk_skb: 56 callbacks suppressed
[   92.716762][   T30] audit: type=1326 audit(2000000022.724:6110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5369 comm="syz.6.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   92.720590][  T291] EXT4-fs (loop2): Remounting filesystem read-only
[   92.745914][   T30] audit: type=1326 audit(2000000022.733:6111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5369 comm="syz.6.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   92.775796][   T30] audit: type=1326 audit(2000000022.733:6112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5369 comm="syz.6.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   92.806782][   T30] audit: type=1326 audit(2000000022.733:6113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5369 comm="syz.6.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   92.841393][   T30] audit: type=1326 audit(2000000022.733:6114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5369 comm="syz.6.2197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2038512169 code=0x7ffc0000
[   92.877485][   T30] audit: type=1326 audit(2000000022.835:6115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5372 comm="syz.8.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   92.904424][   T30] audit: type=1326 audit(2000000022.835:6116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5372 comm="syz.8.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   92.929911][   T30] audit: type=1326 audit(2000000022.835:6117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5372 comm="syz.8.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   93.004261][   T30] audit: type=1326 audit(2000000022.835:6118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5372 comm="syz.8.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   93.088168][   T30] audit: type=1326 audit(2000000022.835:6119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5372 comm="syz.8.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa08e77a169 code=0x7ffc0000
[   93.237428][ T5381] loop8: detected capacity change from 0 to 40427
[   93.305931][ T5426] loop7: detected capacity change from 0 to 128
[   93.335379][ T5417] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.342912][ T5381] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[   93.350997][ T5381] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   93.367264][ T5417] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.400536][ T5417] device bridge_slave_0 entered promiscuous mode
[   93.421317][ T5417] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.436443][ T5417] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.462369][ T5417] device bridge_slave_1 entered promiscuous mode
[   93.518087][ T5381] F2FS-fs (loop8): invalid crc value
[   93.568055][ T5386] device bridge_slave_1 left promiscuous mode
[   93.575107][ T5386] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.600911][ T5386] device bridge_slave_0 left promiscuous mode
[   93.606898][ T5386] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.625675][ T5386] device veth0_vlan left promiscuous mode
[   93.634912][ T5381] F2FS-fs (loop8): Found nat_bits in checkpoint
[   93.786544][ T5381] F2FS-fs (loop8): Start checkpoint disabled!
[   93.804903][ T5381] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   93.811837][ T5381] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   93.913538][ T5501] xt_hashlimit: size too large, truncated to 1048576
[   93.976427][ T5417] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.983333][ T5417] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.990466][ T5417] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.997313][ T5417] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.074490][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.085508][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.103756][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.121864][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.146342][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.154741][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.161631][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.170596][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.179005][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.187527][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.194402][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.213476][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   94.221505][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.230514][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   94.239157][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.247108][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   94.256540][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.268336][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   94.276524][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.284797][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.293406][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.301862][ T5417] device veth0_vlan entered promiscuous mode
[   94.312708][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   94.321366][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.340853][ T5417] device veth1_macvtap entered promiscuous mode
[   94.371075][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   94.385198][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   94.403066][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.421175][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   94.429414][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.470999][ T5522] KVM: debugfs: duplicate directory 5522-4
[   95.076771][ T5530] loop6: detected capacity change from 0 to 40427
[   95.213985][ T5530] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[   95.214028][ T5548] loop9: detected capacity change from 0 to 40427
[   95.220785][ T5530] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   95.304679][ T5548] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[   95.311151][ T5530] F2FS-fs (loop6): invalid crc value
[   95.320846][ T5548] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[   95.335670][ T5530] F2FS-fs (loop6): Found nat_bits in checkpoint
[   95.348775][ T5548] F2FS-fs (loop9): invalid crc value
[   95.427715][ T5548] F2FS-fs (loop9): Found nat_bits in checkpoint
[   95.443479][ T5530] F2FS-fs (loop6): Start checkpoint disabled!
[   95.451029][ T5530] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   95.457888][ T5530] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   95.524420][ T5548] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[   95.531862][ T5548] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   95.636730][ T5388] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   95.650949][ T5388] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   95.653459][ T5666] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2249'.
[   95.693193][ T5654] loop7: detected capacity change from 0 to 40427
[   95.721180][ T5654] F2FS-fs (loop7): fault_injection options not supported
[   95.754408][ T5654] F2FS-fs (loop7): invalid crc value
[   95.789012][ T5654] F2FS-fs (loop7): Found nat_bits in checkpoint
[   95.915130][ T5654] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   96.014966][ T3751] handle_bad_sector: 18 callbacks suppressed
[   96.014986][ T3751] attempt to access beyond end of device
[   96.014986][ T3751] loop7: rw=2049, want=45112, limit=40427
[   96.153465][ T5677] loop8: detected capacity change from 0 to 40427
[   96.158297][ T5675] loop6: detected capacity change from 0 to 40427
[   96.222989][ T5675] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[   96.229829][ T5677] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[   96.243233][ T5675] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   96.251333][ T5677] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   96.268824][ T5675] F2FS-fs (loop6): invalid crc value
[   96.279868][ T5677] F2FS-fs (loop8): invalid crc value
[   96.302839][ T5677] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   96.313819][ T5675] F2FS-fs (loop6): Found nat_bits in checkpoint
[   96.335611][ T5677] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   96.367587][ T5712] x_tables: ip6_tables: CT target: only valid in raw table, not memory.swap.current
[   96.398257][ T5675] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   96.405376][ T5675] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   96.414764][ T5677] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   96.421643][ T5677] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   96.484280][  T965] attempt to access beyond end of device
[   96.484280][  T965] loop6: rw=2049, want=45104, limit=40427
[   96.803927][ T5726] loop9: detected capacity change from 0 to 40427
[   96.882206][ T5726] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504)
[   96.882442][ T5758] loop8: detected capacity change from 0 to 1024
[   96.889102][ T5726] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[   96.896093][ T5726] F2FS-fs (loop9): invalid crc value
[   96.934218][ T5726] F2FS-fs (loop9): Found nat_bits in checkpoint
[   96.977895][ T5758] EXT4-fs (loop8): filesystem is read-only
[   97.010601][ T5758] EXT4-fs (loop8): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[   97.022736][ T5758] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (50428!=20869)
[   97.032415][ T5758] EXT4-fs (loop8): Unsupported blocksize for fs-verity
[   97.033982][ T5726] F2FS-fs (loop9): Start checkpoint disabled!
[   97.064827][ T5726] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[   97.083589][ T5726] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[   97.153786][ T5580] attempt to access beyond end of device
[   97.153786][ T5580] loop9: rw=2049, want=41024, limit=40427
[   97.154909][ T5794] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2302'.
[   97.218616][ T5797] loop7: detected capacity change from 0 to 512
[   97.299434][ T5797] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2303: bg 0: block 248: padding at end of block bitmap is not set
[   97.323496][ T5797] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.2303: Failed to acquire dquot type 1
[   97.339953][ T5580] Bluetooth: hci0: Frame reassembly failed (-84)
[   97.354023][ T5797] EXT4-fs (loop7): 1 truncate cleaned up
[   97.359830][ T5797] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   97.371633][ T5797] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.392145][ T5797] syz.7.2303 (5797) used greatest stack depth: 19592 bytes left
[   97.401191][ T5442] EXT4-fs error (device loop7): ext4_release_dquot:6211: comm kworker/u4:56: Failed to release dquot type 1
[   97.464309][ T5826] loop7: detected capacity change from 0 to 128
[   97.860384][ T5942] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2327'.
[   98.232746][ T6124] loop6: detected capacity change from 0 to 128
[   98.255992][ T6124] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_lock,journal_ioprio=0x0000000000000003,,errors=continue. Quota mode: none.
[   98.277966][ T6124] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.353599][  T300] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   98.375341][   T26] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   98.379502][ T6164] loop6: detected capacity change from 0 to 256
[   98.400975][ T6164] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   98.411471][ T6164] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[   98.433283][ T6164] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   98.635333][   T26] usb 8-1: Using ep0 maxpacket: 16
[   98.676727][ T6182] loop9: detected capacity change from 0 to 40427
[   98.743720][  T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.754615][  T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.764080][  T300] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   98.773048][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.777587][ T6182] F2FS-fs (loop9): fault_injection options not supported
[   98.785525][  T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.792954][ T6182] F2FS-fs (loop9): invalid crc value
[   98.798738][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.812942][ T6182] F2FS-fs (loop9): Found nat_bits in checkpoint
[   98.813686][   T26] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[   98.832677][  T300] usb 1-1: config 0 descriptor??
[   98.837680][   T26] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   98.846607][   T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.860331][   T26] usb 8-1: config 0 descriptor??
[   98.866859][ T6182] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   98.927807][    T6] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[   99.005415][ T5417] attempt to access beyond end of device
[   99.005415][ T5417] loop9: rw=2049, want=45104, limit=40427
[   99.361332][    T6] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[   99.371445][    T6] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   99.380343][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.384205][   T26] kovaplus 0003:1E7D:2D50.0012: unknown main item tag 0x0
[   99.395386][   T26] kovaplus 0003:1E7D:2D50.0012: unknown main item tag 0x0
[   99.402337][   T26] kovaplus 0003:1E7D:2D50.0012: unknown main item tag 0x0
[   99.410365][   T26] kovaplus 0003:1E7D:2D50.0012: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.7-1/input0
[   99.427286][    T6] snd-usb-audio: probe of 7-1:27.0 failed with error -2
[   99.464351][ T6196] raw_sendmsg: syz.9.2350 forgot to set AF_INET. Fix it!
[   99.557652][ T6204] incfs: Error accessing: ./file0.
[   99.562623][ T6204] incfs: mount failed -20
[   99.567035][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[   99.573012][ T4134] Bluetooth: hci0: sending frame failed (-49)
[   99.588787][  T300] usb 1-1: string descriptor 0 read error: -22
[   99.644952][    T6] usb 7-1: USB disconnect, device number 9
[   99.690710][ T6216] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2360'.
[   99.725740][   T30] kauditd_printk_skb: 58 callbacks suppressed
[   99.725757][   T30] audit: type=1326 audit(2000000285.191:6175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.9.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[   99.755524][   T30] audit: type=1326 audit(2000000285.191:6176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.9.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[   99.779565][   T30] audit: type=1326 audit(2000000285.191:6177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.9.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[   99.803337][   T30] audit: type=1326 audit(2000000285.191:6178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.9.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[   99.826899][   T30] audit: type=1326 audit(2000000285.191:6179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.9.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[   99.829047][  T300] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0011/input/input14
[   99.867605][  T300] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0011/input/input15
[   99.882575][  T300] uclogic 0003:256C:006D.0011: input,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[  100.064193][   T39] usb 1-1: USB disconnect, device number 9
[  100.108839][   T26] kovaplus 0003:1E7D:2D50.0012: couldn't init struct kovaplus_device
[  100.130866][   T26] kovaplus 0003:1E7D:2D50.0012: couldn't install mouse
[  100.138475][   T26] kovaplus: probe of 0003:1E7D:2D50.0012 failed with error -71
[  100.147707][   T26] usb 8-1: USB disconnect, device number 4
[  100.168050][ T6238] loop9: detected capacity change from 0 to 40427
[  100.213721][ T6243] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2373'.
[  100.218416][ T6238] F2FS-fs (loop9): fault_injection options not supported
[  100.225396][ T6243] bridge0: port 1(bridge_slave_0) entered listening state
[  100.238110][ T6243] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.238480][ T6238] F2FS-fs (loop9): invalid crc value
[  100.255830][ T6238] F2FS-fs (loop9): Found nat_bits in checkpoint
[  100.303382][ T6238] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  100.357322][ T5417] attempt to access beyond end of device
[  100.357322][ T5417] loop9: rw=2049, want=45104, limit=40427
[  100.710157][ T6277] syz.0.2387[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.710248][ T6277] syz.0.2387[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.751429][ T6282] device pim6reg1 entered promiscuous mode
[  100.859991][ T6268] mmap: syz.9.2383 (6268) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  100.879669][ T6291] loop7: detected capacity change from 0 to 512
[  100.983181][ T6291] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 40 vs 41 free clusters
[  100.997869][ T6291] Quota error (device loop7): write_blk: dquota write failed
[  101.005176][ T6291] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota
[  101.025868][ T6291] EXT4-fs error (device loop7): ext4_acquire_dquot:6188: comm syz.7.2393: Failed to acquire dquot type 0
[  101.039352][ T6291] EXT4-fs (loop7): 1 truncate cleaned up
[  101.045141][ T6291] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  101.056153][ T6291] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.066988][ T6302] incfs: Options parsing error. -22
[  101.072513][ T6302] incfs: mount failed -22
[  101.140293][ T6308] loop7: detected capacity change from 0 to 1024
[  101.159517][ T6312] syz.9.2403[6312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.159884][ T6312] syz.9.2403[6312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.174942][ T6308] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  101.252298][   T30] audit: type=1326 audit(2000000286.603:6180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6320 comm="syz.0.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  101.289832][   T30] audit: type=1326 audit(2000000286.603:6181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6320 comm="syz.0.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  101.336720][   T30] audit: type=1326 audit(2000000286.631:6182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6320 comm="syz.0.2407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  101.435549][ T6339] device macsec0 entered promiscuous mode
[  101.441381][ T6339] device vlan2 entered promiscuous mode
[  101.538296][ T6354] loop9: detected capacity change from 0 to 256
[  101.624020][ T6370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2431'.
[  101.625776][ T6368] input: syz0 as /devices/virtual/input/input16
[  101.766518][ T6387] loop7: detected capacity change from 0 to 512
[  101.802815][ T6391] loop9: detected capacity change from 0 to 512
[  101.820559][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  101.826802][ T4133] Bluetooth: hci0: sending frame failed (-49)
[  101.838651][ T6387] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  101.866822][ T6391] fscrypt (loop9, inode 2): Error -61 getting encryption context
[  101.874505][ T6391] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -61
[  101.882922][ T6391] EXT4-fs error (device loop9): ext4_orphan_get:1401: inode #13: comm syz.9.2440: casefold flag without casefold feature
[  101.896205][ T6391] EXT4-fs error (device loop9): ext4_orphan_get:1406: comm syz.9.2440: couldn't read orphan inode 13 (err -117)
[  101.908902][ T6391] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsold,nouid32,noauto_da_alloc,stripe=0x0000000000000001,block_validity,grpjquota=",errors=continue. Quota mode: writeback.
[  101.946304][ T6391] fscrypt (loop9, inode 2): Error -61 getting encryption context
[  102.002483][ T6406] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2445'.
[  102.013064][ T6406] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  102.082402][ T6417] netlink: 'syz.9.2450': attribute type 3 has an invalid length.
[  102.090975][ T6417] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2450'.
[  102.211905][ T6431] netlink: 'syz.0.2457': attribute type 15 has an invalid length.
[  102.242062][ T6433] loop9: detected capacity change from 0 to 1024
[  102.286862][ T6419] loop7: detected capacity change from 0 to 40427
[  102.297273][ T6433] EXT4-fs (loop9): Ignoring removed nomblk_io_submit option
[  102.304446][ T6433] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  102.316849][ T6433] EXT4-fs (loop9): can't mount with journal_async_commit, fs mounted w/o journal
[  102.328593][ T6419] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  102.335630][ T6419] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  102.345181][ T6419] F2FS-fs (loop7): invalid crc value
[  102.352080][ T6419] F2FS-fs (loop7): Found nat_bits in checkpoint
[  102.401656][ T6419] F2FS-fs (loop7): Start checkpoint disabled!
[  102.408388][ T6419] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  102.415253][ T6419] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  102.492543][ T5636] attempt to access beyond end of device
[  102.492543][ T5636] loop7: rw=2049, want=41024, limit=40427
[  102.646328][ T6477] syz.7.2476[6477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.646410][ T6477] syz.7.2476[6477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.767890][ T6494] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6494 comm=syz.0.2484
[  102.791485][ T6494] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6494 comm=syz.0.2484
[  102.883404][ T6504] SELinux: security_context_str_to_sid(u) failed for (dev ?, type ?) errno=-22
[  102.892567][ T6504] SELinux: security_context_str_to_sid(u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  102.919388][ T6506] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  102.980023][  T300] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  103.004693][ T6516] incfs: Error accessing: ./file0.
[  103.009738][ T6516] incfs: mount failed -20
[  103.089168][ T6522] overlayfs: failed to resolve './file0': -2
[  103.172605][ T6531] netlink: 'syz.0.2502': attribute type 16 has an invalid length.
[  103.180383][ T6531] netlink: 'syz.0.2502': attribute type 17 has an invalid length.
[  103.190116][ T6531] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  103.239871][  T300] usb 10-1: Using ep0 maxpacket: 8
[  103.276617][ T6540] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  103.413315][  T300] usb 10-1: unable to get BOS descriptor or descriptor too short
[  103.499962][  T300] usb 10-1: config 1 interface 0 altsetting 89 bulk endpoint 0x82 has invalid maxpacket 64
[  103.509802][  T300] usb 10-1: config 1 interface 0 altsetting 89 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  103.522800][  T300] usb 10-1: config 1 interface 0 has no altsetting 0
[  103.781639][  T300] usb 10-1: string descriptor 0 read error: -22
[  103.787806][  T300] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  103.796733][  T300] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.824977][ T6481] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  104.064539][ T6481] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  104.085010][  T490] Bluetooth: hci0: command 0x1009 tx timeout
[  104.149587][ T6581] Invalid ELF header len 16
[  104.299354][  T490] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[  104.307198][  T490] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[  104.314795][  T490] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[  104.323409][  T490] hid-generic 0000:0004:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  104.323446][  T300] cdc_ether: probe of 10-1:1.0 failed with error -32
[  104.350975][  T300] usb 10-1: USB disconnect, device number 2
[  104.680798][   T26] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  104.885495][ T6638] loop9: detected capacity change from 0 to 256
[  104.963553][ T6638] FAT-fs (loop9): Directory bread(block 64) failed
[  104.969930][ T6638] FAT-fs (loop9): Directory bread(block 65) failed
[  104.976761][ T6638] FAT-fs (loop9): Directory bread(block 66) failed
[  104.983112][ T6638] FAT-fs (loop9): Directory bread(block 67) failed
[  104.989796][ T6638] FAT-fs (loop9): Directory bread(block 68) failed
[  104.996369][ T6638] FAT-fs (loop9): Directory bread(block 69) failed
[  105.002751][ T6638] FAT-fs (loop9): Directory bread(block 70) failed
[  105.009114][ T6638] FAT-fs (loop9): Directory bread(block 71) failed
[  105.015466][ T6638] FAT-fs (loop9): Directory bread(block 72) failed
[  105.021892][ T6638] FAT-fs (loop9): Directory bread(block 73) failed
[  105.070909][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.082020][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.091574][   T26] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  105.104612][   T26] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  105.113493][   T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.122302][   T26] usb 8-1: config 0 descriptor??
[  105.164360][   T30] kauditd_printk_skb: 233 callbacks suppressed
[  105.164375][   T30] audit: type=1107 audit(2000000290.212:6416): pid=6656 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='e'
[  105.201580][   T30] audit: type=1400 audit(2000000290.249:6417): avc:  denied  { lock } for  pid=6658 comm="syz.9.2563" path="socket:[39513]" dev="sockfs" ino=39513 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  105.450022][  T986] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  105.645891][   T26] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  105.653271][   T26] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  105.662412][   T26] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  105.840136][  T986] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  105.850124][  T986] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  105.937723][  T986] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  105.946610][  T986] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  105.950031][  T490] usb 8-1: USB disconnect, device number 5
[  105.955255][  T986] usb 1-1: SerialNumber: syz
[  106.226801][ T6668] netlink: 44 bytes leftover after parsing attributes in process `syz.9.2567'.
[  106.263367][  T986] usb 1-1: 0:2 : does not exist
[  106.281945][  T986] usb 1-1: USB disconnect, device number 10
[  106.336025][   T30] audit: type=1400 audit(2000000291.292:6418): avc:  denied  { name_bind } for  pid=6673 comm="syz.9.2570" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  106.502099][ T1009] udevd[1009]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  106.618354][   T30] audit: type=1400 audit(2000000291.551:6419): avc:  denied  { write } for  pid=6693 comm="syz.9.2579" path="socket:[39579]" dev="sockfs" ino=39579 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  106.722307][   T30] audit: type=1326 audit(2000000291.652:6420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6704 comm="syz.9.2584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[  106.745836][   T30] audit: type=1326 audit(2000000291.652:6421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6704 comm="syz.9.2584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fd12c5fd169 code=0x7ffc0000
[  106.844722][   T30] audit: type=1326 audit(2000000291.763:6422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6714 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  106.868232][   T30] audit: type=1326 audit(2000000291.763:6423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6714 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  106.892565][   T30] audit: type=1326 audit(2000000291.763:6424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6714 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  106.916245][   T30] audit: type=1326 audit(2000000291.763:6425): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6714 comm="syz.0.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6301f4169 code=0x7ffc0000
[  107.169162][ T6722] loop9: detected capacity change from 0 to 40427
[  107.229517][ T6722] F2FS-fs (loop9): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  107.237997][ T6722] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  107.246046][ T6722] F2FS-fs (loop9): fault_type options not supported
[  107.253671][ T6722] F2FS-fs (loop9): invalid crc value
[  107.260654][ T6722] F2FS-fs (loop9): Found nat_bits in checkpoint
[  107.292741][ T6722] F2FS-fs (loop9): Start checkpoint disabled!
[  107.299659][ T6722] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  107.306654][ T6722] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  107.350135][ T5631] attempt to access beyond end of device
[  107.350135][ T5631] loop9: rw=2049, want=40976, limit=40427
[  107.667215][ T6735] loop9: detected capacity change from 0 to 40427
[  107.809276][ T6735] F2FS-fs (loop9): fault_injection options not supported
[  107.821904][ T6735] F2FS-fs (loop9): invalid crc value
[  107.828917][ T6735] F2FS-fs (loop9): Found nat_bits in checkpoint
[  107.889130][ T6735] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  107.949374][ T6741] syz.0.2598[6741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.949457][ T6741] syz.0.2598[6741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.037843][ T6749] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2603'.
[  108.170155][ T6757] netem: change failed
[  108.247583][ T6771] device sit0 entered promiscuous mode
[  108.260337][ T6771] netlink: 'syz.7.2613': attribute type 1 has an invalid length.
[  108.268930][ T6771] netlink: 1 bytes leftover after parsing attributes in process `syz.7.2613'.
[  108.375269][  T986] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  108.452026][ T3835] ------------[ cut here ]------------
[  108.457418][ T3835] WARNING: CPU: 1 PID: 3835 at fs/inode.c:332 drop_nlink+0xc1/0x110
[  108.465833][ T3835] Modules linked in:
[  108.469561][ T3835] CPU: 1 PID: 3835 Comm: syz-executor Tainted: G        W         5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[  108.481366][ T3835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  108.491572][ T3835] RIP: 0010:drop_nlink+0xc1/0x110
[  108.496568][ T3835] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 d7 f5 f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 9f 88 ae ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  108.516323][ T3835] RSP: 0018:ffffc9000105fc88 EFLAGS: 00010293
[  108.522309][ T3835] RAX: ffffffff81c1e411 RBX: 0000000000000000 RCX: ffff888118e9bb40
[  108.530175][ T3835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  108.538036][ T3835] RBP: ffffc9000105fcb0 R08: ffffffff81c1e394 R09: 0000000000000003
[  108.545773][ T3835] R10: fffff5200020bf80 R11: dffffc0000000001 R12: dffffc0000000000
[  108.553725][ T3835] R13: 1ffff11025481016 R14: ffff88812a408068 R15: ffff88812a4080b0
[  108.561579][ T3835] FS:  00005555812c0500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  108.570897][ T3835] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  108.591929][ T3835] CR2: 0000001b2e01bff8 CR3: 0000000117337000 CR4: 00000000003506b0
[  108.599892][ T3835] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  108.607844][ T3835] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  108.615987][ T3835] Call Trace:
[  108.619093][ T3835]  <TASK>
[  108.621878][ T3835]  ? show_regs+0x58/0x60
[  108.626040][ T3835]  ? __warn+0x160/0x2f0
[  108.629988][ T3835]  ? drop_nlink+0xc1/0x110
[  108.634202][ T3835]  ? report_bug+0x3d9/0x5b0
[  108.638646][ T3835]  ? drop_nlink+0xc1/0x110
[  108.638790][   T39] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  108.642942][ T3835]  ? handle_bug+0x41/0x70
[  108.654699][ T3835]  ? exc_invalid_op+0x1b/0x50
[  108.659402][ T3835]  ? asm_exc_invalid_op+0x1b/0x20
[  108.679297][ T3835]  ? drop_nlink+0x44/0x110
[  108.683561][ T3835]  ? drop_nlink+0xc1/0x110
[  108.687827][ T3835]  ? drop_nlink+0xc1/0x110
[  108.692501][ T3835]  ? drop_nlink+0xc1/0x110
[  108.696772][ T3835]  shmem_rmdir+0x59/0x90
[  108.701402][ T3835]  vfs_rmdir+0x324/0x470
[  108.705542][ T3835]  incfs_kill_sb+0x113/0x230
[  108.709914][ T3835]  deactivate_locked_super+0xad/0x110
[  108.715563][ T3835]  deactivate_super+0xbe/0xf0
[  108.720322][ T3835]  cleanup_mnt+0x45c/0x510
[  108.725157][ T3835]  __cleanup_mnt+0x19/0x20
[  108.729417][ T3835]  task_work_run+0x129/0x190
[  108.734164][ T3835]  exit_to_user_mode_loop+0xc4/0xe0
[  108.739204][ T3835]  exit_to_user_mode_prepare+0x5a/0xa0
[  108.744902][ T3835]  syscall_exit_to_user_mode+0x26/0x160
[  108.750306][ T3835]  do_syscall_64+0x47/0xb0
[  108.754834][ T3835]  ? clear_bhb_loop+0x35/0x90
[  108.759384][ T3835]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  108.765077][ T3835] RIP: 0033:0x7fa08e77b497
[  108.765728][  T986] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 242, using maximum allowed: 30
[  108.769764][ T3835] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  108.799676][  T986] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.799784][ T3835] RSP: 002b:00007ffc41f3bf38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  108.810502][  T986] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 242
[  108.817693][ T3835] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa08e77b497
[  108.830647][  T986] usb 1-1: New USB device found, idVendor=056a, idProduct=00b8, bcdDevice= 0.00
[  108.844282][ T3835] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc41f3bff0
[  108.847997][  T986] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.856826][ T3835] RBP: 00007ffc41f3bff0 R08: 0000000000000000 R09: 0000000000000000
[  108.871184][ T3835] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc41f3d080
[  108.879592][ T3835] R13: 00007fa08e7fb08c R14: 0000000000019a29 R15: 00007ffc41f3d0c0
[  108.885579][  T986] usb 1-1: config 0 descriptor??
[  108.887530][ T3835]  </TASK>
[  108.895164][ T3835] ---[ end trace e41d2f6a5b8f3e4a ]---
[  108.900681][ T3835] ==================================================================
[  108.908559][ T3835] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  108.914636][ T3835] Write of size 4 at addr 0000000000000170 by task syz-executor/3835
[  108.922530][ T3835] 
[  108.924702][ T3835] CPU: 0 PID: 3835 Comm: syz-executor Tainted: G        W         5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[  108.928828][   T39] usb 10-1: Using ep0 maxpacket: 8
[  108.936065][ T3835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  108.936080][ T3835] Call Trace:
[  108.936088][ T3835]  <TASK>
[  108.936096][ T3835]  dump_stack_lvl+0x151/0x1c0
[  108.961329][ T3835]  ? io_uring_drop_tctx_refs+0x190/0x190
[  108.966794][ T3835]  ? _raw_spin_lock+0xa4/0x1b0
[  108.971396][ T3835]  ? _raw_spin_trylock_bh+0x190/0x190
[  108.976605][ T3835]  kasan_report+0x16f/0x1c0
[  108.981030][ T3835]  ? ihold+0x20/0x60
[  108.984761][ T3835]  ? ihold+0x20/0x60
[  108.988492][ T3835]  kasan_check_range+0x293/0x2a0
[  108.993353][ T3835]  __kasan_check_write+0x14/0x20
[  108.998127][ T3835]  ihold+0x20/0x60
[  109.001684][ T3835]  vfs_rmdir+0x201/0x470
[  109.005768][ T3835]  incfs_kill_sb+0x113/0x230
[  109.010192][ T3835]  deactivate_locked_super+0xad/0x110
[  109.015399][ T3835]  deactivate_super+0xbe/0xf0
[  109.019913][ T3835]  cleanup_mnt+0x45c/0x510
[  109.024165][ T3835]  __cleanup_mnt+0x19/0x20
[  109.028422][ T3835]  task_work_run+0x129/0x190
[  109.032850][ T3835]  exit_to_user_mode_loop+0xc4/0xe0
[  109.037880][ T3835]  exit_to_user_mode_prepare+0x5a/0xa0
[  109.043175][ T3835]  syscall_exit_to_user_mode+0x26/0x160
[  109.048562][ T3835]  do_syscall_64+0x47/0xb0
[  109.052805][ T3835]  ? clear_bhb_loop+0x35/0x90
[  109.057318][ T3835]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  109.063051][ T3835] RIP: 0033:0x7fa08e77b497
[  109.067304][ T3835] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  109.079602][   T39] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  109.086742][ T3835] RSP: 002b:00007ffc41f3bf38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  109.086770][ T3835] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa08e77b497
[  109.105906][   T39] usb 10-1: config 179 has no interface number 0
[  109.110957][ T3835] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc41f3bff0
[  109.110978][ T3835] RBP: 00007ffc41f3bff0 R08: 0000000000000000 R09: 0000000000000000
[  109.131996][   T39] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  109.132935][ T3835] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc41f3d080
[  109.151688][ T3835] R13: 00007fa08e7fb08c R14: 0000000000019a29 R15: 00007ffc41f3d0c0
[  109.159505][ T3835]  </TASK>
[  109.162361][ T3835] ==================================================================
[  109.170263][ T3835] Disabling lock debugging due to kernel taint
[  109.178017][ T3835] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  109.185648][ T3835] #PF: supervisor write access in kernel mode
[  109.187970][   T39] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  109.191542][ T3835] #PF: error_code(0x0002) - not-present page
[  109.208471][ T3835] PGD 13107e067 P4D 13107e067 PUD 0 
[  109.213675][ T3835] Oops: 0002 [#1] PREEMPT SMP KASAN
[  109.218709][ T3835] CPU: 0 PID: 3835 Comm: syz-executor Tainted: G    B   W         5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[  109.229996][ T3835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.239888][ T3835] RIP: 0010:ihold+0x25/0x60
[  109.244227][ T3835] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 b1 80 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 c0 ed f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 34 84 ae
[  109.263679][ T3835] RSP: 0018:ffffc9000105fcc8 EFLAGS: 00010246
[  109.269655][ T3835] RAX: ffff888118e9bb00 RBX: 0000000000000001 RCX: ffff888118e9bb40
[  109.277470][ T3835] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[  109.285278][ T3835] RBP: ffffc9000105fcd8 R08: ffffffff8141a9ab R09: 0000000000000003
[  109.293092][ T3835] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: dffffc0000000000
[  109.300904][ T3835] R13: ffff888112ccfee0 R14: 0000000000000000 R15: 1ffff11022599fe2
[  109.308712][ T3835] FS:  00005555812c0500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  109.317477][ T3835] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  109.323903][ T3835] CR2: 0000000000000170 CR3: 0000000117337000 CR4: 00000000003506b0
[  109.331714][ T3835] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  109.339539][ T3835] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  109.347340][ T3835] Call Trace:
[  109.350467][ T3835]  <TASK>
[  109.353240][ T3835]  ? __die_body+0x62/0xb0
[  109.357405][ T3835]  ? __die+0x7e/0x90
[  109.361139][ T3835]  ? page_fault_oops+0x7f9/0xa90
[  109.365908][ T3835]  ? __kasan_check_write+0x14/0x20
[  109.370858][ T3835]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[  109.376239][ T3835]  ? __schedule+0xcd4/0x1590
[  109.380671][ T3835]  ? exc_page_fault+0x510/0x7f0
[  109.385359][ T3835]  ? asm_exc_page_fault+0x27/0x30
[  109.390216][ T3835]  ? check_panic_on_warn+0x5b/0xb0
[  109.395162][ T3835]  ? ihold+0x25/0x60
[  109.398893][ T3835]  ? ihold+0x20/0x60
[  109.402626][ T3835]  vfs_rmdir+0x201/0x470
[  109.406705][ T3835]  incfs_kill_sb+0x113/0x230
[  109.411134][ T3835]  deactivate_locked_super+0xad/0x110
[  109.416337][ T3835]  deactivate_super+0xbe/0xf0
[  109.420853][ T3835]  cleanup_mnt+0x45c/0x510
[  109.425104][ T3835]  __cleanup_mnt+0x19/0x20
[  109.429355][ T3835]  task_work_run+0x129/0x190
[  109.433798][ T3835]  exit_to_user_mode_loop+0xc4/0xe0
[  109.438818][ T3835]  exit_to_user_mode_prepare+0x5a/0xa0
[  109.444113][ T3835]  syscall_exit_to_user_mode+0x26/0x160
[  109.449493][ T3835]  do_syscall_64+0x47/0xb0
[  109.453747][ T3835]  ? clear_bhb_loop+0x35/0x90
[  109.458260][ T3835]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  109.463985][ T3835] RIP: 0033:0x7fa08e77b497
[  109.468244][ T3835] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  109.487681][ T3835] RSP: 002b:00007ffc41f3bf38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  109.495926][ T3835] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa08e77b497
[  109.503749][ T3835] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc41f3bff0
[  109.511561][ T3835] RBP: 00007ffc41f3bff0 R08: 0000000000000000 R09: 0000000000000000
[  109.519363][ T3835] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc41f3d080
[  109.527178][ T3835] R13: 00007fa08e7fb08c R14: 0000000000019a29 R15: 00007ffc41f3d0c0
[  109.534990][ T3835]  </TASK>
[  109.537851][ T3835] Modules linked in:
[  109.541582][ T3835] CR2: 0000000000000170
[  109.545604][ T3835] ---[ end trace e41d2f6a5b8f3e4b ]---
[  109.550867][ T3835] RIP: 0010:ihold+0x25/0x60
[  109.555207][ T3835] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 b1 80 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 c0 ed f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 34 84 ae
[  109.574654][ T3835] RSP: 0018:ffffc9000105fcc8 EFLAGS: 00010246
[  109.580556][ T3835] RAX: ffff888118e9bb00 RBX: 0000000000000001 RCX: ffff888118e9bb40
[  109.588361][ T3835] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[  109.596174][ T3835] RBP: ffffc9000105fcd8 R08: ffffffff8141a9ab R09: 0000000000000003
[  109.603986][ T3835] R10: fffffbfff0e9aa4c R11: dffffc0000000001 R12: dffffc0000000000
[  109.611798][ T3835] R13: ffff888112ccfee0 R14: 0000000000000000 R15: 1ffff11022599fe2
[  109.619610][ T3835] FS:  00005555812c0500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  109.628375][ T3835] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  109.634801][ T3835] CR2: 0000000000000170 CR3: 0000000117337000 CR4: 00000000003506b0
[  109.642611][ T3835] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  109.650509][ T3835] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  109.658333][ T3835] Kernel panic - not syncing: Fatal exception
[  109.664405][ T3835] Kernel Offset: disabled
[  109.668550][ T3835] Rebooting in 86400 seconds..