last executing test programs:

58.890614726s ago: executing program 3 (id=54):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0xee00, 0xee00, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

58.839675547s ago: executing program 3 (id=56):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={0x0, 0x0, <r2=>0x0, &(0x7f0000000300)=""/113, 0x71}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0x20000000}, {0x66, 0x0, 0x0, 0x2000000}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet(0x2, 0x802, 0x1)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x5, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x20, 0x10, 0x439, 0x4, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x18000}}, 0x20}}, 0x0)
connect$inet(r3, &(0x7f0000002780)={0x2, 0x4e22, @remote}, 0x10)
write(r3, &(0x7f0000000640)="08001800000020a3d57aaadb5155e6d3a1c2c962ebdd592e467fd53c1acc1964043a27ada60f0ff8ce6cfa8636ef74049e7d3c6bf2887a5dcac13b605f3379fbb85f786e4bb6657a8b529c83df621cd4b218f4f772214fb90ef76cefb2ee38b31ee973b82271e780cfb821e5d472b4ab68df7ab1bfdae97c1650a42ab5da5b560b6eec56df7d548d20d4c600ec826f713ea054a5f6d9200a5eb872", 0x9b)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r6=>0x0})
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000080), &(0x7f0000000200)=ANY=[@ANYBLOB="00fb5a0004444e630f7be0945cec871816f1d19af4c6fdd77662539541aa2a097a18255e49b4e769dc2b03aaa07c389b7166d0934ccb430d802756d15ac98c32effb8379b7e26de62f9e"], 0x5a, 0x2)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0)
ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, &(0x7f0000000440))
setns(0xffffffffffffffff, 0x20000)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x8, 0x3, 0x3beb947}, @TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0x10}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

58.684084519s ago: executing program 3 (id=57):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')

58.613077886s ago: executing program 3 (id=58):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
open(&(0x7f0000000080)='./bus\x00', 0x14d27e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x200, 0x0, 0x0, 0x2, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d306e6d602000000000000000000010001", [0x204]})
fallocate(r0, 0x8, 0x4000, 0x4000)

58.402593238s ago: executing program 3 (id=62):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x10, 0x701, 0x0, 0xffffffff, {0xa}}, 0x14}}, 0x20008080)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDGKBDIACR(r4, 0x4b4a, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xcd9}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xa, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x8}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x0)
openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x42242, 0x73)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x108, 0x0, 0x0, &(0x7f0000000200), 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[@ip_retopts={{0x10}}], 0x10}, 0x24c3)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r9, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x45c, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r10, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xb, 0x0, 0xf, 0x8, 0x81, 0xb7}, {0xa8, 0x2, 0xc3, 0x5, 0x9, 0x3}, 0x8, 0x80000000, 0x1e2c}}, @TCA_TBF_RTAB={0x404, 0x2, [0x0, 0xa, 0x8, 0x6, 0x8, 0x200, 0x800084d, 0x5, 0x9, 0xe0dc, 0x92, 0xfffffffe, 0x6, 0x0, 0x7, 0x0, 0x94, 0x9, 0x7, 0x10, 0x8, 0x818f, 0x4, 0x8, 0x34, 0x6, 0x3, 0x5, 0xa4, 0xc, 0x8, 0x7fffffff, 0x8, 0x0, 0x3, 0x4, 0x7, 0x6, 0x1000, 0x6, 0x0, 0xf, 0x8001, 0x9, 0xa, 0x4, 0x2, 0x65, 0xbac, 0xc0, 0x80, 0x2cf6, 0x4, 0x49, 0x10, 0x8, 0x4, 0x4, 0x101, 0xffffffb0, 0x8, 0x862e, 0x9, 0x8, 0x1ff, 0x80000001, 0x4, 0x0, 0x190, 0x7fff, 0x6, 0x6000, 0x8000, 0x24, 0x5, 0x5, 0x65, 0xfffffff7, 0x8000, 0x2, 0x1, 0x5, 0x5, 0x8, 0x9, 0xdfc0, 0xd, 0x8, 0x0, 0x8000, 0xd3d, 0x6, 0xfffffffd, 0x400, 0x8, 0xe9f, 0xada3, 0x9, 0x8, 0x8000, 0x9, 0x6, 0x401, 0x5, 0x0, 0xffffffff, 0x8000, 0x4, 0x1000, 0xac3, 0x800, 0x0, 0x5, 0xfffffff8, 0x0, 0x5, 0x8, 0x3, 0x9, 0x0, 0xfffffff6, 0x56f, 0x8, 0x4935a2c4, 0x1, 0x5, 0xba03, 0xffff, 0xb06, 0x0, 0x4, 0x81, 0xffffffff, 0x2, 0x9, 0xf814, 0x0, 0x3, 0x9, 0x10000, 0x94b4, 0x6, 0x80000001, 0x8000, 0x6, 0x9, 0x4, 0x3, 0xa, 0xf, 0x2, 0xfffffffa, 0xff, 0x90000000, 0x2, 0x4, 0x7, 0x8000, 0x2, 0x0, 0x6, 0x6, 0x0, 0x2, 0x86, 0x10001, 0x4, 0x8, 0x4, 0x2eaf, 0xffff, 0x8, 0x40000006, 0x7, 0x401, 0x5, 0x1000, 0x99, 0x7fff, 0x0, 0x9, 0x1ff, 0x7, 0x2206e57f, 0x3, 0x778, 0x9, 0x3552, 0x4, 0x1, 0xde00, 0x5, 0x80, 0x10, 0x3, 0xeb12, 0x7, 0x4, 0x200, 0xffffffff, 0x56f, 0x8, 0x7, 0x0, 0x3, 0x3, 0x101, 0x80000000, 0x5, 0x30, 0xffff8000, 0x7, 0x1, 0x0, 0x0, 0xffffffff, 0x3, 0x7, 0x1000, 0xfffff060, 0x5, 0x7, 0xb, 0x3, 0x9, 0x1, 0x8001, 0x3, 0xfffffc01, 0x5b07707f, 0x7, 0x2, 0x3, 0x3, 0x0, 0x8, 0x0, 0x0, 0x4, 0x8000, 0x80000000, 0x4, 0x8, 0x8000, 0x52, 0x0, 0x3, 0x9, 0x0, 0x9, 0x5, 0x6, 0x5c, 0x1ff, 0x1, 0x2]}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8004001}, 0x0)

57.991272762s ago: executing program 3 (id=70):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0xa1001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r4 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f00000000c0)={'bond0\x00', {0x2, 0x0, @initdev}})
getpgrp(r1)
socket$nl_xfrm(0x10, 0x3, 0x6)

57.840485495s ago: executing program 32 (id=70):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0xa1001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r4 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f00000000c0)={'bond0\x00', {0x2, 0x0, @initdev}})
getpgrp(r1)
socket$nl_xfrm(0x10, 0x3, 0x6)

17.9408016s ago: executing program 1 (id=410):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
socket(0x40000000015, 0x5, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x200000000001, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0xdc, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r3, @ANYBLOB="6b0700bd7000ab900dcb67", @ANYBLOB], 0xac}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

17.142413964s ago: executing program 1 (id=416):
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000080), 0x8)
listen(r0, 0x2)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000500)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
listen(r1, 0xc)

15.473747599s ago: executing program 1 (id=424):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, 0x0, 0x100000})
getpid()
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)

15.311210119s ago: executing program 1 (id=428):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000140)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
creat(&(0x7f00000004c0)='./bus\x00', 0x20)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4083, 0xffffffdf}], 0x1, 0x22, 0x0, 0x1)

14.71640163s ago: executing program 1 (id=431):
r0 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2, 0x4c22, @empty}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000140)="0800101d89b5eb00", 0x8}], 0x1}, 0x4008084)

14.66250066s ago: executing program 1 (id=434):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000040)="ec1bd358", 0x4}], 0x1}}], 0x1, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x20, 0x4, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0x1}, {0x6, 0x0, 0x0, 0x3}]}, 0x10)
sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840)

14.542835598s ago: executing program 33 (id=434):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000040)="ec1bd358", 0x4}], 0x1}}], 0x1, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x20, 0x4, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0x1}, {0x6, 0x0, 0x0, 0x3}]}, 0x10)
sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840)

4.172870623s ago: executing program 2 (id=527):
clock_gettime(0x7, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x9, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
fsopen(&(0x7f0000000080)='binder\x00', 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x0, 0x100}, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x28, r4, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x28}}, 0x40000)
clock_settime(0x0, 0x0)

3.235611191s ago: executing program 2 (id=540):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000380)=0x6614, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000a80)=[{{0x0, 0x0, 0x0}, 0x43}], 0x1, 0x220, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

3.11933397s ago: executing program 2 (id=544):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00')
read$rfkill(r0, &(0x7f0000000300), 0x8)

2.995790368s ago: executing program 2 (id=545):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000040))

1.456491606s ago: executing program 5 (id=553):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000002280), 0x68c01, 0x0)
write$binfmt_format(r1, &(0x7f0000006240)='-1\x00', 0x3)
ioctl$NILFS_IOCTL_GET_CPINFO(r0, 0x80186e82, 0x0)

1.278424803s ago: executing program 6 (id=555):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
socket(0x40000000015, 0x5, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x200000000001, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0xdc, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="6b0700bd7000ab900dcb67aaa5", @ANYBLOB], 0xac}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.228150854s ago: executing program 5 (id=556):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2200008, &(0x7f0000000280)={[{@stripe={'stripe', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x586, &(0x7f00000003c0)="$eJzs3c9rFFccAPDvbBJ/t0YQaXsoAQ+1WDcm6Q8LBe2xtFKhvduQrEGycSW7EZMK6qFeeilSKKVC6R/Qe4/Sf6D/Qi9CK0iR0B68bJnNrFmT3WSzWUx0Ph8YfW9mNt958+b78mZnwwaQWyPpP4WI1yPiuyTicMu2wcg2jqzst/z4xlS6JFGvf/FPEkm2rrl/kv1/MKu8FhG/fxNxsrA+bnVxaXayXC7NZ/XR2tzV0eri0qnLc5MzpZnSlfGJiTPvTYx/+MH7fWvr2xf++/Hz+5+c+fb48g+/PjxyN4lzcSjb1tqObbjVWhmJkeycDMW5NTuO9SHYbpLs9AHQk4Esz4ciHQMOx0CW9cDL72ZE1IGcSuQ/5FRzHtC8t+/TffAL49HHKzdA69s/uPLeSOxr3BsdWE6euTNK73eH+xA/jfHb3/fupkts8j7EzWerA30ID+TYrdsRcXpwcP34l2TjX+9ON9483tjaGHn7/QM76X46/3mn3fyn8HT+E23mPwfb5G4vNs//wsM+hOkonf991Hb++3ToGh7Iaq805nxDyaXL5dLpiHg1Ik7E0N60vtHznDPLD+qdtrXO/9Iljd+cC2bH8XBw77OvmZ6sTW6nza0e3Y54Y3X+m8S68X9fY667tv/T83GhyxjHSvfe7LRt8/a3utl9w7pU/yXirbb9v/pEK9n4+eRo43oYbV4V6/1759gfneJvrf39l/b/gY3bP5y0Pq+tbj3Gz/uelDpt6/X635N82SjvWVn1pD5Zq82PRexJPmtdH9fT9eOrr23Wr2f7p+0/cXzj8a/d9b8/Ir7qsv13jt7puOtu6P/pLfX/1gsPPv36p07xu+v/dxulE9mabsa/bg9wO+cOAAAAAAAAdptCRByKpFB8Wi4UisWVz3ccjQOFcqVaO3mpsnBlOhp/KzscQ4Xmk+7DLZ+HGMs+D9usj6+pT0TEkYj4fmB/o16cqpSnd7rxAAAAAAAAAAAAAAAAAAAAsEsc7PD3/6m/fMMUvPx85Tfk16b5349vegJ2Jb//Ib/kP+SX/If8kv+QX/If8kv+Q37Jf8gv+Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAB9deH8+XSpLz++MZXWp68tLsxWrp2aLlVni3MLU8WpyvzV4kylMlMuFacqc5v9vHKlcnVsPBauj9ZK1dpodXHp4lxl4Urt4uW5yZnSxdLQc2kVAAAAAAAAAAAAAAAAAAAAvFiqi0uzk+VyaX5LhT+jl1etFgrbiv68C2djVxxGz4Vks/N8NuuOnkIM7nwDFbZWGMj6e8Odd2hAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA2/g8AAP//AAkuVg==")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f0000000100), 0x0, 0x835, 0x0)
setxattr$security_ima(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000200), &(0x7f0000000000)=ANY=[], 0x700, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f00000009c0)='./file1\x00', &(0x7f0000000a00)='./file0/file0\x00')

1.115849774s ago: executing program 5 (id=559):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3)
ioctl$LOOP_CHANGE_FD(r0, 0x127f, 0xffffffffffffffff)

1.115563614s ago: executing program 6 (id=560):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd\x00')
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)

1.081082708s ago: executing program 4 (id=562):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xffffffffffffffbe, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.03976611s ago: executing program 6 (id=563):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x5f]}}, 0x0, 0x1b, 0x0, 0x5}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb140, 0x1000, 0x6, 0x196})
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x50)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
close_range(r1, 0xffffffffffffffff, 0x0)

1.03943479s ago: executing program 5 (id=564):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3b}, 0x1c)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2000000002ffff, 0x0)
lseek(0xffffffffffffffff, 0x1000000, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x2, 0x3f, 0x14, 0x63, 0x0, 0x7, 0x21, 0x0, @remote, @local}, {{0x4e24, 0x4e24, 0x4, 0x1, 0x4, 0x0, 0x0, 0x9, 0x2, "d76c43", 0xa2, "4ee51d"}}}}}}, 0x0)

944.619633ms ago: executing program 5 (id=565):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={0x0, 0x474}, 0x1, 0x0, 0x0, 0x10}, 0x800)
capget(&(0x7f0000000340)={0x20080522}, &(0x7f0000000380)={0xfe06, 0x0, 0x6, 0x3, 0x9, 0x9})
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000240)=@ethtool_cmd={0x28, 0x8, 0xff, 0x8, 0x6, 0x9, 0x1, 0xc, 0xae, 0x7, 0xf562, 0x800000, 0x1, 0x9, 0x12, 0x3, [0x200006, 0x5]}})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@getchain={0x3c, 0x66, 0x200, 0x70bd23, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x7, 0xffff}, {0xfff2}, {0x0, 0xb}}, [{0x8, 0xb, 0x1}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0x15}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000041}, 0x8800)
socket$nl_xfrm(0x10, 0x3, 0x6)

931.58092ms ago: executing program 2 (id=566):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/exec\x00')
exit(0x5ee)
pwrite64(r0, 0x0, 0x0, 0x1)

900.227264ms ago: executing program 4 (id=567):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@grpjquota}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000040)="42d7", 0xfffff, 0xfffffffffffffffe)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)

727.501573ms ago: executing program 4 (id=568):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
close(0x3)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0)

407.447874ms ago: executing program 0 (id=572):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

300.625344ms ago: executing program 0 (id=573):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000300)="976dcd4f9ef2", 0x6}], 0x1, 0x7ffffc, 0x500002, 0x0)
fallocate(r0, 0x3, 0x7fffff, 0x8000c62)

300.189865ms ago: executing program 0 (id=574):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083860090890e0878f0f1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d3b5d0936cd3b78070daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5003a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd7072f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d27df2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2c1cde360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {0x9, 0x1}, 0x3, 0x4, &(0x7f0000000040)={0x5, 0x5, 0x84b6, 0x4, 0x4}, 0x8, 0x7, 0x0, 0x0, 0x8001, 0x9, 0x0})
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)

278.420131ms ago: executing program 0 (id=575):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000280)=ANY=[], 0xfdef)

197.851006ms ago: executing program 4 (id=576):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
sendfile(r0, r0, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

149.735907ms ago: executing program 6 (id=577):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@allocspi={0x100, 0x16, 0x401, 0x70bd2d, 0x0, {{{@in=@multicast2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4, 0x0, 0x0, 0x0, 0xa, 0x80, 0x20, 0x0, 0x0, 0xffffffffffffffff}, {@in=@multicast1, 0x1ffffffe, 0x33}, @in=@dev={0xac, 0x14, 0x14, 0x20}, {0x4, 0x7, 0x8, 0x6}, {0x2, 0x0, 0x0, 0x4}, {0xe9, 0x1000001, 0x1}, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x90}, 0x8, 0x8e}, [@replay_thresh={0x8, 0xb, 0x9}]}, 0x100}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

149.238027ms ago: executing program 0 (id=578):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x8)
ioctl$TIOCSERGETLSR(r0, 0x5459, 0x0)

76.533974ms ago: executing program 4 (id=579):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000f80), 0x1, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, 0x0)

76.236624ms ago: executing program 0 (id=580):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {@quota}, {@lazytime}, {@dioread_lock}, {@nogrpid}, {@nobh}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

57.74572ms ago: executing program 6 (id=581):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
keyctl$join(0x1, 0x0)
keyctl$session_to_parent(0x12)

57.00279ms ago: executing program 5 (id=582):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x5, 0xaa, &(0x7f0000000140)=""/170, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r0, r1, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000002580)=[@request_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x0, &(0x7f0000000600)})
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)={0x14, r6, 0x7d243a6ea807936d, 0x70bd2c, 0x25dfdbfa}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x40110)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r7)

42.316877ms ago: executing program 4 (id=583):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x4, 0x7, 0x48c1, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x7fffe, {0x0, 0x0, 0x0, r7, {}, {0xb, 0xb}, {0xe, 0x4}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x808, 0x205, 0x0, 0xc}, 0x8, 0xffffffff, 0x5, 0x0, 0x9, 0x8, 0x49, 0xd, 0x1, 0x1, {0x7, 0x3, 0x101000, 0x101, 0xfffffffe, 0x401}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004080}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

516.34µs ago: executing program 2 (id=584):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

0s ago: executing program 6 (id=585):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f00)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x0, 0x10}}, 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.18' (ED25519) to the list of known hosts.
[   20.861149][   T28] audit: type=1400 audit(1773256873.574:64): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.862394][  T275] cgroup: Unknown subsys name 'net'
[   20.883822][   T28] audit: type=1400 audit(1773256873.574:65): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.911051][   T28] audit: type=1400 audit(1773256873.604:66): avc:  denied  { unmount } for  pid=275 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.911199][  T275] cgroup: Unknown subsys name 'devices'
[   21.051164][  T275] cgroup: Unknown subsys name 'hugetlb'
[   21.056769][  T275] cgroup: Unknown subsys name 'rlimit'
[   21.158726][   T28] audit: type=1400 audit(1773256873.864:67): avc:  denied  { setattr } for  pid=275 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.181904][   T28] audit: type=1400 audit(1773256873.864:68): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   21.198026][  T277] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   21.207147][   T28] audit: type=1400 audit(1773256873.864:69): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   21.238591][   T28] audit: type=1400 audit(1773256873.934:70): avc:  denied  { relabelto } for  pid=277 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.250504][  T275] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.264093][   T28] audit: type=1400 audit(1773256873.934:71): avc:  denied  { write } for  pid=277 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.298165][   T28] audit: type=1400 audit(1773256873.964:72): avc:  denied  { read } for  pid=275 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.323668][   T28] audit: type=1400 audit(1773256873.964:73): avc:  denied  { open } for  pid=275 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.375400][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.382471][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.389928][  T283] device bridge_slave_0 entered promiscuous mode
[   22.396774][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.403862][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.411164][  T283] device bridge_slave_1 entered promiscuous mode
[   22.452935][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.460088][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.467482][  T284] device bridge_slave_0 entered promiscuous mode
[   22.475045][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.482179][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.489426][  T284] device bridge_slave_1 entered promiscuous mode
[   22.503895][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.511063][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.518303][  T285] device bridge_slave_0 entered promiscuous mode
[   22.526911][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.534016][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.541394][  T285] device bridge_slave_1 entered promiscuous mode
[   22.634184][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.641461][  T287] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.648841][  T287] device bridge_slave_0 entered promiscuous mode
[   22.655847][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.662915][  T287] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.670312][  T287] device bridge_slave_1 entered promiscuous mode
[   22.686092][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.693216][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.700612][  T286] device bridge_slave_0 entered promiscuous mode
[   22.721858][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.728901][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.736279][  T286] device bridge_slave_1 entered promiscuous mode
[   22.832709][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.839776][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.847051][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.854082][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.874429][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.881474][  T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.896594][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.903651][  T284] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.910912][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.918014][  T284] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.942105][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.949147][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.956416][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.963438][  T287] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.006278][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.013760][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.021263][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.028769][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.036043][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.043224][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.050538][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.057725][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.090824][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.098496][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.106819][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.113859][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.121765][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.130675][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.137692][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.145047][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.153254][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.160286][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.167603][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.175823][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.182857][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.190223][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.198106][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.205706][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.213170][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.221368][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.229428][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.236445][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.243893][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.251942][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.259336][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.266792][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.274925][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.281946][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.289235][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.297372][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.304403][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.327972][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.336077][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.343093][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.351063][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.358939][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.381984][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.391399][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.410486][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.418898][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.426967][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.435086][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.442657][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.450074][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.458264][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.466472][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.473483][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.480887][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.489089][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.497351][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.504403][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.511818][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.519866][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.527724][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.535784][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.543721][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.552039][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.559954][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.578017][  T283] device veth0_vlan entered promiscuous mode
[   23.588288][  T287] device veth0_vlan entered promiscuous mode
[   23.595263][  T285] device veth0_vlan entered promiscuous mode
[   23.602115][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   23.609954][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.617307][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.624895][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.633080][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.641131][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.649045][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.656997][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.665393][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.674850][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.682667][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.690676][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.698438][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.706469][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.713960][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.721396][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.728721][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.746985][  T286] device veth0_vlan entered promiscuous mode
[   23.754582][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.762761][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.770855][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.778168][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.786543][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.796220][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.804443][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.815777][  T284] device veth0_vlan entered promiscuous mode
[   23.825137][  T283] device veth1_macvtap entered promiscuous mode
[   23.832049][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.840123][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.848000][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.856344][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.864600][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.872327][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.879758][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.887554][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.895878][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.911039][  T287] device veth1_macvtap entered promiscuous mode
[   23.918787][  T285] device veth1_macvtap entered promiscuous mode
[   23.926515][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.934744][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.942493][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.951321][  T286] device veth1_macvtap entered promiscuous mode
[   23.965183][  T284] device veth1_macvtap entered promiscuous mode
[   23.972352][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.980743][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.988932][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.997120][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.005221][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.012752][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.020948][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.045242][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.053542][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.062264][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.070748][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.078933][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.087202][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.095545][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.103847][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.112155][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.120304][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.128482][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.136878][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.158632][  T287] request_module fs-gadgetfs succeeded, but still no fs?
[   24.171182][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.180629][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.188950][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.199386][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.294226][  T354] tipc: Can't bind to reserved service type 1
[   24.304959][  T350] loop0: detected capacity change from 0 to 2048
[   24.399140][  T364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9'.
[   24.408622][  T364] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'.
[   24.417100][  T368] loop4: detected capacity change from 0 to 1024
[   24.418917][  T350] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   24.425687][  T364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9'.
[   24.441320][  T350] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   24.451864][  T364] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'.
[   24.486285][  T364] Zero length message leads to an empty skb
[   24.501791][  T368] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   24.515835][  T350] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #15: comm syz.0.1: corrupted xattr block 128
[   24.551585][  T350] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[   24.567080][  T350] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #15: comm syz.0.1: corrupted xattr block 128
[   24.579596][  T350] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[   24.588895][  T350] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #15: comm syz.0.1: corrupted xattr block 128
[   24.606376][  T350] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[   24.614857][  T377] loop1: detected capacity change from 0 to 1024
[   24.615869][  T286] EXT4-fs (loop4): unmounting filesystem.
[   24.623600][  T377] =======================================================
[   24.623600][  T377] WARNING: The mand mount option has been deprecated and
[   24.623600][  T377]          and is ignored by this kernel. Remove the mand
[   24.623600][  T377]          option from the mount to silence this warning.
[   24.623600][  T377] =======================================================
[   24.670867][  T283] EXT4-fs (loop0): unmounting filesystem.
[   24.677917][  T377] EXT4-fs: Ignoring removed oldalloc option
[   24.684769][  T377] EXT4-fs: Ignoring removed bh option
[   24.699033][  T377] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   24.730774][  T377] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   24.924758][  T284] EXT4-fs (loop1): unmounting filesystem.
[   25.453639][  T420] loop2: detected capacity change from 0 to 7
[   26.289669][   T28] kauditd_printk_skb: 69 callbacks suppressed
[   26.289683][   T28] audit: type=1400 audit(1773256879.004:143): avc:  denied  { write } for  pid=424 comm="syz.4.34" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   26.352271][  T428] loop0: detected capacity change from 0 to 1024
[   27.159310][  T428] EXT4-fs: Ignoring removed orlov option
[   27.170847][   T28] audit: type=1400 audit(1773256879.004:144): avc:  denied  { open } for  pid=424 comm="syz.4.34" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   27.198704][  T428] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 64
[   27.219319][   T28] audit: type=1400 audit(1773256879.004:145): avc:  denied  { ioctl } for  pid=424 comm="syz.4.34" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x700f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   27.285202][   T28] audit: type=1400 audit(1773256879.874:146): avc:  denied  { map_read map_write } for  pid=429 comm="syz.4.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.450666][   T28] audit: type=1400 audit(1773256880.164:147): avc:  denied  { mounton } for  pid=440 comm="syz.2.41" path="/7/bus" dev="tmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   27.450745][  T444] 9pnet_fd: Insufficient options for proto=fd
[   27.511645][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.518968][  T451] loop2: detected capacity change from 0 to 1024
[   27.526987][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.535419][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.539616][   T28] audit: type=1400 audit(1773256880.214:148): avc:  denied  { setattr } for  pid=441 comm="syz.3.39" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   27.543301][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.569738][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.577177][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.584877][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.592433][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.592804][  T451] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   27.599988][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.615768][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.623598][  T457] process 'syz.1.30' launched '/dev/fd/-1' with NULL argv: empty string added
[   27.631613][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.640037][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.647470][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.655137][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.662745][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.670448][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.677865][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.689685][    T6] hid-generic 0003:0003:0000.0001: unknown main item tag 0x0
[   27.693532][  T451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:401: comm syz.2.44: inode #808464432: comm syz.2.44: iget: illegal inode #
[   27.708096][    T6] hid-generic 0003:0003:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1
[   27.731742][   T28] audit: type=1400 audit(1773256880.214:149): avc:  denied  { getopt } for  pid=448 comm="syz.2.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   27.770932][  T451] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.44: error while reading EA inode 808464432 err=-117
[   27.789405][   T28] audit: type=1400 audit(1773256880.214:150): avc:  denied  { read write } for  pid=441 comm="syz.3.39" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   27.821220][  T287] EXT4-fs (loop2): unmounting filesystem.
[   27.822103][   T28] audit: type=1400 audit(1773256880.214:151): avc:  denied  { open } for  pid=441 comm="syz.3.39" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   27.868114][  T466] fido_id[466]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   27.909863][   T28] audit: type=1400 audit(1773256880.384:152): avc:  denied  { setattr } for  pid=450 comm="syz.2.44" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   28.150741][  T489] loop3: detected capacity change from 0 to 1024
[   28.167443][  T489] EXT4-fs: Ignoring removed orlov option
[   28.181101][  T489] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   28.210365][  T285] EXT4-fs (loop3): unmounting filesystem.
[   28.252734][  T493] loop3: detected capacity change from 0 to 512
[   28.268938][  T493] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   28.278001][  T493] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   28.394283][  T493] loop3: detected capacity change from 512 to 0
[   28.408406][    C0] I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   28.423019][    C0] I/O error, dev loop3, sector 136 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   28.432700][    C0] I/O error, dev loop3, sector 144 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   28.442483][    C0] I/O error, dev loop3, sector 140 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[   28.452062][  T334] EXT4-fs error (device loop3): __ext4_get_inode_loc_noinmem:4638: inode #18: block 35: comm kworker/u4:3: unable to read itable block
[   28.569677][    T8] loop: Write error at byte offset 9223372036854775807, length 2048.
[   28.674892][    C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   28.684440][    C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   28.693911][    C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write
[   28.702164][  T334] EXT4-fs (loop3): I/O error while writing superblock
[   28.716543][  T285] EXT4-fs (loop3): unmounting filesystem.
[   28.723404][  T334] loop: Write error at byte offset 9223372036854775807, length 2048.
[   28.731632][    C0] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   28.741139][    C0] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[   28.750586][    C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write
[   28.758824][  T285] EXT4-fs (loop3): I/O error while writing superblock
[   28.822136][  T285] syz-executor (285) used greatest stack depth: 21880 bytes left
[   29.093197][  T526] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.100601][  T526] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.108157][  T526] device bridge_slave_0 entered promiscuous mode
[   29.116328][  T526] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.123872][  T526] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.132788][  T526] device bridge_slave_1 entered promiscuous mode
[   29.242729][  T526] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.249825][  T526] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.257094][  T526] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.264149][  T526] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.283040][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   29.290577][  T510] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.297798][  T510] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.309768][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.318951][  T510] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.325998][  T510] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.339575][  T505] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   29.347637][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.358862][  T510] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.365904][  T510] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.374783][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   29.392797][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   29.407900][  T526] device veth0_vlan entered promiscuous mode
[   29.414447][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   29.424431][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   29.432650][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   29.440232][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   29.448400][  T334] device bridge_slave_1 left promiscuous mode
[   29.454845][  T334] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.462450][  T334] device bridge_slave_0 left promiscuous mode
[   29.468598][  T334] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.477366][  T334] device veth1_macvtap left promiscuous mode
[   29.483545][  T334] device veth0_vlan left promiscuous mode
[   29.528590][  T505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   29.539743][  T505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   29.574739][  T505] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   29.618062][  T505] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   29.619310][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   29.635089][  T505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   29.648777][  T526] device veth1_macvtap entered promiscuous mode
[   29.667565][  T505] usb 3-1: config 0 descriptor??
[   29.676944][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   29.695351][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   29.932658][  T551] hub 9-0:1.0: USB hub found
[   30.329094][  T551] hub 9-0:1.0: 1 port detected
[   30.564767][  T505] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[   30.573969][  T505] plantronics 0003:047F:FFFF.0002: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   30.588514][  T505] usb 3-1: USB disconnect, device number 2
[   30.588608][  T525] netlink: 140 bytes leftover after parsing attributes in process `syz.2.72'.
[   30.621591][  T557] fido_id[557]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[   30.988034][  T582] loop5: detected capacity change from 0 to 256
[   31.169589][  T294] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   31.357267][  T294] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   31.360151][  T594] netlink: 68 bytes leftover after parsing attributes in process `syz.1.89'.
[   31.377098][  T294] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   31.407161][  T294] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   31.459545][  T294] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   31.491384][  T294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   31.492402][  T599] hub 9-0:1.0: USB hub found
[   31.508631][  T599] hub 9-0:1.0: 1 port detected
[   31.525644][   T28] kauditd_printk_skb: 47 callbacks suppressed
[   31.525655][   T28] audit: type=1400 audit(1773256884.234:200): avc:  denied  { bind } for  pid=600 comm="syz.5.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   31.554315][  T294] usb 1-1: config 0 descriptor??
[   31.601314][   T28] audit: type=1400 audit(1773256884.234:201): avc:  denied  { setopt } for  pid=600 comm="syz.5.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   31.819811][   T28] audit: type=1400 audit(1773256884.534:202): avc:  denied  { read } for  pid=607 comm="syz.5.95" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.871407][   T28] audit: type=1400 audit(1773256884.534:203): avc:  denied  { open } for  pid=607 comm="syz.5.95" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   31.973657][  T294] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   31.993439][  T294] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   32.241300][  T576] netlink: 140 bytes leftover after parsing attributes in process `syz.0.84'.
[   32.266784][  T625] loop4: detected capacity change from 0 to 1024
[   32.366313][   T28] audit: type=1400 audit(1773256885.074:204): avc:  denied  { create } for  pid=626 comm="syz.5.103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   32.393798][   T28] audit: type=1400 audit(1773256885.094:205): avc:  denied  { read } for  pid=626 comm="syz.5.103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   32.424659][  T625] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   32.433598][   T28] audit: type=1400 audit(1773256885.154:206): avc:  denied  { mount } for  pid=624 comm="syz.4.102" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   32.455146][  T625] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.534637][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[   32.557871][  T643] loop5: detected capacity change from 0 to 512
[   32.564373][   T28] audit: type=1400 audit(1773256885.254:207): avc:  denied  { ioctl } for  pid=624 comm="syz.4.102" path="socket:[16225]" dev="sockfs" ino=16225 ioctlcmd=0x48f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   32.611773][  T643] EXT4-fs: Ignoring removed mblk_io_submit option
[   32.642472][  T643] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   32.735249][  T643] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   32.752936][  T643] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   32.840652][  T650] loop2: detected capacity change from 0 to 128
[   32.907926][  T650] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   32.930065][  T650] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   32.969044][  T650] EXT4-fs error (device loop2): dx_make_map:1328: inode #2: block 20: comm syz.2.107: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[   32.987517][  T650] EXT4-fs error (device loop2) in do_split:2095: Corrupt filesystem
[   33.071005][   T28] audit: type=1400 audit(1773256885.684:208): avc:  denied  { create } for  pid=649 comm="syz.2.107" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   33.120530][  T287] EXT4-fs (loop2): unmounting filesystem.
[   33.154851][   T28] audit: type=1400 audit(1773256885.684:209): avc:  denied  { rename } for  pid=649 comm="syz.2.107" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   33.269951][    C0] plantronics 0003:047F:FFFF.0003: usb_submit_urb(ctrl) failed: -1
[   33.280403][    T6] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   33.396392][  T662] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[   33.405837][  T662] device syzkaller0 entered promiscuous mode
[   33.485069][    T6] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   33.510805][    T6] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[   33.510989][  T666] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   33.521236][    T6] usb 6-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[   33.552781][    T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   33.560996][    T6] usb 6-1: Product: syz
[   33.565224][    T6] usb 6-1: Manufacturer: syz
[   33.569863][    T6] usb 6-1: SerialNumber: syz
[   34.119964][  T505] usb 1-1: USB disconnect, device number 2
[   34.302812][  T694] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[   34.314661][  T694] device syzkaller0 entered promiscuous mode
[   34.549973][  T638] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   34.550299][  T640] Bluetooth: hci0: command 0x1003 tx timeout
[   34.562215][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   34.626574][  T286] EXT4-fs (loop4): unmounting filesystem.
[   34.849540][  T336] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   35.040610][  T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   35.063980][  T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   35.132939][  T336] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   35.150378][  T336] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   35.184861][  T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.193969][  T336] usb 3-1: config 0 descriptor??
[   35.595921][  T526] EXT4-fs (loop5): unmounting filesystem.
[   35.605663][    T6] usb 6-1: USB disconnect, device number 2
[   35.646195][  T336] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[   35.663021][  T336] plantronics 0003:047F:FFFF.0004: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   36.021941][  T707] netlink: 140 bytes leftover after parsing attributes in process `syz.2.129'.
[   36.179804][  T746] loop1: detected capacity change from 0 to 1024
[   36.209336][  T746] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #4: comm syz.1.141: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   36.227346][  T746] EXT4-fs error (device loop1): ext4_quota_enable:7033: comm syz.1.141: Bad quota inode: 4, type: 1
[   36.238685][  T746] EXT4-fs warning (device loop1): ext4_enable_quotas:7074: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   36.254691][  T746] EXT4-fs (loop1): mount failed
[   36.286559][  T747] netlink: 68 bytes leftover after parsing attributes in process `syz.0.138'.
[   36.607352][   T28] kauditd_printk_skb: 20 callbacks suppressed
[   36.607373][   T28] audit: type=1400 audit(1773256889.314:230): avc:  denied  { wake_alarm } for  pid=745 comm="syz.1.141" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   36.689022][  T753] loop1: detected capacity change from 0 to 1024
[   36.696908][  T753] EXT4-fs: Ignoring removed i_version option
[   36.704618][  T753] EXT4-fs: Mount option(s) incompatible with ext2
[   36.749856][  T348] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   36.852468][   T28] audit: type=1400 audit(1773256889.514:231): avc:  denied  { read write } for  pid=754 comm="syz.4.142" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   36.919857][   T28] audit: type=1400 audit(1773256889.514:232): avc:  denied  { open } for  pid=754 comm="syz.4.142" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   36.969678][    C1] plantronics 0003:047F:FFFF.0004: usb_submit_urb(ctrl) failed: -1
[   36.969730][   T28] audit: type=1400 audit(1773256889.514:233): avc:  denied  { mounton } for  pid=754 comm="syz.4.142" path="/20/file0" dev="tmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   37.026823][   T28] audit: type=1400 audit(1773256889.514:234): avc:  denied  { mount } for  pid=754 comm="syz.4.142" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   37.092482][   T28] audit: type=1400 audit(1773256889.804:235): avc:  denied  { prog_load } for  pid=758 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   37.129643][   T28] audit: type=1400 audit(1773256889.834:236): avc:  denied  { read write } for  pid=760 comm="syz.1.144" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.207919][   T28] audit: type=1400 audit(1773256889.834:237): avc:  denied  { open } for  pid=760 comm="syz.1.144" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.314656][  T764] hub 9-0:1.0: USB hub found
[   37.319749][  T764] hub 9-0:1.0: 1 port detected
[   37.335018][   T28] audit: type=1400 audit(1773256889.834:238): avc:  denied  { ioctl } for  pid=760 comm="syz.1.144" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.360915][   T28] audit: type=1400 audit(1773256889.834:239): avc:  denied  { perfmon } for  pid=758 comm="syz.0.143" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   38.112311][  T800] hub 9-0:1.0: USB hub found
[   38.117381][  T800] hub 9-0:1.0: 1 port detected
[   38.150569][  T736] usb 3-1: USB disconnect, device number 3
[   38.479451][  T804] netlink: 68 bytes leftover after parsing attributes in process `syz.5.157'.
[   39.019682][  T736] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   39.231413][  T736] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.393772][  T830] loop1: detected capacity change from 0 to 1024
[   39.418169][  T736] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   39.459539][  T736] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   39.549555][  T736] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   39.578901][  T736] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.685559][  T736] usb 1-1: config 0 descriptor??
[   39.801693][  T830] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   39.883828][  T830] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.167: Allocating blocks 497-513 which overlap fs metadata
[   39.916838][  T830] EXT4-fs (loop1): Remounting filesystem read-only
[   39.923997][  T842] EXT4-fs (loop1): pa ffff8881171fe3f0: logic 48, phys. 177, len 21
[   39.932090][  T842] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[   39.953166][  T842] EXT4-fs (loop1): Remounting filesystem read-only
[   40.002985][  T284] EXT4-fs (loop1): unmounting filesystem.
[   40.175011][  T736] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[   40.193070][  T736] plantronics 0003:047F:FFFF.0005: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   40.439818][  T815] netlink: 140 bytes leftover after parsing attributes in process `syz.0.161'.
[   41.171385][  T866] netlink: 152 bytes leftover after parsing attributes in process `syz.1.177'.
[   41.280784][  T867] netlink: 68 bytes leftover after parsing attributes in process `syz.2.178'.
[   41.728171][  T876] hub 9-0:1.0: USB hub found
[   41.917398][  T876] hub 9-0:1.0: 1 port detected
[   41.922537][   T28] kauditd_printk_skb: 89 callbacks suppressed
[   41.922995][   T28] audit: type=1400 audit(1773256894.074:329): avc:  denied  { create } for  pid=872 comm="syz.1.180" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   41.957503][   T28] audit: type=1400 audit(1773256894.074:330): avc:  denied  { write } for  pid=872 comm="syz.1.180" name="001" dev="devtmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   41.983699][   T28] audit: type=1400 audit(1773256894.434:331): avc:  denied  { map_create } for  pid=872 comm="syz.1.180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   42.258911][   T28] audit: type=1400 audit(1773256894.964:332): avc:  denied  { read write } for  pid=885 comm="syz.4.184" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   42.322677][   T28] audit: type=1400 audit(1773256895.004:333): avc:  denied  { open } for  pid=885 comm="syz.4.184" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   42.421691][   T28] audit: type=1400 audit(1773256895.004:334): avc:  denied  { ioctl } for  pid=885 comm="syz.4.184" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   42.459553][  T736] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   42.639606][    C0] plantronics 0003:047F:FFFF.0005: usb_submit_urb(ctrl) failed: -1
[   42.650631][  T736] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   42.653182][  T294] usb 1-1: USB disconnect, device number 3
[   42.725530][  T736] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.786446][  T736] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   42.821448][  T905] loop4: detected capacity change from 0 to 512
[   42.828803][  T736] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   42.854727][  T905] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.877740][  T736] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   42.886082][  T905] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   42.906448][  T736] usb 3-1: config 0 descriptor??
[   42.947863][  T905] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   42.964363][  T905] EXT4-fs (loop4): 1 truncate cleaned up
[   42.976801][  T905] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   43.012025][  T286] EXT4-fs (loop4): unmounting filesystem.
[   43.591591][  T736] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[   43.605456][  T736] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   43.652661][   T28] audit: type=1400 audit(1773256896.364:335): avc:  denied  { connect } for  pid=918 comm="syz.1.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   43.672235][   T28] audit: type=1400 audit(1773256896.364:336): avc:  denied  { write } for  pid=918 comm="syz.1.193" path="socket:[17689]" dev="sockfs" ino=17689 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   43.796386][   T28] audit: type=1400 audit(1773256896.454:337): avc:  denied  { mount } for  pid=912 comm="syz.0.192" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   43.806806][  T928] mmap: syz.1.196 (928) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   44.093521][  T921] netlink: 140 bytes leftover after parsing attributes in process `syz.2.182'.
[   44.109728][   T28] audit: type=1400 audit(1773256896.704:338): avc:  denied  { create } for  pid=924 comm="syz.4.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   44.250982][  T894] usb 3-1: USB disconnect, device number 4
[   44.373013][  T947] loop5: detected capacity change from 0 to 128
[   44.612207][  T947] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   44.634493][  T947] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   44.651788][  T526] EXT4-fs (loop5): unmounting filesystem.
[   44.669847][  T955] netlink: 'syz.4.205': attribute type 2 has an invalid length.
[   44.677531][  T955] netlink: 1339 bytes leftover after parsing attributes in process `syz.4.205'.
[   45.429651][  T894] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   45.621077][  T894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.653827][  T894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.682731][  T894] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   45.696790][  T894] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   45.706223][  T894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.722710][  T894] usb 2-1: config 0 descriptor??
[   46.315982][  T894] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[   46.330984][  T894] plantronics 0003:047F:FFFF.0007: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   47.208161][   T28] kauditd_printk_skb: 23 callbacks suppressed
[   47.208174][   T28] audit: type=1400 audit(1773256899.914:362): avc:  denied  { ioctl } for  pid=1051 comm="syz.5.240" path="socket:[17898]" dev="sockfs" ino=17898 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   47.208222][ T1053] device syzkaller0 entered promiscuous mode
[   47.250276][   T28] audit: type=1400 audit(1773256899.964:363): avc:  denied  { ioctl } for  pid=1051 comm="syz.5.240" path="socket:[17895]" dev="sockfs" ino=17895 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   47.440353][  T505] usb 2-1: USB disconnect, device number 2
[   47.577173][ T1070] fuse: Bad value for 'fd'
[   47.849761][ T1078] loop0: detected capacity change from 0 to 512
[   47.874382][   T28] audit: type=1400 audit(1773256900.584:364): avc:  denied  { read write } for  pid=1081 comm="syz.2.248" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   47.946180][ T1078] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.247: bad orphan inode 11862016
[   47.981650][ T1078] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   48.020577][   T28] audit: type=1400 audit(1773256900.604:365): avc:  denied  { open } for  pid=1081 comm="syz.2.248" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   48.064546][ T1078] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   48.153652][  T283] EXT4-fs (loop0): unmounting filesystem.
[   49.125620][ T1104] netlink: 'syz.5.254': attribute type 4 has an invalid length.
[   49.192563][ T1107] netlink: 'syz.5.254': attribute type 4 has an invalid length.
[   49.211396][ T1110] loop0: detected capacity change from 0 to 512
[   49.259789][ T1110] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   49.289249][ T1107] syz.5.254 (1107) used greatest stack depth: 21440 bytes left
[   49.353965][ T1110] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.257: invalid indirect mapped block 6684672 (level 2)
[   49.398071][ T1110] EXT4-fs (loop0): 1 truncate cleaned up
[   49.404030][ T1110] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   49.440927][   T28] audit: type=1400 audit(1773256902.154:366): avc:  denied  { write open } for  pid=1108 comm="syz.0.257" path="/61/bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   49.505133][  T283] EXT4-fs (loop0): unmounting filesystem.
[   49.553357][   T28] audit: type=1326 audit(1773256902.204:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1118 comm="syz.1.260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cfc59c799 code=0x0
[   49.594514][ T1125] loop1: detected capacity change from 0 to 128
[   49.609318][ T1125] FAT-fs (loop1): Unrecognized mount option "ext4" or missing value
[   49.636428][   T28] audit: type=1400 audit(1773256902.204:368): avc:  denied  { create } for  pid=1108 comm="syz.0.257" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   49.681869][   T28] audit: type=1400 audit(1773256902.204:369): avc:  denied  { create } for  pid=1108 comm="syz.0.257" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.759615][  T735] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   49.969573][   T28] audit: type=1400 audit(1773256902.674:370): avc:  denied  { create } for  pid=1131 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   49.990671][  T735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   50.005288][ T1132] loop0: detected capacity change from 0 to 512
[   50.027063][  T735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   50.050432][ T1132] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   50.068947][   T28] audit: type=1400 audit(1773256902.704:371): avc:  denied  { connect } for  pid=1131 comm="syz.2.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   50.100459][  T735] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   50.118962][ T1132] EXT4-fs (loop0): 1 truncate cleaned up
[   50.124888][ T1132] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   50.133503][  T735] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   50.155836][  T735] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.180291][  T735] usb 6-1: config 0 descriptor??
[   50.190980][  T283] EXT4-fs (loop0): unmounting filesystem.
[   50.735432][  T735] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[   50.755353][  T735] plantronics 0003:047F:FFFF.0008: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   51.152471][ T1154] loop0: detected capacity change from 0 to 128
[   51.247842][  T736] usb 6-1: USB disconnect, device number 3
[   51.253927][ T1156] plantronics 0003:047F:FFFF.0008: usb_submit_urb(ctrl) failed: -19
[   51.458951][ T1154] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   51.502480][ T1154] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   51.505714][ T1155] fido_id[1155]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[   51.790317][  T283] EXT4-fs (loop0): unmounting filesystem.
[   51.811316][ T1175] loop4: detected capacity change from 0 to 512
[   51.924387][ T1180] loop1: detected capacity change from 0 to 512
[   52.142046][ T1184] hub 9-0:1.0: USB hub found
[   52.147160][ T1184] hub 9-0:1.0: 1 port detected
[   52.259282][ T1180] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.282: invalid indirect mapped block 256 (level 2)
[   52.271090][ T1187] loop4: detected capacity change from 0 to 512
[   52.286823][  T894] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   52.294855][  T894] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[   52.303381][ T1180] EXT4-fs (loop1): 2 truncates cleaned up
[   52.310214][ T1180] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   52.323182][  T894] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   52.346428][  T284] EXT4-fs (loop1): unmounting filesystem.
[   52.394642][ T1199] fido_id[1199]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   52.403446][ T1187] EXT4-fs error (device loop4): ext4_quota_enable:7026: comm syz.4.284: Bad quota inum: 8, type: 1
[   52.420844][ T1187] EXT4-fs warning (device loop4): ext4_enable_quotas:7074: Failed to enable quota tracking (type=1, err=-117, ino=8). Please run e2fsck to fix.
[   52.512441][ T1187] EXT4-fs (loop4): mount failed
[   52.630504][   T28] kauditd_printk_skb: 11 callbacks suppressed
[   52.630524][   T28] audit: type=1400 audit(1773256905.344:383): avc:  denied  { getopt } for  pid=1206 comm="syz.1.290" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   53.239318][ T1215] cgroup: Invalid name
[   53.243856][   T28] audit: type=1400 audit(1773256905.964:384): avc:  denied  { create } for  pid=1212 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   53.302342][ T1219] loop0: detected capacity change from 0 to 512
[   53.325696][   T28] audit: type=1400 audit(1773256905.984:385): avc:  denied  { ioctl } for  pid=1212 comm="syz.1.293" path="socket:[18278]" dev="sockfs" ino=18278 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   53.391090][ T1219] EXT4-fs: Ignoring removed i_version option
[   53.416019][   T28] audit: type=1400 audit(1773256905.984:386): avc:  denied  { write } for  pid=1212 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   53.435729][   T28] audit: type=1400 audit(1773256905.984:387): avc:  denied  { mounton } for  pid=1212 comm="syz.1.293" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   53.459671][   T28] audit: type=1400 audit(1773256905.984:388): avc:  denied  { create } for  pid=1212 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.479973][   T28] audit: type=1400 audit(1773256905.984:389): avc:  denied  { setopt } for  pid=1212 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.554294][ T1219] EXT4-fs (loop0): 1 truncate cleaned up
[   53.554843][   T28] audit: type=1400 audit(1773256905.984:390): avc:  denied  { getopt } for  pid=1212 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.582133][ T1219] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   53.638269][ T1232] hub 9-0:1.0: USB hub found
[   53.643377][ T1232] hub 9-0:1.0: 1 port detected
[   53.840178][  T283] EXT4-fs (loop0): unmounting filesystem.
[   54.276238][ T1254] loop1: detected capacity change from 0 to 512
[   54.344640][ T1254] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.361459][ T1254] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   54.490902][ T1254] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   54.501284][ T1254] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.079851][  T335] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   56.281386][  T335] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   56.306290][   T28] audit: type=1326 audit(1773256909.014:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1278 comm="syz.5.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f1479c799 code=0x7ffc0000
[   56.317866][  T335] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   56.340578][   T28] audit: type=1326 audit(1773256909.044:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1278 comm="syz.5.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f1479c799 code=0x7ffc0000
[   56.365187][  T335] usb 2-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[   56.378975][  T335] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.396874][  T335] usb 2-1: Product: syz
[   56.401379][  T335] usb 2-1: Manufacturer: syz
[   56.405999][  T335] usb 2-1: SerialNumber: syz
[   56.480316][ T1286] netlink: 152 bytes leftover after parsing attributes in process `syz.2.312'.
[   58.228226][  T284] EXT4-fs (loop1): unmounting filesystem.
[   58.235715][  T335] usb 2-1: Audio class v2/v3 interfaces need an interface association
[   58.245743][  T335] snd-usb-audio: probe of 2-1:1.0 failed with error -22
[   58.258190][  T335] usb 2-1: USB disconnect, device number 3
[   58.262755][  T348] udevd[348]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   58.350681][ T1316] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1316 comm=syz.1.327
[   58.680481][   T28] kauditd_printk_skb: 18 callbacks suppressed
[   58.680495][   T28] audit: type=1400 audit(1773256911.394:411): avc:  denied  { setopt } for  pid=1330 comm="syz.4.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.759519][   T28] audit: type=1400 audit(1773256911.424:412): avc:  denied  { getopt } for  pid=1330 comm="syz.4.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.845035][   T28] audit: type=1400 audit(1773256911.554:413): avc:  denied  { bind } for  pid=1338 comm="syz.5.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   58.946026][ T1344] loop5: detected capacity change from 0 to 2048
[   59.011261][ T1344] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   59.043070][   T28] audit: type=1400 audit(1773256911.754:414): avc:  denied  { map } for  pid=1343 comm="syz.5.336" path="/52/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.085880][   T28] audit: type=1400 audit(1773256911.754:415): avc:  denied  { execute } for  pid=1343 comm="syz.5.336" path="/52/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.176034][  T526] EXT4-fs (loop5): unmounting filesystem.
[   59.284590][ T1364] loop1: detected capacity change from 0 to 2048
[   59.309710][ T1364] EXT4-fs: Ignoring removed i_version option
[   59.340807][ T1364] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   59.349430][ T1364] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.398805][ T1364] EXT4-fs (loop1): shut down requested (0)
[   59.411362][   T28] audit: type=1400 audit(1773256912.124:416): avc:  denied  { read } for  pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   59.468706][   T28] audit: type=1400 audit(1773256912.124:417): avc:  denied  { search } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   59.496310][  T735] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   59.508667][   T28] audit: type=1400 audit(1773256912.124:418): avc:  denied  { write } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   59.540433][  T284] EXT4-fs (loop1): unmounting filesystem.
[   59.563716][   T28] audit: type=1400 audit(1773256912.124:419): avc:  denied  { add_name } for  pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   59.602849][   T28] audit: type=1400 audit(1773256912.124:420): avc:  denied  { create } for  pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   59.740889][  T735] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   59.751891][  T735] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   59.761768][  T735] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   59.774737][  T735] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   59.783874][  T735] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.815185][  T735] usb 1-1: config 0 descriptor??
[   59.828785][ T1378] netlink: 68 bytes leftover after parsing attributes in process `syz.1.346'.
[   60.216597][ T1392] capability: warning: `syz.4.352' uses 32-bit capabilities (legacy support in use)
[   60.225431][  T735] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[   60.234994][  T735] plantronics 0003:047F:FFFF.000A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   60.469535][  T335] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   60.499768][ T1353] netlink: 140 bytes leftover after parsing attributes in process `syz.0.337'.
[   60.686660][  T335] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.697610][  T335] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.707414][  T335] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   60.720365][  T335] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   60.729413][  T335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.740494][  T335] usb 6-1: config 0 descriptor??
[   61.038920][ T1413] loop2: detected capacity change from 0 to 256
[   61.056877][ T1415] loop4: detected capacity change from 0 to 1024
[   61.056946][ T1413] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   61.066469][ T1415] EXT4-fs: Ignoring removed bh option
[   61.096278][ T1415] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   61.131353][  T286] EXT4-fs (loop4): unmounting filesystem.
[   61.197447][ T1412] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[   61.205516][ T1412] FAT-fs (loop2): Filesystem has been set read-only
[   61.212274][ T1412] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[   61.213209][  T335] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[   61.229591][  T335] plantronics 0003:047F:FFFF.000B: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   61.518389][ T1270] usb 6-1: USB disconnect, device number 4
[   61.529615][    C0] plantronics 0003:047F:FFFF.000A: usb_submit_urb(ctrl) failed: -1
[   63.121963][ T1451] loop1: detected capacity change from 0 to 512
[   63.167456][ T1451] EXT4-fs error (device loop1): ext4_iget_extra_inode:4758: inode #15: comm syz.1.372: corrupted in-inode xattr
[   63.200417][ T1451] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.372: couldn't read orphan inode 15 (err -117)
[   63.247516][ T1456] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[   63.259690][ T1451] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   63.288836][ T1456] device syzkaller0 entered promiscuous mode
[   63.314210][ T1451] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.1.372: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   63.390057][  T284] EXT4-fs (loop1): unmounting filesystem.
[   63.412006][  T715] usb 1-1: USB disconnect, device number 4
[   63.487710][ T1464] netlink: 152 bytes leftover after parsing attributes in process `syz.0.370'.
[   63.655705][ T1474] loop1: detected capacity change from 0 to 1024
[   63.659269][  T735] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[   63.685800][  T735] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   63.716587][ T1474] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   63.753168][ T1474] EXT4-fs error (device loop1): ext4_read_inline_dir:1611: inode #12: block 7: comm syz.1.376: path /76/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=14, rec_len=8, size=80 fake=0
[   63.783534][  T284] EXT4-fs (loop1): unmounting filesystem.
[   65.030509][  T735] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   65.138578][ T1502] netlink: 152 bytes leftover after parsing attributes in process `syz.4.384'.
[   65.240941][  T735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   65.275722][  T735] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   65.334880][  T735] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   65.417549][ T1508] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.424793][ T1508] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.451797][  T735] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   65.511013][  T735] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.606273][  T735] usb 6-1: config 0 descriptor??
[   65.842592][ T1520] fuse: Bad value for 'fd'
[   65.937223][ T1521] netlink: 152 bytes leftover after parsing attributes in process `syz.2.388'.
[   66.048971][  T735] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[   66.066971][  T735] plantronics 0003:047F:FFFF.000D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   66.344937][ T1491] netlink: 140 bytes leftover after parsing attributes in process `syz.5.381'.
[   66.623441][ T1534] netlink: 4 bytes leftover after parsing attributes in process `syz.2.393'.
[   66.739445][ T1539] loop2: detected capacity change from 0 to 1024
[   66.817214][ T1539] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   66.875650][   T28] kauditd_printk_skb: 9 callbacks suppressed
[   66.875716][   T28] audit: type=1400 audit(1773256919.584:430): avc:  denied  { watch watch_reads } for  pid=1537 comm="syz.2.395" path="/79/file1" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   66.954227][  T287] EXT4-fs (loop2): unmounting filesystem.
[   67.527281][    C1] plantronics 0003:047F:FFFF.000D: usb_submit_urb(ctrl) failed: -1
[   67.536275][   T24] usb 6-1: USB disconnect, device number 5
[   67.749093][ T1548] netlink: 152 bytes leftover after parsing attributes in process `syz.2.397'.
[   67.839577][   T28] audit: type=1400 audit(1773256920.544:431): avc:  denied  { name_bind } for  pid=1556 comm="syz.0.401" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   68.044861][   T28] audit: type=1400 audit(1773256920.754:432): avc:  denied  { read } for  pid=1567 comm="syz.4.405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   68.159590][  T505] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   68.273850][   T28] audit: type=1400 audit(1773256920.804:433): avc:  denied  { write } for  pid=1567 comm="syz.4.405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   68.374379][ T1577] hub 9-0:1.0: USB hub found
[   68.379775][ T1577] hub 9-0:1.0: 1 port detected
[   68.399622][  T505] usb 3-1: Using ep0 maxpacket: 16
[   68.413071][  T505] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   68.453599][  T505] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   68.521417][  T505] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   68.530903][  T505] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.538944][  T505] usb 3-1: Product: syz
[   68.545512][  T505] usb 3-1: Manufacturer: syz
[   68.550618][  T505] usb 3-1: SerialNumber: syz
[   68.580670][  T505] r8152-cfgselector 3-1: config 0 descriptor??
[   68.635284][ T1582] loop0: detected capacity change from 0 to 1024
[   68.686169][ T1582] EXT4-fs: Ignoring removed orlov option
[   68.716024][ T1582] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   68.794480][ T1582] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   68.813860][   T28] audit: type=1400 audit(1773256921.524:434): avc:  denied  { map } for  pid=1578 comm="syz.0.408" path="socket:[19844]" dev="sockfs" ino=19844 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   68.837195][   T28] audit: type=1400 audit(1773256921.524:435): avc:  denied  { read } for  pid=1578 comm="syz.0.408" path="socket:[19844]" dev="sockfs" ino=19844 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   68.879618][  T283] EXT4-fs (loop0): unmounting filesystem.
[   69.439615][   T28] audit: type=1400 audit(1773256922.034:436): avc:  denied  { bind } for  pid=1555 comm="syz.2.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   69.590243][ T1597] netlink: 68 bytes leftover after parsing attributes in process `syz.0.411'.
[   69.651531][ T1591] netlink: 152 bytes leftover after parsing attributes in process `syz.1.410'.
[   70.589550][   T28] audit: type=1400 audit(1773256923.294:437): avc:  denied  { append } for  pid=1614 comm="syz.0.419" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   70.654824][ T1620] hub 9-0:1.0: USB hub found
[   70.962855][ T1620] hub 9-0:1.0: 1 port detected
[   70.969863][  T505] usb 3-1: USB disconnect, device number 5
[   71.257872][ T1636] device syzkaller0 entered promiscuous mode
[   71.306563][   T28] audit: type=1400 audit(1773256924.014:438): avc:  denied  { bind } for  pid=1637 comm="syz.1.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.374136][   T28] audit: type=1400 audit(1773256924.014:439): avc:  denied  { listen } for  pid=1637 comm="syz.1.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.543808][ T1651] loop1: detected capacity change from 0 to 8192
[   71.610545][ T1653] netlink: 152 bytes leftover after parsing attributes in process `syz.4.427'.
[   71.642712][ T1651] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   71.808234][ T1655] loop5: detected capacity change from 0 to 512
[   72.018674][ T1655] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   72.055238][ T1655] EXT4-fs error (device loop5): ext4_validate_block_bitmap:420: comm syz.5.429: bg 0: bad block bitmap checksum
[   72.116302][  T526] EXT4-fs (loop5): unmounting filesystem.
[   72.213151][   T28] kauditd_printk_skb: 2 callbacks suppressed
[   72.213165][   T28] audit: type=1400 audit(1773256924.924:442): avc:  denied  { read } for  pid=1666 comm="syz.5.433" laddr=::1 lport=56875 faddr=::1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   72.365181][ T1676] loop5: detected capacity change from 0 to 1024
[   72.371637][   T28] audit: type=1400 audit(1773256925.074:443): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   72.400172][ T1676] EXT4-fs: Ignoring removed orlov option
[   72.418938][ T1676] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   72.465794][ T1676] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   72.480521][ T1677] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.495308][ T1677] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.503024][ T1677] device bridge_slave_0 entered promiscuous mode
[   72.510291][ T1677] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.517890][ T1677] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.553709][ T1677] device bridge_slave_1 entered promiscuous mode
[   73.054914][  T526] EXT4-fs (loop5): unmounting filesystem.
[   73.249230][ T1677] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.256364][ T1677] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.263927][ T1677] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.271058][ T1677] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.333436][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.347901][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.360117][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.370773][  T465] device bridge_slave_1 left promiscuous mode
[   73.376928][  T465] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.385093][  T465] device bridge_slave_0 left promiscuous mode
[   73.391764][  T465] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.400499][  T465] device veth1_macvtap left promiscuous mode
[   73.406872][  T465] device veth0_vlan left promiscuous mode
[   73.509960][ T1718] device syzkaller0 entered promiscuous mode
[   73.517391][ T1722] device syzkaller0 entered promiscuous mode
[   73.529327][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   73.538011][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.564157][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   73.572563][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.591956][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.602989][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.613312][ T1677] device veth0_vlan entered promiscuous mode
[   73.617418][ T1725] loop2: detected capacity change from 0 to 1024
[   73.628710][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.637282][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.650656][ T1727] netlink: 'syz.0.450': attribute type 13 has an invalid length.
[   73.662979][ T1725] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   73.693093][ T1725] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   73.703401][ T1725] EXT4-fs error (device loop2): ext4_get_journal_inode:5743: inode #5: comm syz.2.449: unexpected bad inode w/o EXT4_IGET_BAD
[   73.716559][ T1727] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.723773][ T1727] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.742106][ T1725] EXT4-fs (loop2): no journal found
[   73.757715][ T1725] EXT4-fs (loop2): can't get journal size
[   73.773979][ T1677] device veth1_macvtap entered promiscuous mode
[   73.782087][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.796920][ T1725] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   73.798457][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.827050][  T287] EXT4-fs (loop2): unmounting filesystem.
[   73.866140][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.940102][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.953665][ T1735] loop0: detected capacity change from 0 to 128
[   73.960279][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   74.025093][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   74.034118][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.043499][ T1735] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   74.054288][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   74.126048][  T510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.387113][ T1744] hub 9-0:1.0: USB hub found
[   74.626408][ T1737] netlink: 152 bytes leftover after parsing attributes in process `syz.5.454'.
[   74.639823][   T28] audit: type=1400 audit(1773256927.284:444): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/root/syzkaller.DbIzaV/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   74.657016][ T1735] ext4 filesystem being mounted at /97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   74.664520][ T1744] hub 9-0:1.0: 1 port detected
[   74.703676][   T28] audit: type=1400 audit(1773256927.284:445): avc:  denied  { mount } for  pid=1677 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   74.728844][   T28] audit: type=1400 audit(1773256927.304:446): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/root/syzkaller.DbIzaV/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   74.756143][  T283] EXT4-fs (loop0): unmounting filesystem.
[   74.762253][   T28] audit: type=1400 audit(1773256927.304:447): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/root/syzkaller.DbIzaV/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=20224 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   74.790608][   T28] audit: type=1400 audit(1773256927.324:448): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=570 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   74.813714][   T28] audit: type=1400 audit(1773256927.354:449): avc:  denied  { mount } for  pid=1677 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   74.836309][   T28] audit: type=1400 audit(1773256927.354:450): avc:  denied  { mounton } for  pid=1677 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   75.509731][ T1759] hub 9-0:1.0: USB hub found
[   75.882443][ T1759] hub 9-0:1.0: 1 port detected
[   76.181514][ T1776] loop5: detected capacity change from 0 to 128
[   76.214027][ T1778] device syzkaller0 entered promiscuous mode
[   76.226962][ T1776] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   76.237283][   T28] audit: type=1400 audit(1773256928.954:451): avc:  denied  { mounton } for  pid=1772 comm="syz.4.465" path="/syzcgroup/cpu/syz4/cgroup.procs" dev="cgroup" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   76.262985][ T1782] cgroup2: Unknown parameter 'memory_hugetlb_accounting'
[   76.272739][ T1776] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.650000][ T1811] hub 9-0:1.0: USB hub found
[   77.995447][ T1811] hub 9-0:1.0: 1 port detected
[   78.122082][ T1817] device syzkaller0 entered promiscuous mode
[   78.262635][  T526] EXT4-fs (loop5): unmounting filesystem.
[   78.672629][ T1829] loop2: detected capacity change from 0 to 512
[   78.679890][ T1829] EXT4-fs: Ignoring removed i_version option
[   78.685923][ T1829] EXT4-fs: Ignoring removed i_version option
[   78.691939][ T1829] ext4: Bad value for 'journal_dev'
[   78.726192][ T1823] netlink: 68 bytes leftover after parsing attributes in process `syz.4.475'.
[   78.749544][   T28] audit: type=1400 audit(1773256931.354:452): avc:  denied  { mount } for  pid=1820 comm="syz.2.479" name="/" dev="ramfs" ino=20334 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   78.791783][   T28] audit: type=1400 audit(1773256931.394:453): avc:  denied  { mounton } for  pid=1820 comm="syz.2.479" path="/bus" dev="ramfs" ino=20336 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[   78.797691][  T348] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   78.856676][ T1835] loop5: detected capacity change from 0 to 1024
[   78.858418][   T28] audit: type=1400 audit(1773256931.544:454): avc:  denied  { read } for  pid=1833 comm="syz.0.484" name="event1" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   78.873896][ T1838] cgroup2: Unknown parameter 'memory_hugetlb_accounting'
[   78.899026][ T1835] EXT4-fs: Ignoring removed orlov option
[   78.915558][ T1835] EXT4-fs: Invalid want_extra_isize 9
[   79.153803][ T1853] hub 9-0:1.0: USB hub found
[   79.158824][ T1853] hub 9-0:1.0: 1 port detected
[   79.351116][ T1860] loop2: detected capacity change from 0 to 7
[   79.488570][   T28] audit: type=1400 audit(1773256932.194:455): avc:  denied  { shutdown } for  pid=1873 comm="syz.2.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   79.503784][ T1875] loop6: detected capacity change from 0 to 512
[   79.551883][ T1875] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   79.605250][ T1875] EXT4-fs (loop6): 1 truncate cleaned up
[   79.611007][ T1875] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   79.642845][   T28] audit: type=1400 audit(1773256932.354:456): avc:  denied  { map } for  pid=1871 comm="syz.6.498" path="socket:[20740]" dev="sockfs" ino=20740 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   79.680938][   T28] audit: type=1400 audit(1773256932.384:457): avc:  denied  { read } for  pid=1871 comm="syz.6.498" path="socket:[20740]" dev="sockfs" ino=20740 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   79.761893][ T1890] hub 9-0:1.0: USB hub found
[   79.767171][ T1890] hub 9-0:1.0: 1 port detected
[   79.981628][ T1677] EXT4-fs (loop6): unmounting filesystem.
[   79.998265][ T1888] loop2: detected capacity change from 0 to 512
[   80.033470][ T1899] device syzkaller0 entered promiscuous mode
[   80.047106][ T1900] loop6: detected capacity change from 0 to 1024
[   80.055504][ T1888] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   80.080171][ T1888] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   80.146641][ T1900] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   80.181338][  T287] EXT4-fs (loop2): unmounting filesystem.
[   80.223146][ T1677] EXT4-fs (loop6): unmounting filesystem.
[   80.587961][ T1926] device syzkaller0 entered promiscuous mode
[   81.074737][ T1935] hub 9-0:1.0: USB hub found
[   81.238008][ T1935] hub 9-0:1.0: 1 port detected
[   81.318233][ T1943] cgroup2: Unknown parameter 'memory_hugetlb_accounting'
[   82.992434][ T1965] loop7: detected capacity change from 0 to 16384
[   83.029483][    C0] sched: RT throttling activated
[   83.043022][ T1967] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 2
[   83.132948][ T1965] loop7: detected capacity change from 16384 to 0
[   83.178630][   T28] audit: type=1400 audit(1773256935.884:458): avc:  denied  { connect } for  pid=1973 comm="syz.5.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   83.252137][   T28] audit: type=1400 audit(1773256935.964:459): avc:  granted  { setsecparam } for  pid=1978 comm="syz.4.535" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   83.786896][ T1745] Bluetooth: hci0: Frame reassembly failed (-84)
[   83.793924][   T28] audit: type=1400 audit(1773256936.504:460): avc:  denied  { ioctl } for  pid=2008 comm="syz.2.545" path="socket:[21666]" dev="sockfs" ino=21666 ioctlcmd=0x48dd scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   83.954736][   T28] audit: type=1400 audit(1773256936.664:461): avc:  denied  { read write } for  pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   84.042188][   T28] audit: type=1400 audit(1773256936.664:462): avc:  denied  { open } for  pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   84.123189][   T28] audit: type=1400 audit(1773256936.664:463): avc:  denied  { ioctl } for  pid=286 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   84.219068][   T28] audit: type=1400 audit(1773256936.694:464): avc:  denied  { create } for  pid=1997 comm="syz.0.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.241738][   T28] audit: type=1400 audit(1773256936.694:465): avc:  denied  { write } for  pid=1997 comm="syz.0.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.415333][   T28] audit: type=1400 audit(1773256936.694:466): avc:  denied  { read } for  pid=1997 comm="syz.0.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.524845][   T28] audit: type=1400 audit(1773256936.694:467): avc:  denied  { read } for  pid=1997 comm="syz.0.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.594400][   T28] audit: type=1400 audit(1773256936.694:468): avc:  denied  { write } for  pid=1997 comm="syz.0.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.635709][   T28] audit: type=1400 audit(1773256936.694:469): avc:  denied  { bpf } for  pid=1997 comm="syz.0.541" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   85.157846][ T2029] hub 9-0:1.0: USB hub found
[   85.163065][ T2029] hub 9-0:1.0: 1 port detected
[   85.758812][ T2053] netlink: 140 bytes leftover after parsing attributes in process `syz.0.561'.
[   85.829563][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   85.835603][  T640] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   85.848181][ T2009] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[   86.869507][    C0] ==================================================================
[   86.877594][    C0] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[   86.884655][    C0] Write of size 8 at addr ffff888134fe0a00 by task syz-executor/2105
[   86.893066][    C0] 
[   86.895402][    C0] CPU: 0 PID: 2105 Comm: syz-executor Not tainted syzkaller #0
[   86.902942][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   86.912999][    C0] Call Trace:
[   86.916272][    C0]  <IRQ>
[   86.919111][    C0]  __dump_stack+0x21/0x24
[   86.923449][    C0]  dump_stack_lvl+0x110/0x170
[   86.928137][    C0]  ? __cfi_dump_stack_lvl+0x8/0x8
[   86.933168][    C0]  ? enqueue_timer+0xae/0x480
[   86.937829][    C0]  print_address_description+0x71/0x200
[   86.943355][    C0]  print_report+0x4a/0x60
[   86.947659][    C0]  kasan_report+0x122/0x150
[   86.952138][    C0]  ? enqueue_timer+0xae/0x480
[   86.956793][    C0]  __asan_report_store8_noabort+0x17/0x20
[   86.962484][    C0]  enqueue_timer+0xae/0x480
[   86.966967][    C0]  __mod_timer+0x84c/0xc00
[   86.971367][    C0]  mod_timer+0x1f/0x30
[   86.975447][    C0]  can_stat_update+0xb1a/0xbb0
[   86.980220][    C0]  ? __cfi_can_stat_update+0x10/0x10
[   86.985518][    C0]  call_timer_fn+0x46/0x2a0
[   86.990040][    C0]  ? __cfi_can_stat_update+0x10/0x10
[   86.995422][    C0]  __run_timers+0x65b/0x9f0
[   86.999938][    C0]  ? calc_index+0x200/0x200
[   87.004454][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   87.009667][    C0]  run_timer_softirq+0x6a/0xf0
[   87.014444][    C0]  handle_softirqs+0x1d7/0x600
[   87.019233][    C0]  __irq_exit_rcu+0x52/0xf0
[   87.023749][    C0]  irq_exit_rcu+0x9/0x10
[   87.028011][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   87.033659][    C0]  </IRQ>
[   87.036588][    C0]  <TASK>
[   87.039516][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   87.045501][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x5d/0x60
[   87.051670][    C0] Code: 0b 00 00 83 fa 02 75 21 48 8b 91 50 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 4c 0b 00 00 48 39 cf 73 08 48 89 3a 48 89 44 f2 08 5d <c3> 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 e2 33 28 be 55 48 89
[   87.071292][    C0] RSP: 0000:ffffc90002727498 EFLAGS: 00000293
[   87.077368][    C0] RAX: ffffffff81bbfa5e RBX: ffffc900027274e0 RCX: ffff8881178a8000
[   87.085353][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000140cca
[   87.093414][    C0] RBP: ffffc900027275c8 R08: ffffea0004fc53f7 R09: ffffed1027e29e00
[   87.101391][    C0] R10: dffffc0000000000 R11: fffff940009f8a7f R12: dffffc0000000000
[   87.109367][    C0] R13: 0000000000000001 R14: 0000000000000000 R15: 1ffff920004e4e98
[   87.117348][    C0]  ? save_stack+0x8e/0x230
[   87.121777][    C0]  ? save_stack+0x8e/0x230
[   87.126210][    C0]  ? __reset_page_owner+0x190/0x190
[   87.131413][    C0]  ? __cfi_sched_clock_cpu+0x10/0x10
[   87.136032][ T2120] capability: warning: `syz.6.592' uses deprecated v2 capabilities in a way that may be insecure
[   87.136703][    C0]  ? __alloc_pages+0x1d9/0x480
[   87.151936][    C0]  ? __folio_alloc+0x12/0x40
[   87.156534][    C0]  ? wp_page_copy+0x2a3/0x15a0
[   87.161308][    C0]  ? handle_mm_fault+0x1124/0x26c0
[   87.166432][    C0]  ? exc_page_fault+0x51/0xb0
[   87.171119][    C0]  ? __kasan_check_write+0x14/0x20
[   87.176241][    C0]  ? __set_page_owner_handle+0x3c7/0x410
[   87.181880][    C0]  __set_page_owner+0x1f/0x60
[   87.186563][    C0]  post_alloc_hook+0x1f5/0x210
[   87.191336][    C0]  prep_new_page+0x1c/0x110
[   87.195846][    C0]  get_page_from_freelist+0x2d12/0x2d80
[   87.201401][    C0]  ? __cfi_gfp_zone+0x10/0x10
[   87.206086][    C0]  ? __alloc_pages+0x480/0x480
[   87.210859][    C0]  ? __cfi_gfp_zone+0x10/0x10
[   87.215538][    C0]  __alloc_pages+0x1d9/0x480
[   87.220138][    C0]  ? __cfi___alloc_pages+0x10/0x10
[   87.225261][    C0]  ? unlock_page_memcg+0x115/0x130
[   87.230375][    C0]  __folio_alloc+0x12/0x40
[   87.234793][    C0]  wp_page_copy+0x2a3/0x15a0
[   87.239392][    C0]  ? fault_dirty_shared_page+0x310/0x310
[   87.245027][    C0]  ? do_fault+0x1bd5/0x1e20
[   87.249526][    C0]  do_wp_page+0x9f2/0xfc0
[   87.253862][    C0]  handle_mm_fault+0x1124/0x26c0
[   87.258812][    C0]  ? __cfi_handle_mm_fault+0x10/0x10
[   87.264115][    C0]  ? lock_vma_under_rcu+0x400/0x4f0
[   87.269319][    C0]  do_user_addr_fault+0x905/0x1050
[   87.274449][    C0]  exc_page_fault+0x51/0xb0
[   87.278966][    C0]  asm_exc_page_fault+0x27/0x30
[   87.283823][    C0] RIP: 0033:0x7f6f14796143
[   87.288253][    C0] Code: 8b 80 88 00 00 00 48 c7 00 00 00 00 00 48 c7 40 08 00 00 00 00 eb b8 48 83 05 08 66 db 00 04 48 8b 05 e9 73 db 00 66 0f ef c0 <48> c7 05 52 76 25 00 00 00 00 00 48 8d 1d 0b 74 db 00 0f 11 05 34
[   87.307866][    C0] RSP: 002b:00007fff5eea1ce0 EFLAGS: 00010202
[   87.313939][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f6f1473dde7
[   87.321917][    C0] RDX: 0000000000000000 RSI: 00007fff5eea1cb0 RDI: 0000000000000002
[   87.323762][ T2127] netlink: 68 bytes leftover after parsing attributes in process `syz.0.586'.
[   87.329888][    C0] RBP: 00007fff5eea1e3c R08: 00007f6f15548060 R09: 0000000000000000
[   87.329905][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[   87.329915][    C0] R13: 00000000000927c0 R14: 0000000000015327 R15: 00007fff5eea1e90
[   87.362618][    C0]  </TASK>
[   87.365636][    C0] 
[   87.367962][    C0] Allocated by task 2009:
[   87.372277][    C0]  kasan_set_track+0x4b/0x70
[   87.376878][    C0]  kasan_save_alloc_info+0x25/0x30
[   87.381999][    C0]  __kasan_kmalloc+0x95/0xb0
[   87.386596][    C0]  __kmalloc+0xb1/0x1e0
[   87.390749][    C0]  hci_alloc_dev_priv+0x27/0x1bd0
[   87.395785][    C0]  hci_uart_tty_ioctl+0x3c8/0xa20
[   87.400826][    C0]  tty_ioctl+0x8ef/0xc60
[   87.405072][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   87.409746][    C0]  __x64_sys_ioctl+0x7b/0x90
[   87.414332][    C0]  x64_sys_call+0x58b/0x9a0
[   87.418835][    C0]  do_syscall_64+0x4c/0xa0
[   87.423239][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   87.429148][    C0] 
[   87.431469][    C0] Freed by task 2009:
[   87.435439][    C0]  kasan_set_track+0x4b/0x70
[   87.440035][    C0]  kasan_save_free_info+0x31/0x50
[   87.445072][    C0]  ____kasan_slab_free+0x132/0x180
[   87.450275][    C0]  __kasan_slab_free+0x11/0x20
[   87.455045][    C0]  slab_free_freelist_hook+0xc2/0x190
[   87.460429][    C0]  __kmem_cache_free+0xb7/0x1b0
[   87.465288][    C0]  kfree+0x6f/0xf0
[   87.469010][    C0]  hci_release_dev+0x12a3/0x13b0
[   87.473957][    C0]  bt_host_release+0x82/0x90
[   87.478545][    C0]  device_release+0xa4/0x1d0
[   87.483121][    C0]  kobject_put+0x19d/0x280
[   87.487515][    C0]  put_device+0x1f/0x30
[   87.491664][    C0]  hci_dev_cmd+0x279/0x740
[   87.496056][    C0]  hci_sock_ioctl+0x41e/0x7f0
[   87.500710][    C0]  sock_do_ioctl+0x114/0x330
[   87.505275][    C0]  sock_ioctl+0x4bd/0x710
[   87.509576][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   87.514228][    C0]  __x64_sys_ioctl+0x7b/0x90
[   87.518791][    C0]  x64_sys_call+0x58b/0x9a0
[   87.523271][    C0]  do_syscall_64+0x4c/0xa0
[   87.527665][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   87.533542][    C0] 
[   87.535843][    C0] Last potentially related work creation:
[   87.541528][    C0]  kasan_save_stack+0x3a/0x60
[   87.546182][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[   87.551531][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[   87.557316][    C0]  insert_work+0x51/0x300
[   87.561621][    C0]  __queue_work+0x9b1/0xd30
[   87.566097][    C0]  queue_work_on+0xde/0x150
[   87.570574][    C0]  __hci_cmd_sync_sk+0xa7f/0xd30
[   87.575488][    C0]  hci_cmd_sync_status+0x53/0x120
[   87.580573][    C0]  hci_dev_cmd+0x35b/0x740
[   87.584963][    C0]  hci_sock_ioctl+0x41e/0x7f0
[   87.589616][    C0]  sock_do_ioctl+0x114/0x330
[   87.594178][    C0]  sock_ioctl+0x4bd/0x710
[   87.598478][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   87.603129][    C0]  __x64_sys_ioctl+0x7b/0x90
[   87.607693][    C0]  x64_sys_call+0x58b/0x9a0
[   87.612171][    C0]  do_syscall_64+0x4c/0xa0
[   87.616564][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   87.622435][    C0] 
[   87.624735][    C0] Second to last potentially related work creation:
[   87.631300][    C0]  kasan_save_stack+0x3a/0x60
[   87.635954][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[   87.641305][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[   87.647090][    C0]  insert_work+0x51/0x300
[   87.651393][    C0]  __queue_work+0x9b1/0xd30
[   87.655873][    C0]  queue_work_on+0xde/0x150
[   87.660352][    C0]  hci_cmd_timeout+0x191/0x200
[   87.665095][    C0]  process_one_work+0x71f/0xc40
[   87.669925][    C0]  worker_thread+0xa29/0x11e0
[   87.674594][    C0]  kthread+0x281/0x320
[   87.678638][    C0]  ret_from_fork+0x1f/0x30
[   87.683031][    C0] 
[   87.685328][    C0] The buggy address belongs to the object at ffff888134fe0000
[   87.685328][    C0]  which belongs to the cache kmalloc-8k of size 8192
[   87.699354][    C0] The buggy address is located 2560 bytes inside of
[   87.699354][    C0]  8192-byte region [ffff888134fe0000, ffff888134fe2000)
[   87.712773][    C0] 
[   87.715079][    C0] The buggy address belongs to the physical page:
[   87.721459][    C0] page:ffffea0004d3f800 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888134fe4000 pfn:0x134fe0
[   87.732980][    C0] head:ffffea0004d3f800 order:3 compound_mapcount:0 compound_pincount:0
[   87.741277][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[   87.747326][    C0] raw: 4000000000010200 ffffea0004583808 ffffea0004d28c08 ffff888100043500
[   87.755883][    C0] raw: ffff888134fe4000 0000000000020001 00000001ffffffff 0000000000000000
[   87.764442][    C0] page dumped because: kasan: bad access detected
[   87.770839][    C0] page_owner tracks the page as allocated
[   87.776524][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 886, tgid 885 (syz.4.184), ts 42284874313, free_ts 38713315295
[   87.798895][    C0]  post_alloc_hook+0x1f5/0x210
[   87.803645][    C0]  prep_new_page+0x1c/0x110
[   87.808129][    C0]  get_page_from_freelist+0x2d12/0x2d80
[   87.813669][    C0]  __alloc_pages+0x1d9/0x480
[   87.818235][    C0]  alloc_slab_page+0x6e/0xf0
[   87.822804][    C0]  new_slab+0x98/0x3d0
[   87.826853][    C0]  ___slab_alloc+0x6bd/0xb20
[   87.831422][    C0]  __slab_alloc+0x5e/0xa0
[   87.835768][    C0]  __kmem_cache_alloc_node+0x203/0x2c0
[   87.841234][    C0]  __kmalloc+0xa1/0x1e0
[   87.845384][    C0]  vhost_dev_set_owner+0x41a/0xa40
[   87.850506][    C0]  vhost_dev_ioctl+0xbf/0xfa0
[   87.855183][    C0]  vhost_vsock_dev_ioctl+0x238/0xe30
[   87.860476][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   87.865135][    C0]  __x64_sys_ioctl+0x7b/0x90
[   87.869700][    C0]  x64_sys_call+0x58b/0x9a0
[   87.874182][    C0] page last free stack trace:
[   87.878831][    C0]  free_unref_page_prepare+0x742/0x750
[   87.884279][    C0]  free_unref_page+0x95/0x540
[   87.888930][    C0]  __free_pages+0x67/0x100
[   87.893320][    C0]  __free_slab+0xca/0x1a0
[   87.897626][    C0]  __unfreeze_partials+0x160/0x190
[   87.902716][    C0]  put_cpu_partial+0xa9/0x100
[   87.907390][    C0]  __slab_free+0x1c4/0x280
[   87.911784][    C0]  ___cache_free+0xbf/0xd0
[   87.916175][    C0]  qlist_free_all+0xc6/0x140
[   87.920748][    C0]  kasan_quarantine_reduce+0x14a/0x170
[   87.926189][    C0]  __kasan_slab_alloc+0x24/0x80
[   87.931016][    C0]  slab_post_alloc_hook+0x4f/0x2d0
[   87.936107][    C0]  __kmem_cache_alloc_node+0x192/0x2c0
[   87.941573][    C0]  kmalloc_trace+0x29/0xb0
[   87.945967][    C0]  kernfs_iop_get_link+0x65/0x620
[   87.950971][    C0]  vfs_readlink+0x18f/0x410
[   87.955458][    C0] 
[   87.957759][    C0] Memory state around the buggy address:
[   87.963361][    C0]  ffff888134fe0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.971394][    C0]  ffff888134fe0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.979428][    C0] >ffff888134fe0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.987459][    C0]                    ^
[   87.991499][    C0]  ffff888134fe0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   87.999535][    C0]  ffff888134fe0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.007565][    C0] ==================================================================
[   88.015598][    C0] Disabling lock debugging due to kernel taint
[   88.022639][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   88.034351][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   88.042739][    C0] CPU: 0 PID: 2105 Comm: syz-executor Tainted: G    B              syzkaller #0
[   88.051738][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   88.061773][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   88.067051][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 28 45 29 00 4c 89 ff e8 60 80 b8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ac 7a 6e 00 49 8b 7d 00 e8 f3 7b
[   88.086634][    C0] RSP: 0000:ffffc90000007c70 EFLAGS: 00010046
[   88.092680][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881178a8000
[   88.100632][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   88.108584][    C0] RBP: ffffc90000007d08 R08: 0000000000000007 R09: fffffffffffffffb
[   88.116535][    C0] R10: dffffc0000000000 R11: ffffed10269fc139 R12: dffffc0000000000
[   88.124486][    C0] R13: 0000000000000000 R14: ffff888134fe09c8 R15: 0000000000000008
[   88.132434][    C0] FS:  00005555734b7500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   88.141342][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.147906][    C0] CR2: 00007f6f149ed7a0 CR3: 000000013bf6b000 CR4: 00000000003506b0
[   88.155858][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.163808][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.171759][    C0] Call Trace:
[   88.175023][    C0]  <IRQ>
[   88.177850][    C0]  delayed_work_timer_fn+0x61/0x80
[   88.182950][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   88.188744][    C0]  call_timer_fn+0x46/0x2a0
[   88.193239][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   88.199061][    C0]  __run_timers+0x689/0x9f0
[   88.203563][    C0]  ? calc_index+0x200/0x200
[   88.208058][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   88.213246][    C0]  run_timer_softirq+0x6a/0xf0
[   88.217994][    C0]  handle_softirqs+0x1d7/0x600
[   88.222742][    C0]  __irq_exit_rcu+0x52/0xf0
[   88.227226][    C0]  irq_exit_rcu+0x9/0x10
[   88.231449][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   88.237066][    C0]  </IRQ>
[   88.239977][    C0]  <TASK>
[   88.242886][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   88.248847][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x5d/0x60
[   88.254987][    C0] Code: 0b 00 00 83 fa 02 75 21 48 8b 91 50 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 4c 0b 00 00 48 39 cf 73 08 48 89 3a 48 89 44 f2 08 5d <c3> 66 90 90 90 90 90 90 90 90 90 90 90 90 b8 e2 33 28 be 55 48 89
[   88.274571][    C0] RSP: 0000:ffffc90002727498 EFLAGS: 00000293
[   88.280618][    C0] RAX: ffffffff81bbfa5e RBX: ffffc900027274e0 RCX: ffff8881178a8000
[   88.288577][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000140cca
[   88.296527][    C0] RBP: ffffc900027275c8 R08: ffffea0004fc53f7 R09: ffffed1027e29e00
[   88.304479][    C0] R10: dffffc0000000000 R11: fffff940009f8a7f R12: dffffc0000000000
[   88.312429][    C0] R13: 0000000000000001 R14: 0000000000000000 R15: 1ffff920004e4e98
[   88.320384][    C0]  ? save_stack+0x8e/0x230
[   88.324788][    C0]  ? save_stack+0x8e/0x230
[   88.329183][    C0]  ? __reset_page_owner+0x190/0x190
[   88.334358][    C0]  ? __cfi_sched_clock_cpu+0x10/0x10
[   88.339718][    C0]  ? __alloc_pages+0x1d9/0x480
[   88.344470][    C0]  ? __folio_alloc+0x12/0x40
[   88.349044][    C0]  ? wp_page_copy+0x2a3/0x15a0
[   88.353790][    C0]  ? handle_mm_fault+0x1124/0x26c0
[   88.358888][    C0]  ? exc_page_fault+0x51/0xb0
[   88.363546][    C0]  ? __kasan_check_write+0x14/0x20
[   88.368636][    C0]  ? __set_page_owner_handle+0x3c7/0x410
[   88.374247][    C0]  __set_page_owner+0x1f/0x60
[   88.378905][    C0]  post_alloc_hook+0x1f5/0x210
[   88.383654][    C0]  prep_new_page+0x1c/0x110
[   88.388167][    C0]  get_page_from_freelist+0x2d12/0x2d80
[   88.393707][    C0]  ? __cfi_gfp_zone+0x10/0x10
[   88.398456][    C0]  ? __alloc_pages+0x480/0x480
[   88.403208][    C0]  ? __cfi_gfp_zone+0x10/0x10
[   88.407863][    C0]  __alloc_pages+0x1d9/0x480
[   88.412438][    C0]  ? __cfi___alloc_pages+0x10/0x10
[   88.417539][    C0]  ? unlock_page_memcg+0x115/0x130
[   88.422631][    C0]  __folio_alloc+0x12/0x40
[   88.427030][    C0]  wp_page_copy+0x2a3/0x15a0
[   88.431602][    C0]  ? fault_dirty_shared_page+0x310/0x310
[   88.437216][    C0]  ? do_fault+0x1bd5/0x1e20
[   88.441707][    C0]  do_wp_page+0x9f2/0xfc0
[   88.446021][    C0]  handle_mm_fault+0x1124/0x26c0
[   88.450944][    C0]  ? __cfi_handle_mm_fault+0x10/0x10
[   88.456213][    C0]  ? lock_vma_under_rcu+0x400/0x4f0
[   88.461392][    C0]  do_user_addr_fault+0x905/0x1050
[   88.466492][    C0]  exc_page_fault+0x51/0xb0
[   88.470976][    C0]  asm_exc_page_fault+0x27/0x30
[   88.475809][    C0] RIP: 0033:0x7f6f14796143
[   88.480204][    C0] Code: 8b 80 88 00 00 00 48 c7 00 00 00 00 00 48 c7 40 08 00 00 00 00 eb b8 48 83 05 08 66 db 00 04 48 8b 05 e9 73 db 00 66 0f ef c0 <48> c7 05 52 76 25 00 00 00 00 00 48 8d 1d 0b 74 db 00 0f 11 05 34
[   88.499789][    C0] RSP: 002b:00007fff5eea1ce0 EFLAGS: 00010202
[   88.505835][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f6f1473dde7
[   88.513785][    C0] RDX: 0000000000000000 RSI: 00007fff5eea1cb0 RDI: 0000000000000002
[   88.521823][    C0] RBP: 00007fff5eea1e3c R08: 00007f6f15548060 R09: 0000000000000000
[   88.529781][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[   88.537729][    C0] R13: 00000000000927c0 R14: 0000000000015327 R15: 00007fff5eea1e90
[   88.545709][    C0]  </TASK>
[   88.548724][    C0] Modules linked in:
[   88.552600][    C0] ---[ end trace 0000000000000000 ]---
[   88.558038][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   88.563309][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 28 45 29 00 4c 89 ff e8 60 80 b8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ac 7a 6e 00 49 8b 7d 00 e8 f3 7b
[   88.582892][    C0] RSP: 0000:ffffc90000007c70 EFLAGS: 00010046
[   88.588942][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881178a8000
[   88.596892][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   88.604841][    C0] RBP: ffffc90000007d08 R08: 0000000000000007 R09: fffffffffffffffb
[   88.612791][    C0] R10: dffffc0000000000 R11: ffffed10269fc139 R12: dffffc0000000000
[   88.620740][    C0] R13: 0000000000000000 R14: ffff888134fe09c8 R15: 0000000000000008
[   88.629036][    C0] FS:  00005555734b7500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   88.637942][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.644505][    C0] CR2: 00007f6f149ed7a0 CR3: 000000013bf6b000 CR4: 00000000003506b0
[   88.652461][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.660410][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.668360][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[   88.675830][    C0] Kernel Offset: disabled
[   88.680141][    C0] Rebooting in 86400 seconds..