last executing test programs:

9.37183549s ago: executing program 2 (id=2232):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r0 = syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000280)={0x0, <r1=>0x0})
tkill(r1, 0x1c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x0)
chdir(&(0x7f00000005c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r7, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

8.261198201s ago: executing program 2 (id=2235):
r0 = dup(0xffffffffffffffff)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x3, &(0x7f00000001c0)=@framed, 0x0}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000001c0)=ANY=[])
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt', 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const]}}, &(0x7f0000000840)=""/184, 0x26, 0xb8, 0x1}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={r3, 0xffffffffffffff90, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/149, 0x95}}, 0x10)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
pipe2$9p(0x0, 0x0)
socket$unix(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e00000085"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0xc)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r5 = syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000100)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000002140)={0x50, 0x0, r6}, 0x50)
read$FUSE(r4, &(0x7f0000002900)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r4, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r7}, 0x10)
syz_fuse_handle_req(r4, &(0x7f0000004940)="4f50356c9e70ce6dcbe3d22a41991ada3384a3cc61e92a72df663226dcad115a3308ae59bd26134ca5b1d27458f3aebf34acb004e78edccd1c3d66ebfda95d8369a12684acfd2a04e36c20ef64cbf1b5bbc16a9783fcf708a9b8b981d1439e1a70c847592b26218c9a35c8cbf385a246ac35fb857113366f18ebf2038f6f5fe538f19afed142f05dfa55e8e5ec4234f6bd050a4d3033bb36ec207606c74bdbb57dc854f6df4c8c9baa253c94555881384fe2f47514f5b07ec99616b751cfb680bc45603bd053c910f9cd9f7d954178f2385becf76f2acacd3a5f570f9ec36203fdd74b03259ce7df7c4c833708d24e1da50717cf88499739f009f6a0d0f9cfeee33134e807ff90cd8984a2f377c22595be32493ade61f85925cb5803dad77b642a067d357d05fd01e6af9a0b3c1d8e2f871bf2e5d082fb410ca5b5a8b67471a2024d8d8a8f54bb82fc7a858223aed1a741e89cd539823ff5417f0bdd5963502c243a126d3a9bbf66adf1631148a90693467a4d255260760389a5717c9b3c79a0057061c4cfe3ca8d9d5d179526090dad4ea4816f291bb8649ed07de9128e6881f581a7989c9533c7bb6186c1c4266f813ad201d0ac241d9dc7990092b0f59d11bd5d457f722ededd6a147bc22e11d28c48d80f5ed97b66eed8f974ad611c03c76420332deb2bdccf260c7182b5ce9aaef10bfad7241d285bf4beea9d3ffd4e5933c4048ca9a041dac8a712836fafe4988ec3849330c6e929f5a0520bfd21079f603b990986202c08f589c3017c10b087f8fdec4fc56d0f89c2b00bcd5d931daa4219e6efc054f60d0988a3ac98f81324d22b5909bfc1f4d1b7172b30e0ec3b21f776553a4507ef0bd813a94d76733e84b0c7067457650e9fcde01840bf5a04399cf4d40b4c66ac1bb55b1aca704afbae4db5744953acb0e6cb0448153f848c774f74282e6c541f9bd1bec0e1b5044423425f182b95949edc8074e257056241df49812c2cf7ceb0b8d28f65f317523b4a47b9e2b693a89ef7c95d180b318ef70b7ee2d6e0a0cad96043c1df61f09613c1cd6f6d6461a761c8ef9c1338cd918318774502da24b0b9d38030533ff6c0359d3b273a18815a1f0a71df5e6452252fa0ddeefe55e6f9d6e3f7941ee84d76143ffb4d32093351ed67674c9862c5df14ae5f430012ebad4d8bd546e8149facb0c2b15ae86f38588ee617ff2874a668e7f755061460094f8e7e56590ba3f30582fa5341b0339b3d6115d631178424f2d8698a2efd847a5567f54e67eb555d4d8a8b548edaa48d47a7b9c06b04d03ee1ecfdfbda40049d0e2eac6150866bc3102bcd5feb4a62b0ac49601adc9c19450530685d54cd53c654fa4bcee4862b010cf6875a97a77e8c6dd1395d440c003091f241baa97eb2995e363b54e1f23f143e3c45af005100fc582e7730c0abf1ef58170942740709f9946f1d29765ed85f3d13bdeb7816afff414d806d80c2033493d2f3fa80a7ad476037891feca18d7625b27779ec4cd8d14de8afdc6c428005513e795f2e7a1e3410201474d9cf4e315f8e05ba591b242f14094149bfe42812ee05e387b5e791107a32578e2a8297238a0075bbda9a4427f379841ea86508c5fba5e235ed4a3754c846569e9a329494d579d066777ec2f189de2aa55a3549e87bf7cda53b7e9af98355b04264189cc95205bf2955e4ffc692e0e6c48d816758ff322244b4268f69a0b72274c429128d8489e13064c925b9d5f3c82be62445860545927b2ea2f3e439888795780e7c4a2b3f3ff62ff2d25e4a44013f9df631c3a0b68bbad82ebe551bf4ff36f1a260f6347c59685ba09d9d9871ef910cce643ba01c5d3f17a50d7daffa2010d274da5570dd19acdd373b55e55701e638f8d31c6d31315a50cdeda2aaad2b71bccd321619120be8cc92dbc696d810b188119ddfb578054bbd343fd5e9e889719dffdae9488c410bc2ce68ec2f85a337ec8fd5bd522bde64b930813efdd670193d91b37fd93aa02f68f67e884130ada337fcf873a984d91467896a703e15b3718e6fd5f6993da9288dabb6f3876a6db06bd8be05b14a5bc63db5ee4f55103640cf30746cdafa8563f5e8c1cccbb58e538b484e0565ed140f2de8437a20ca422f173c829311919a2156d22f3b8bf349f299494c5e37283b1a373390e08df6a551c608ba42ee6e1577043adf6b9e7c0edbd20be866279cd9ae36af67f198e43fd31737cf70312776f4e695327b4fe957641cd3a46b48b198c32a8fd1998b20ace3d9780d1258b3e131ac51c946d022ddec1daebd8b2d225580efd68c7035b301860f6070daf273637e626c3380226a550a33a0346ebb3b87c2b26f15c923b9a490d97a05fb6fcaa5cab19101ce26adb3dc5bbd9604bd5299ceaa872a8ea956a48772852d5702ae3f322f8bb97e79805f7355b781c4fb7dc55e0f1fbc3125def8973302fb48052605366082dce1c8d92fdfa5d8f56f12bd2f73ae2c3c8a12215428861fdd247f36538c8ef0dacd594a709c656124fd8bdf36d69ff1cbb3903c35ae0a36129f64f65190fe37fa22c173ba32d22d61ba7411b3ca9d94a48022c0f0d305e5986cf008cc3e775b683ce5600f25f85dbed4b6c4a3a596da796b03d67ed072991ecfab88a8c7b5fced1bdd8c6049da0b3caec8e46eb9606ba6e53ad058cf8f7da4f107878ab0208c7324e125440d54749b10f64fb27b236feae37a427b287e0ef6a54cd5e864faedc4fb2125a0dd88ac96732ca025f5989e33ab7b521e6fa98ed3af16c83a6661864dc067b9072c980f64e2d008fafc676e60a26703f1fc7330a0c9503d88872d780bebb6c815e52608c04e74e48bbe66e1c0dab838f36c705957cfaab2ed98692db57ebac0c48b257e9386a8584aba15f86019e20cbcfe0b3b57be3b3407c48256e4531efdeca186c93bc3e9bfbc8f45ec864f32f7b38a63479a3bb4fa75a8b25f606f35b1147c1b53ebfd590418f926bad68807279027617af0d06651e5f977c615055f4dc91819bff755f8e6a2e0fb46dd7b1283de2652944d2b1cde5c72f43fd6456149ab2bda78e4cb8de135c160877e0b0820f95c4524e4cd386d44991055ea3accd2a698fb23793e57e49913f3cb86501bce08795695bfef260dd2d14761e404ce593e3b1e661a01d16b492a3cedf683736840178d08ea575534865c699bef830dbd0d259da79e5c05d7003af642412fa55b59ee5f2c032f1919af3c5067afe6876b154e29065d14224481971f94bc5ed45e48371053d69635e78b7a46cf76d999418011b58cff533c009316e33e87093117951fa4821241eaeef61d1122cd4e2962d6596259b7acf9e46d23d4efe9739189d99a9cf8776a34ad90a6e901872fd377c4f58886787baf9c2785ea437aa54195fbd34f2c5f5b4c4a76a018f5689feeccb6b153b34fc23cd0a8fa0699bff806521cb11172e4d4d45a1fad1cc8c4646b1846f1ba04f99a91db12da738ac1ee104ba3193119f325c600ab4f10e1e664dd7c17e285924487d394c7323ced471fd42728ceb9c25822885c1c6ab6b012d7a9b876958b2819e1a708afaacc537e6ac588e58c33934cea32ed3bfa27bb3d63554539e19bf69f30d03e0f47db84132a39a6dbbfddfdb673dd5cabe21d6d552317db8be0477536a69e2fe4f2e9a772dedc8a3ef34256565090c488c08fef2a3dd247fcbc2864d1862676ad5cfed2fd86871cce47b2ba28625ee67dd7518a6da3345614ff18307f20c27f68a69e4a1a6a3c8f76cf31df45b3b0b660aadbcf9698a32d36829c8aef481b09dabc8c9e449b96a2571af8eeef04bcb1785b596709f5aa1ace3804fc703ed9ec544667f350cb8bfb40a86caad45feb77d58aa1888f203cd963bcd9296feb0b68e0a695ed5cf8e7bca26a77d2bd61662f07bc721233a868805202469d8ee504be1d7cf135bc1bf7a215bbb96ff5514eeba1c0ffb68e4b3d6c20e1afadd2a3cecb002fc5ae0c59315dbf8f775ae5c63da31056a9c088e18477e2f925f7ff88df2786e8d014f0c98c58f218e931cd8cdb258c4d8ed82b7f9beab0db9ae0b35b2790ff7e02d11fcf992b365ce82b94eaa0d5b2fec4aeb984f29c6af84e10ce4aa6df7e9c6b0ee842027c8d2552efc6b4084ef9af751524b3acbca12c5c313381b443cd44e862d8c8b0394dda05aeccda371226ebdf5aed6efd6dfcba73b09ae8e92ad54d4b43db9b7f84b46b307c66a4ec69933e47ef22244250f1c82fe42683fc13fcbfcd1c2ed1b537adb2e83885bb368209f89cfe8d4bc59e6df61ec794fa310f290e56320b39fb843163752a726240236b3a45b59927333e94d0c0b30a862d61c6144ac0a59f96e08651fba2d299a37a1a1010ac12ead549404421bce2b95a05d54d44f0df5d08ac469cbc7e1988e4fc913d98e3eb9a8102ed7d40021274948acf58a10c43f1078076e36ee7cbe548638b273a40347415d20dd153885b6429af1c8e82d8d9f22bcd5b48f60484aca751c29c0ac031001e8d5dd49a889665e4ec41e257e8f3013eeab0e382b281c3463c035d3412a0ab0fadf5753ed735f250e56f24bedce1748accb4af749b12f8cf660127d7b9e710f19483cd9bb09d292355103188625a5fb4b81f22a87498d63a5dbdd78e64b4d2feecba4a3dd881a1c4103f9697e09a23ed1db866e40dcb51aba96b83766028b653cabc365fe5694b4f946ad32d9681252373e6017a9413f5fd02ec689dd9e1e179fa9d607b6a8ede028420b0fe6da5f9a678b3b717df1d48e862c2485f789947dd5baf8c3a4a641e460279827354fee33d97bea7ed36546160354bce0f2f58815e28622590418b99b1499250d5469a66d1d461852b384e99073906c64e0aba5d6a0dc7813ff58c63d32e3992b0fb89be5811a646056714718a7039cfbb82678eebeec54bc4350ea85446ba062e53e239d74509dea0d2c1d5c803e333d37761d311f5c402bf43e6b8d84d036d35c0fbe98d7eb9d5bc6165a5771d048647ad16061c55e57c53dbf64c1a08a2a639672d650b4cc6c0f90ab3b8b3ebfc1ff1844e9791ead72b167ef6b57b81f7b6c751fba73a0835edb2c68a55b5e2d2b2c350bac375153c15e6a1180f09f9c2b984ccab971926ad85980026c4610b7dbcae8bb86b98136ed27facd94e571270187a6bb194cc0ebf24b7acada441b23dbe380c7c3221d1677e5af7bc81c3264a958fb5ceee61e4795dc863da2f13cc59a2fce73070af121983410df1a99fdd864bb62d67c30ab0a98300597d7160646bd2759b950bc0468fe74918dca8fc59c9dbdcff736f0f61d234328f1b560bdf6df54663c7f80be5175d67fc37eb85e491650cac6a8da06d3dbb0743ef8d0a9ae90d2d67c11a77ea52545d53c64991b9005b6e3aae54f1cc39672ed59f3d881d65d6b9da133c1201c105972efd039d2210bafbd2f9d964459a4bc72877c51b7ca9ce6fae62ec3bbdd6d09e4fefaeaac5145b141eb06e7c9537e58a7e78526dc7d0511e399ea983d471eb5e19a1ebd5a0a1149d48afa688507952df4afd85f8c296e678a221055e89451e0920f7fd38ac866a54b932a0a608d3e2126dedba84af8fe86f719647e9fe44f4c85641dcb3347c580fa2e1d6e863ca30625f56da0b6125e6c35075451eb93ce3ce6478c474dae7df27737fd2a37fed7c1d9d793cde4728d80a3480d19771876375be29cc9f9d30433be1c999cc6d6b4295b5963f248baae070c609d49a68ef7db094a7c3bb442c9908b7251a2b1d3058bc71c450bacb88bbded6c99943b618fe9d3c7df4834323942a9b13ea821ce062d85904c5078156e3325da50bce2848598eade14f121ee9de8f6b98ef6bf592933103f567cbaf4b5b082b24ccc461118bc081ca925a0f6d0ab84b9eaaf64a956af511d254d6d1c09299ece040905f7c8fd1d6007907ef795d38744a5b0d9476f7e59476addf0b5f4abb0f7da7b5e21eb9842a7df6b4466913b41a08b06e9684ddf5ef1ba3e730f12be4c80d79ea573549dd3badaded7b7a9f5274e44154ddddf3907c08b977b19820eba4a5a0a40bfd4773d91f3c6329ddb88dd923e2b611cf4fc64fed3c98f9402d2a6c5179ace6f0ac50875e361cabd6610dd789138444ebefd72d0608272716a2359dc3e660ba047970991ac1aa83a665bb5245d9fb16eb4a8db99389d3f1386af7f2931fd09979475f0f4489aa99e6628f9cea46790be34f9d7e3aeceafc2b174650850fdabd4af0e6f84c8620cb0bba96b67f1599fec9406060be53b0c0e626e5cc88b0abb74f2c99f3157076e68cbc6593c544862aaa43b8489c1bf6b0bee80c9a608619e4641447d5422172f46774686b7efa3cedc8a837fc7debbe8598874c52c48c85df82e2f796daf04489458e74936e95ca63aa1594dac0a6708462f342747a43ca99fce71488794166fd1cedda1d444ca877ee10b56194a3ebf2114c2924210de0fb0698a6082ba171145150cf0c433adc7617520ca7626a9842929ab1831da8ccc128ba534ff27ae20f063d16b46f67654e372217e9d5f908d35cb1993b23dd4a83796009b68533270434744bc18b608c3bdc0ffcf64f691455795628987185ae688994e34541f630179533cf6b6ab12d0a150761aa490652a987e9906050c3ccb1fc677dde544296d35410c2f8b70bcc8b1927869db81cf1cdcabf190a9e946dce8439f09a98ae39e08f4d54a489cb7bab7795173c3c0dd0be506f9f8d38425b4e78882a028fd8fb2b9051d3eafcbad61a4a78f4caeab1c2041cdf7b55d3fff546f37beb9454c795e9e19a678cd087d74191e27c8a35584dc548d8fc57c5f92ec630723b335848ea5405c56631d58fa365d9fb88c2ab13d262403518dd862e9111bff48db9554fe512e2e40f96c47186aab5b9365c09692c7b2ff2e1bc5514726396abfc36263922e58be98abd1ddaef1ad23fb0f6f31e2c67315fe19d3a38477ce82d965b2c6c14ebb6872eb2acf6ca9a5860c2ea4d691d46b9cbd19352cb6b328486a07c6bf38af80e423cd6394bd9b7fc892011672833ce3d4c02561887a546d27837ca2662b5d72f595c035018a0511e22b72b8682ab65f8d59edab36389c69b5d8e64c35dd9dc78e6261fa3d141258ed9e9e8553f98e152751d5c9ba8712647e46b093a61984fc08172419a5a2aa08aacc487af4a7854d2ed34c812e96c3c56d8b7beaca74db439b1447b5102e6f66f686fb91e16cd82dc52182bbe5a6f2648d09163b3ef9c17f1b4c9867351913b2653cf4e60c5d44706245989da8f0a8392c941af9d7067496809102608fe8b60734b0c90da122c3432b40eaccafed5f5b37948dc9764337eb7016c24d717ae5ecff4d4f8c5c4aea686680a4b5a79b7f254acb0b46530782484cf8041fab719a3549c70767574c7e6aaa87e60b384ce53180540a6448e2c6743890d8eb6a5c38255cf6f86343bb82e2e57f2cd89ff8029e60267f821b7994199c741098be16e9fcdfd08d76a150761c6094776e270833d8d0cb83d2aeb13ecf2146dd46768338b4ecd8124252c2e620fd98b11d50728aed97a475c36e92b07a12792be948e95e3d26d15f4cc7c669d23d93f7cbead515f7f996afe9119415ed3b03d15e59474ba9e3c9a7c1476f3b8f66c099d85689785b712e82316f5afb6e16db12911b2d19b650e547608ea35af216561d61f36c5bcd3af7f64d9c56732f999e6e33c6e63aef13b3cf3ef69c773b4d0def25269296d535dae2948abd7918b95ffcfbce0236dac8b08b91d91aba716668bd5556d1aaf4e50d296af985a52cf35669b3aa29ea192c9fb34c471f65ec7242648c6fe22abafeb2b9bf349276eb55d0a9ec35399d98aa8ecb5613ffe530c6a5b93d4f713f3256e7a74cbf40e15a402df80c2bc287fc7ad1d1f665dba5139f56a865c0dae06048698a886da045ebb6bdddc29755947d090a6cddfe14f23dc400245211d55314160d2d852a659de834af8e24effd2e0396982c03e29fb94d3f10cd8bd57bbbb9e0945d5deacc5b33969aea3f7af0821327b9a976e8e4a82a41635c4137dee27741ccd001e559f6f6165e0b2d8062d352442689e7aa747438412c4a43dab94ac7f839eefe38c81b8277e565143e4a550c122ab0eef1cf3ddb6e41fd95ec763b636ed3aa62a85da14b1278d93d4e0ce8efb5ae1ada9dccc8c07dee130991098521bdba59399f7f0ad5f3349fe60745cf19f84e4f060a1efadd7c0a864177b46ee853a5d51e6da6382228cab564aee9a688f96e4f0e992dbb9be22629204910f4185085461ae92c5fdda4683212b1f8f03d6730dcce43f0932b6ad3866dbaa9e40493889c7857822e8ea1d498e2690bd232e4a383dee59071fe7cbc0db53d23d60ecf1a7adab5116eda840c57440f1e20989202d6b010d0fd58dc57a83ab1f5ee19c79d7d0819995ebaa36d4c952a861c0958911997d84f2c249a0e29f602966adce8f41f9b8bc051bf4c127aa39b26632e81a00b365d6447725311bdcb9db6a5d62aa46c2049fd2d54b670e308c2f62c9c58a6343905f34fb7a12fdadca999ca13e7bbfba72100ec625eec11d9ffdbf898d57ce95fd606aa57e3d259c6889e2af4e4ead2d9c38327b42d68f65453be8f2798df47ae392817ae9ae6200c3659ee9b8622c948943e5aaee24be9d35a333a20a803c18d3a4f18c22018f4a1f4dca3fef010f00150badbf90c04bfcba748329e835eeeb0783cc2f5246b01e853a84e391a9bf0332fd6fac22c64b83987b51040d09110d0b66a24fe213c72281eef8e79021c9b445056bca406ba1a4f805672f724247b7b2d0bc712cac7bf6e7a8d9a3206762633fd663760c4183309e3209a017514f7f23b350d80c009ae501f46e053b2eefde5f2b8a7ee1d3d4128cc1fd9cd8fc42b5504e2176eb802b21ae7a57d6e6928b82982fcf96615bc4d5b3f8cec1e4a6193961ba5493d9e992ffc933aa3e0d2c47b1217e199223d48e69800ed9a4d2fa5d9d4a8f16e86062b0ee2ca9f11fdfb4331effbda733a1764136e192f49a439910d67056cfed89d05558adcdf54e7eb014d510c35250bf6bffefbf7c3f6ac3d4f26fa205b8857f38256378006209644587d4c56a06eebbfe9cfb0d20a214797699a8960db62dcf84595014a8bcd60d626bbfa0d0647d966635f24111f2ce5a9dedadf34f38217879d27c4e9745b068fb0acc30d4b9a78f753aa286a4cb08ee58a451bc47f64b41cd1cd602db92f691befefbd139a1f919d275dad6e4fef7266999f1ec6f0018435b578032eba39a15b0cdc34ee53acbacbf4a7eca103bec5ff72b08068bf2183643fa24ff1aa69d5125a0d1f666d648550193ccb22f6692590ddfac8866f63fc33eb14844ea6b3b4e18bc613c1d6561506f933d1e8f72b7aa43f7c47e34b921459e230ccf7e333215025482e67f1df4db4aedf4566d5783a64c4511367b69d08ee5076878a22c8db871018ea8d581fb5c0f9e6a9e61f2dc9758c06a6647e4f09c1eff6061ab095b76a60a22ec7cb8a5528d218ef3484ac7574a7b3f63915d867e26b155400b50e1cf6a9d03b8a10ec8e2c4768cf1d2c02de656e7114ffc030ced3f94c0dd0b875cb1ad5cd64e2cf318118d50b45254e0a000a2cb09627489840ce0f4f7c9cecb8e19f01ddff7573a4183e4ff4f85991a15dd5c677f940b57667728b53126a4b45b53c25b6bdf6902ff5ab974995709babdeea1a5c484463fe349efe694c02035a2c149eb3fd813e4d71398503d0a4286443891cd0caf5d9450e27c9142b77565594935c590f44eca1a7d0a74d7059e4017d92e3cb53d3a13f6de6d4ab62800ab64afedfe678f500d8ca51c4e88765247fe88160e4c1ebebee15d0dfdcb138f81d290cb77c0270d7a8666de54e0f255454df5877c7b78bc694175a7e6cf5ce997c9776c208b03b6e11df17d1570d17f7614b5c1da400871268e010727ee8c54db25736d2bac7c56eabf0a8a3aa1e1801f00d24b56f2e30559c39d6bdd655c0e2bed036b616bdac6f11feb41d33608bb9d262c069e102e3079b2ba55614ee7ca498311e72897544db3e6dcb2cb3cd6f1ada2b4f71318b2d5b443cc76907774eaff4c7bed9c77fe264058b5becabc79bf185c0b5a3ad7aed92c28326a188328aedc9cf405541cf2ea2941102cfa5b52f261c550753ecc1ce767015e782f74f2ab3b913d7aff321c138368f77239fce68e9205718f9a87cd8590d1ca56659373e18d951744774b69831f0e51f04a1c5a86462b168890f6f5e12fc0248aeb245f26885a504a0962fb95b1448c629c3c3cb36d3d15bd7d56076c867002f9e58e12fe0d2f86b7508215896c839ea071c5507f30737e34d791f4614687dd0aea9c4debdc95a7dd6d436e9baaac51bffad1ada7d683387eabc5fd384c70469c971342599c6c90c90a57b23df95c7730e25220a8f830d9f9f978945859a1267072a8475d4e5e5011ce6144a6eec6d01d2be2cc558bffee47f7feeb87aa4c38aab5938b444e314c2939322fe81aaf0d32ba9d1c43c4b9f85c84e9284a50a169c65e2100064eb587ace01e361ee6c1bad211867dac692932e23e84795bf6cc58dd06fa1c1c31544e5dce729bb25ca3691b9470d5fa26c627e55127a9fdd4028ae2320192c0df9061db198445c0fcadca9862f0c29f3e62898c00479d0e8c8fb1d619c53ce8181d2b14240da714f82c8c50815ce059fc954595036e41d36bca909b6c8555d152c13ef5f4ff9f6fe7ac6632ebdcf19238d11c2359e6ffd7dd2053378e57ba44704eef580aae7cdf553eed5b0c6892b86e522e6a0912c8d9ccfb639e1f6ea7fccd6c9d04a676ce7e17642b61125329665e21aaa704b2679d698b32ae8388f1f7438e6b50b3d1c5dda7958e0be0be4e286a7a37ea3a6863a99bd4056e80a16866c6d6a121f4d936db302d5335033412ada903ad9bc492f3eb61b3384a4a86717df9e517cf593caab9b4ac8b229a80b934783cae88357c4cc7da8f0d819ebd1eb2961acb7b014411d23ee42e853e85f4f3863005a0a8356cacc15a26f90c549cfd307bdc88bf1c5a21778301ebd20054cfed89acc59cf29237e6c382f2e4f43e6eef14dabce06df261e2bcbadab8c60b9bfc684aceece9e1cf2f0b3751564a037aed891c2686547cb01c6982f073cb0b2882860b6daf111a034f5738d3ea1f67a0e7f4097eec1f9c355c6a9cd5646feed86f4ba075969ad71406f56e16fd5f3e05fc05fe18ea724d114aba4a2d7f312fc77b7b0d1616b00a124ded31251f2218eb95fb444241eca65c051205e7c1a04a6096a0cf9b9a8831907d569ec6de4a92610cf9147bfc0838e1b232d1642d16dcfd7de72c0ecd45c45506ec5641b526c40866c465e8bb64656677e8c1c81fbb00e26b8f775065298e6274a8ab8ca63e8c43a90edce5bede53526e7c2d37808a010627635e1b0d397850edcf6108e5ef1d85233be77b3838a4efda50de1662b9ee643416f92be4896bc6636c9eeddc4a87eb2b5e44635331aadd7cf9a49a4218e941dc76151c6d2363083fcd3f9cb5afb32345ad9b307a5625122fdca8b930cb7864362d890ded2df208ffec06085ab9404199ae419475360abec16d28", 0x2000, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}})
ioctl$FS_IOC_RESVSP(r5, 0x40086602, &(0x7f0000002740))
newfstatat(0xffffffffffffff9c, &(0x7f00000024c0)='./file0\x00', &(0x7f0000002500), 0x6000)
newfstatat(0xffffffffffffff9c, &(0x7f0000002780)='./file0\x00', &(0x7f00000027c0), 0x0)

7.929594189s ago: executing program 2 (id=2237):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000001900000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.077922701s ago: executing program 0 (id=2249):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f00000001c0)="ba430066ed660ffe0df466b8010000000f01d9642e67660f664ca50036660f1c820050660f3881b577420f01bd0800f36db877008ed8", 0x36}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.299837097s ago: executing program 0 (id=2253):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='cgroup.threads\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup(r4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x2000000, 0x98, 0x0, &(0x7f0000000340)="63eced8e46dcbc842fc50f3203f894e0ef108d3f0adf33c9f7b9867b137ad0884d64284e790556ff753557ed5d073d9feee39fbec733544698010300032479d10bf521a2e7e78d46de243e529401f20fa3cf7966d26e2ff135452065d7bab35e9dd1b5692887daed7dfc56205cf39238ac93edfd7c4561dda5b7bf5cf3a12c189c505bf8ebacf1d70ceb2488ac5f8514e957fabd92ceebd5", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='mm_lru_insertion\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
faccessat2(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0, 0x1000)
write$cgroup_type(r10, &(0x7f0000000180), 0x2000)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x4, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r11=>0x0)
write$cgroup_pid(r1, &(0x7f00000001c0)=r11, 0x12)
sendmmsg$inet6(r0, &(0x7f0000005440)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)='+', 0x1}], 0x1}}], 0x1, 0x400c404)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{}, {0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
sendto$inet6(r0, &(0x7f0000000000)="0f", 0x1, 0x0, 0x0, 0x0)

3.903364689s ago: executing program 1 (id=2255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000440)="89e7ee2c7cdad9b4b47380c94305", 0xe}], 0x1)

3.752370341s ago: executing program 1 (id=2256):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth0_to_bridge\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r0, &(0x7f0000000340)="020400061800091c6202a0ffffffff006003020400008906143ce3177f43055762cb809408002c3b062543424aa608", 0xfef2, 0x800300, &(0x7f0000000a80)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYRES32], 0x20}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000540)={0x0, @rand_addr, @dev}, &(0x7f0000000580)=0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fsopen(&(0x7f0000000300)='ext2\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, &(0x7f00000000c0)='acl\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth1\x00', <r6=>0x0})
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
writev(r7, &(0x7f0000000200)=[{&(0x7f0000000240)="af61db31", 0x4}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x101, 0x1, 0x7314, 0xcac, 0xffffffffffffffff, 0xa18d, '\x00', r6, 0xffffffffffffffff, 0x4, 0x1}, 0x48)

3.672306508s ago: executing program 1 (id=2257):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004f00)={0x2020}, 0x206d)
r1 = socket$inet(0x2, 0xa, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2c, &(0x7f0000000040)=0x3, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x2c, &(0x7f0000000140)={0x0, 0x0}, 0x10)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f00000001c0))
preadv(r0, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002540)={0x2020}, 0x2020)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0xa04254, &(0x7f0000000080)=ANY=[], 0x8, 0x2fd, &(0x7f0000000c40)="$eJzs3M9rE1sUwPGTNE2TlCZZPN7jPXj0ohvdDG10LQZpQQxY2kZsBWHaTjRkTEomVCJideVW/CNclC67K6j/QDfudOPGXTeCC4uII5kfbdKmqU5N0x/fD5S5mXPO9F4mLWdCZjZvv3hQKlhaQa9JOKYkJCKyJZKWsPhC3jbsjKPS7KlcHPzy/v+pmdkb2VxubFKp8ez0pYxSKjn8+uHjuJe2PiAb6bubnzOfNv7e+Hfzx/T9oqWKlipXakpXc5WPNX3ONNRC0SppSk2Yhm4Zqli2jKobr7jxgllZXKwrvbwwlFisGpal9HJdlYy6qlVUrVpX+j29WFaapqmhhOAg+ZXJST0bsHj+D08GQX2zbbtDuFrN6n0iEt8Tya90dV4AAOBY2t3/hxstfaD+X5JO/99I3un/V8+9rQ3eWkt6/f96tF3/f/mDe6yW/j8mIl3v//d2RCfe8u8kH6r/x/EwHN2zK9TyqtH/J7y/X8ezO6sjzoD+HwAAAAAAAAAAAAAAAAAAAACAk2DLtlO2baf8rf+zcwuB9xqn0n7nf0BEYo2zb3P+T7OpmVmJOTfuRZIi5vOl/FLe3XpxP3FEUvLdeT94GmP/ziPVkJY35rJXv7yU73Mi2YIUxRRDRiUl6d31tj1+PTc2qlyt9f2SaK7PSEr+al+faVsflQvnm+o1Scm7eamIKQvO+3qn/smoUtdu5nbVx508AAAAAABOA01ta3v9rmn7xd367evrtp8PuNfXI22vzyOp/yK9XTsAAAAAAGeFVX9U0k3TqHYYxOXgnOCDSLDy/k45fU0r/NUDRp3vu4h0b6UdBv4XKVpCMW9nsCP76+/OnMMSpGq4MR912N/uf2y0X45M9OAMOoN/Xr76Gqw85D21tzl0ZS12wEq7Nug/iv89AAAAAI6W3/THLX/P1d5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+goHifW6zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8XPAAAA//+JzwPM")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xf, &(0x7f00000002c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x60}}}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
flistxattr(r4, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
fchdir(r2)
preadv(r6, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000180)=ANY=[], 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r7=>0x0, <r8=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x396b98e9, 0x1, 0x7, 0xfffffffffffffffa, 0x9, 0x66, 0x6, 0x800}, &(0x7f0000000040)={0x2, 0x0, 0xff, 0x2, 0x5ede723d, 0x9, 0x6}, &(0x7f0000000080)={0x9, 0xb5, 0x8, 0x7, 0xfffffffffffffcdf, 0x9, 0x1, 0x3}, &(0x7f0000000100)={r7, r8+10000000}, &(0x7f0000000180)={&(0x7f0000000140)={[0x20]}, 0x8})

3.671319578s ago: executing program 1 (id=2258):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'vlan0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})

3.573532756s ago: executing program 1 (id=2259):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bpf\x00', 0x800481, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2800060, 0x0)

3.572883026s ago: executing program 1 (id=2260):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x121c088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2cb, &(0x7f0000000540)="$eJzs3b+LHFUcAPDv7O3OjlrsFlYiZMAUVsFLJzZ7SALiVYYt1EKDSUBuFyGBg6i4prK1sbDwLxAE/5A0/geCrWBnhMDI/NjM3Lm33srtSe4+n+a+933vO++92Xd7c8W++/jV+cGdPO49+vLXyLIkepOYxJMkxtGLpa/jiMm3AQA8z54URfxR1DapSyIi2960AIAtOt3v/34b/nwu0wIAtujW+x+8u7e/f+O9LLK4Of/mcFr+ZV9+rdv37sWnMYu78UaM4mlE9aAwiOppoQxvFkWx6OelcVydLw6nZeX8o8fN9fd+j6jqd2MU4yr17Gmjqn9n/8ZuXuvUL8p5vNiMPynrr8coXn5WfKT++or6mKbx+mud+V+LUfzySXwWs7hTTaKt/2o3z98uvvvziw/L6ZX1yeJwOqz6tYqdc35pAAAAAAAAAAAAAAAAAAAAAAC4wK41Z+cMI78SV+dlqjl/Z+dppOW3dfsg8nFbVbbXUbJMdc8HKopiUcQPnSMF86Lp2J7v049X+t2DBQEAAAAAAAAAAAAAAAAAAODyevDw84Pbs9nd+2cSLE8D6EfEX7ci/ut1Jp3MlVjfeVgPV47Va4Y/0udx2s3EzrJPErF2GuVVz+i2/FvwwvE5L4MffyoXuMkFs07mzdULHGx/XcvddXA7WT3WMJaZrNkk36cRbZ80TjlWelJTEZtsv3Rl02jjtacvVcFiTZ9I1k3srd/qO9dkkuOrSKu7urJ80ASd8mN741Sve2R1+T/fK5Lq52y41fcjAAAAAAAAAAAAAAAAAAC4zNpP/65ofLS2tFf4KDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF0T7//8fZk2qzZwULJqe6/o0QRr3H/yPywMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCS+DsAAP//OI9Sfg==")
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r0}, 0x20)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)=0x200, 0x4)
inotify_init1(0x0)
r1 = socket$inet(0x2, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)}], 0x1}}], 0x1, 0x20008081)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000440)=ANY=[@ANYBLOB="030000000000000002000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/25, @ANYRES32, @ANYBLOB="000000001a0000", @ANYBLOB="00000000ffffffffffffffff00"/22, @ANYRES32])
setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
syz_usb_connect(0x5, 0x36, &(0x7f0000001340)={{0x12, 0x1, 0x0, 0xda, 0xee, 0x1a, 0x10, 0x67b, 0xaaa8, 0xc30c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x2, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0xff, 0x5, 0x66, 0x3, [], [{{0x9, 0x5, 0x7, 0x2, 0x0, 0x1f, 0x40}}]}}, {{0x9, 0x4, 0xf2, 0x0, 0x0, 0x1f, 0x30, 0x5a, 0x7}}]}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x201, 0x1f, 0x1f, 0x0, 0x20, 0x40}, 0x26, &(0x7f0000000380)={0x5, 0xf, 0x26, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0xc, 0x8, 0x3, 0xff31}, @ssp_cap={0x10, 0x10, 0xa, 0x92, 0x1, 0xe1, 0xff0f, 0x0, [0xf0]}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x7f, 0x81, 0x4}]}, 0x1, [{0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x41c}}]})
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
sendto$inet(r1, &(0x7f0000000640), 0x0, 0x0, 0x0, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r4, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe50}, {0x0}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0)

3.437490428s ago: executing program 3 (id=2262):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="7b00f3ff", @ANYRES16=r0, @ANYBLOB], 0x18}}, 0x8000)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x800, &(0x7f0000000840)=ANY=[], 0x1, 0x36e, &(0x7f0000000880)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xd)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1c, 0x4, 0x31, 0xffffffff, 0x0, r4, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
userfaultfd(0x801)
ioctl$BTRFS_IOC_QGROUP_CREATE(r5, 0x4010942a, &(0x7f0000000780)={0x0, 0x7})
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x101141, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./bus\x00', &(0x7f0000000380), 0x4000)
r7 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000140)="cc884d10458d1532694b83121cda75277d52e5209e5a2a115bb1139a0e281c88c57be420c0121ade82774b6f0b0d66d277f1f6d5025e215d390303c7251a1eb343e359643ea8be893b20f1fa6316dfefaf2997629c705abd36e6da004515804e23a0ad52cc5ffb08798345c5de9f", 0x6e, 0xfffffffffffffffb)
keyctl$get_security(0x11, r7, &(0x7f0000000280)=""/240, 0xf0)

2.700580168s ago: executing program 0 (id=2263):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r1}, 0x10)
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x23}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x2}, {0x7, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x7}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.657607474s ago: executing program 3 (id=2264):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a00000020000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r3], 0x34}}, 0x0)

1.605545808s ago: executing program 4 (id=2266):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth0_to_bridge\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r0, &(0x7f0000000340)="020400061800091c6202a0ffffffff006003020400008906143ce3177f43055762cb809408002c3b062543424aa608", 0xfef2, 0x800300, &(0x7f0000000a80)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYRES32], 0x20}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000540)={0x0, @rand_addr, @dev}, &(0x7f0000000580)=0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fsopen(&(0x7f0000000300)='ext2\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r4, 0x4, &(0x7f00000000c0)='acl\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth1\x00', <r6=>0x0})
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
writev(r7, &(0x7f0000000200)=[{&(0x7f0000000240)="af61db31", 0x4}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x101, 0x1, 0x7314, 0xcac, 0xffffffffffffffff, 0xa18d, '\x00', r6, 0xffffffffffffffff, 0x4, 0x1}, 0x48)

1.600052399s ago: executing program 2 (id=2238):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="00e789da34e04a1ffbfd4b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d672eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f681617ee8c35bb21f0a9eed63b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076afc3752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855b3250f8f73e16bc593730b88d7a3346b945e276875915040ce498f262cd8ce8191ee84e3ce5526a0a4bb707cc711a3311f27b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a8bb29b90ffffff51eeab4747b94c35beac5fd2ed195e20ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65eca23c742443c84e21a440998c6c69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b05ac96b838c932b35511628ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b0900227769f5350adae56f07284be80bd0279c9dfbaa9521d746dd6c44d670b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d57deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a6893ff038d8099c229bda0801f8b8171dd73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14fae4e03197f5da8b8d36d9b3467beee619b9d9882f7eabfb5a6d1b5d39ec6703d50d8abf4a102f61296f46e519e1617e34dc711020a54ec92971f7025d4c7a0e4f9b6dcca1a00ae9bbeb6f2e72d78ccac527c4a8c8f007e77b7fe095516907060a7f1570128de98254e60d32373ef40fb2ea6ab7cc92374e3eed77ca5cef0c71bbf2e3dc32d54ff4346c9c82313274ad31fb7118ede1d0209fb983c47e2cc5a08d8f3b96cd171c3b469edc7857f14433a2c95f1ce2f36e41d09a59d10858c3f29d2310000000000000000000000000000000000000000b0eac1950f898d1e3649cfa40d0d6549d34da1ced0cf2119cd734024077ff83afaeed177d20012166256f2c60030af505a8f031eff7f713c3c"], 0x1, 0x120b, &(0x7f0000002480)="$eJzs3E+LW1UYB+DXaWvr1Pmj1moL0oNudHOZmYUbBRlkCtKA0naEVhBunTsack1CbhiIiNGVWz+HuHQniDvdzMbP4G42LrsQr5g4ncbGhW2ZhOF5NnnJOb/wHhIC53LvOXjzm09bu1W2m/dj4Ym3YqEbke6mSLEQh76M1974+ZeXbty6fW2z0di6ntLVzZvrr6eUlq/8+MHn3738U//8+98v/3A29lc/PPh947f9i/uXDv68+UmzSs0qtTv9lKc7nU4/v1MWaadZtbKU3iuLvCpSs10VvYnx3bLT7Q5S3t5ZWuz2iqpKeXuQWsUg9Tup3xuk/OO82U5ZlqWlxeBRbH97t67riLo+E09GXdf1U7EY5+PpWIrlWInVeCaejefiQjwfF+OFeDEujWbNum8AAAAAAAAAAAAAAAAAAAA4WR7p+f8rM24eAAAAAAAAAAAAAAAAAAAATogbt25f22w0tq6ndC6i/Hpve297/Doe39yNZpRRxFqsxB8RdT2sx2J0EsDVdxpba2lkNb4qh//kh3vbpybz66PjBKK+5yi/Ps6nyfzZWLw/vxErcWF6fmNq/ly8+sp9+SxW4tePohNl7MTf2aP8F+spvf1u41/5y6N5AAAAcBJk6Z6p+/cs+6/xcf7B6wMP7s/Xpu7PT8fl07NdOxHV4LNWXpZFb+bFYUfjd4YRMSeNTSkOD8Ccl34etjgzH2083uLUxA/pMX7yMOZjgcdTzOb/iON19KXPuhMAAAAAAAAAAAD+j+O4nXDWawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C924FgAAAAAQJi/dRodGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD//+NaygM=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x2, 0x1, 0x40}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
bind$tipc(r4, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r4, 0x0, 0x0)
bind$tipc(r4, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$VHOST_VDPA_GET_DEVICE_ID(r1, 0x8004af70, &(0x7f00000003c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f00000001c0)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r7}, &(0x7f0000000280), &(0x7f00000002c0)=r3}, 0x20)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000900000002000040"])
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x9})
ioctl$HCIINQUIRY(r9, 0x400448cc, 0x0)

1.599654878s ago: executing program 3 (id=2267):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4000})

1.598993279s ago: executing program 4 (id=2268):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004f00)={0x2020}, 0x206d)
r1 = socket$inet(0x2, 0xa, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2c, &(0x7f0000000040)=0x3, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x2c, &(0x7f0000000140)={0x0, 0x0}, 0x10)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f00000001c0))
preadv(r0, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002540)={0x2020}, 0x2020)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0xa04254, &(0x7f0000000080)=ANY=[], 0x8, 0x2fd, &(0x7f0000000c40)="$eJzs3M9rE1sUwPGTNE2TlCZZPN7jPXj0ohvdDG10LQZpQQxY2kZsBWHaTjRkTEomVCJideVW/CNclC67K6j/QDfudOPGXTeCC4uII5kfbdKmqU5N0x/fD5S5mXPO9F4mLWdCZjZvv3hQKlhaQa9JOKYkJCKyJZKWsPhC3jbsjKPS7KlcHPzy/v+pmdkb2VxubFKp8ez0pYxSKjn8+uHjuJe2PiAb6bubnzOfNv7e+Hfzx/T9oqWKlipXakpXc5WPNX3ONNRC0SppSk2Yhm4Zqli2jKobr7jxgllZXKwrvbwwlFisGpal9HJdlYy6qlVUrVpX+j29WFaapqmhhOAg+ZXJST0bsHj+D08GQX2zbbtDuFrN6n0iEt8Tya90dV4AAOBY2t3/hxstfaD+X5JO/99I3un/V8+9rQ3eWkt6/f96tF3/f/mDe6yW/j8mIl3v//d2RCfe8u8kH6r/x/EwHN2zK9TyqtH/J7y/X8ezO6sjzoD+HwAAAAAAAAAAAAAAAAAAAACAk2DLtlO2baf8rf+zcwuB9xqn0n7nf0BEYo2zb3P+T7OpmVmJOTfuRZIi5vOl/FLe3XpxP3FEUvLdeT94GmP/ziPVkJY35rJXv7yU73Mi2YIUxRRDRiUl6d31tj1+PTc2qlyt9f2SaK7PSEr+al+faVsflQvnm+o1Scm7eamIKQvO+3qn/smoUtdu5nbVx508AAAAAABOA01ta3v9rmn7xd367evrtp8PuNfXI22vzyOp/yK9XTsAAAAAAGeFVX9U0k3TqHYYxOXgnOCDSLDy/k45fU0r/NUDRp3vu4h0b6UdBv4XKVpCMW9nsCP76+/OnMMSpGq4MR912N/uf2y0X45M9OAMOoN/Xr76Gqw85D21tzl0ZS12wEq7Nug/iv89AAAAAI6W3/THLX/P1d5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+goHifW6zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8XPAAAA//+JzwPM")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xf, &(0x7f00000002c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x60}}}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
flistxattr(r4, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
fchdir(r2)
preadv(r6, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000180)=ANY=[], 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r7=>0x0, <r8=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x396b98e9, 0x1, 0x7, 0xfffffffffffffffa, 0x9, 0x66, 0x6, 0x800}, &(0x7f0000000040)={0x2, 0x0, 0xff, 0x2, 0x5ede723d, 0x9, 0x6}, &(0x7f0000000080)={0x9, 0xb5, 0x8, 0x7, 0xfffffffffffffcdf, 0x9, 0x1, 0x3}, &(0x7f0000000100)={r7, r8+10000000}, &(0x7f0000000180)={&(0x7f0000000140)={[0x20]}, 0x8})

1.571118001s ago: executing program 0 (id=2269):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'vlan0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})

1.561833082s ago: executing program 0 (id=2270):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='bpf\x00', 0x800481, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2800060, 0x0)

1.521477425s ago: executing program 3 (id=2271):
sched_setaffinity(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x0, 0x0})
prctl$PR_SET_SECUREBITS(0x1c, 0x1e)
setfsuid(0xee01)
sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11e0, &(0x7f00000036c0)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eK4gjJmq7JR6KsFPK53PJD977wu9lYOAN8+bwja8+Hg2qbJDPY+PEidiYRqQ7KVJsxD8+j1df//GnF67duHml2+vtXk3pcvd657WU0taL37/36Tcv/TA/++63W9+djoPt9w9/3fnl4PzBhcM/rn80rNKwSuPJPOXp1mQyz2+VRdobVqMspXfKIq+KNBxXxezI+KCcTKeLlI/3NlvTWVFVKR8v0qhYpPkkzWeLlH+YD8cpy7K02Qr+j/7Xd+q6jqjrx+NU1HVdPxGtOBtPxmZsRTu246l4Op6Jc/FsnI/n4vm4sJzVdN8AAAAAAAAAAAAAAAAAAADwaHH+HwAAAAAAAAAAAAAAAAAAAJp37cbNK91eb/dqSmciyi/3+/v91e9qvDuIYZRRxKVox++xPP2/sqovv9XbvZSWtuOL8vbf+dv7/ceO5jvLzwmszXdW+XQ0fzpa9+Z3oh3n1ud31ubPxCsv35PPoh0/fxCTKGMv/srezX/WSenNt3v35S8u5wEAAMCjIEv/Wrt/z7L/Gl/lH+D5wH3765Nx8WSzayeiWnwyysuymCke+uJUs238Vtd183+C4piKpu9MHIe7F73pTgAAAAAAAAAAAHgQx/E6YdNrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4kx04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVwEAAP//zI7XaA==")
r0 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000500), 0xbf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
sendfile(r0, r0, &(0x7f0000000240), 0x7f06)

1.520411535s ago: executing program 4 (id=2272):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=")
r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r2, 0xee72)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r3, &(0x7f00000002c0)=[{&(0x7f0000001240)="85", 0x1}], 0x1, 0x0, 0x0, 0x13)
write$FUSE_STATFS(r1, &(0x7f0000000140)={0x60}, 0x60)
ioctl$EXT4_IOC_MIGRATE(r1, 0x6609)

1.501101596s ago: executing program 0 (id=2273):
syz_emit_ethernet(0x4a, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd600a841d00140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="003d70e6279374c60646001c96bc7ce7b900"], 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
ioctl$KVM_SET_MSRS(r1, 0x4018aee2, &(0x7f0000000040)=ANY=[])
ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ptrace(0x10, 0x1)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
mkdir(0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
socket(0x10, 0x80002, 0x0)
readv(r3, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000005cba96917280"])
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f00000004c0)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.276668885s ago: executing program 2 (id=2274):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="7b00f3ff", @ANYRES16=r0, @ANYBLOB], 0x18}}, 0x8000)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x800, &(0x7f0000000840)=ANY=[], 0x1, 0x36e, &(0x7f0000000880)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xd)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1c, 0x4, 0x31, 0xffffffff, 0x0, r4, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
userfaultfd(0x801)
ioctl$BTRFS_IOC_QGROUP_CREATE(r5, 0x4010942a, &(0x7f0000000780)={0x0, 0x7})
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x101141, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./bus\x00', &(0x7f0000000380), 0x4000)
r7 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000140)="cc884d10458d1532694b83121cda75277d52e5209e5a2a115bb1139a0e281c88c57be420c0121ade82774b6f0b0d66d277f1f6d5025e215d390303c7251a1eb343e359643ea8be893b20f1fa6316dfefaf2997629c705abd36e6da004515804e23a0ad52cc5ffb08798345c5de9f", 0x6e, 0xfffffffffffffffb)
keyctl$get_security(0x11, r7, &(0x7f0000000280)=""/240, 0xf0)

1.181477663s ago: executing program 4 (id=2275):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$evdev(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80803, 0x87)
write$binfmt_script(r6, &(0x7f0000000140)={'#! ', './file0'}, 0xfda6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="180000005c83995f00000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r7, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = getpid()
r10 = syz_pidfd_open(r9, 0x0)
pidfd_send_signal(r10, 0x0, &(0x7f0000000000)={0x0, 0x0, 0xfff}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

1.036556025s ago: executing program 3 (id=2276):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1], 0x18}, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="54000000000000000000000400000000000000010000000100010001000000010000000700000007442cc05000000000000000010000ee06000000080000000100000e4a00000020006500b000000005000000080000000030000000000000000100000001"], 0x88}, 0x0)
close(r2)
close(r3)

16.146248ms ago: executing program 2 (id=2277):
r0 = memfd_create(&(0x7f0000000140)='/dev/\"\x00\x00\x14\x80 \'&\x88\x00\x00\x10\x00\x00\xe8\x00\xeb\xf5z\x98\x00\xc8\x8d\x83\a\x8a\x8bYd>\x7f\xbek\x7fN\x1e\xdf\xf89_\xad\x8fv\x80\xab!S\xe8\xe1\x05.!N<\x8e\xe2sN@J\xc0\xe7ZX\x8d\xddx\xc6\xb6T\x1d\xfd\x90\xd1l@.{\x1cB\xd5Feb\xd1\xb7\xff\x8dX\x10_p)\xa2|7\xa4\xbb\xfb\xd62(\x92\\\xc3j\x870\xe5\x8c.\x955,`=\xdca\r3\xd4\x02\x9f\x15\xb7\xfa\x0f\xfeA\x02Y%j\x04n\xe3\xa0\x03\xde\xd5\xfb\xb8\xdc\x18`\xd1S\x81\x88\xf9J~\x9d\xfb\xe3\xd1T\xd8\x9ft\x00\x00\x00\x00\x00\x00\x00\x00\x14\xa3\x83\x13i\xed\xe2\x92\xa8\x10\x80O\xaaw\xf7[\x7fY\xd4\xde\xd6\xea\x16#\xe4\x9e\x86j\x9c\xa3N\xdeDwY\x8e\xbf\x12]\x19$5zf\x98V\x1aj\xd3\xc42\x06\xab\x98\xe3\x97FF\x1f\xce\xfe\xec\xb2-\xfe\xbd\xc6\xbb\xc6\xc4:\xb5\xae\x93\x8f\x8c\xe7H\x8d\x91p\xe8[\x97U\a!\x11\x14M\x1f\xe0?X\v\x94\xd8\xfa\xcc\xfe\xe8\xbe\xe4\xc6\xc5(=\xafVD6BR\xfd\x97P\xd7nD\xcf\xba\xc4\x91t\x80\x83\x95\'\xd9\x01\x80\xcd\xb7w\xc1\x17m3\xa7\xeah\xd1\x91\xac\x0e\x05\x00\x00\x00\x00\x00\x00\x00\xa5\x1e\\\x10\xe2\xde\xb9\xe9j9\xf9\xc6*-/\xa0\x8b\xb8T\x16\xccR\x96i\x05}=2.\xae\xb0\xec\xb3\xc2\xacu\x96/\xe8\xc8\x0eP#\x86\xf3nh\xe7\x9b\xeeI\x06\x9a\x81\xb0\xfam\xbd\xb0u\x00'/411, 0x0)
ftruncate(r0, 0x1000000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000080)=0x2e, 0x14c)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000300)=0x8, 0x4)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x2, 0x4)
sendfile(r1, r0, 0x0, 0xeefffdeb)
recvmmsg(r1, &(0x7f0000003d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12023, 0x0)

15.527859ms ago: executing program 3 (id=2278):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
syz_emit_ethernet(0xd86, &(0x7f0000001580)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "711e8f", 0xd50, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @dev}, {[], @time_exceed={0x9, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "bede78", 0x0, 0x0, 0x0, @dev, @loopback, [@srh={0x0, 0xe, 0x4, 0x7, 0x0, 0x0, 0x0, [@mcast1, @empty, @private2, @private1, @private1, @loopback, @local]}, @dstopts={0x0, 0x193, '\x00', [@generic={0x0, 0x5f, "f0edb1af7badf7491d2500721be4cce0542133657e2d12f0ae3e134727e49fe7c04867be7426e8cbefd47520beacbe5c36083a972cb3b73de48f661a252e0b0a5a236ddf29543f29a5e18fd1c7b54248c8b03dc91385c9160f3394ff0708c8"}, @hao={0xc9, 0x10, @private1}, @jumbo, @calipso={0x7, 0x28, {0x0, 0x8, 0x0, 0x0, [0x800, 0x0, 0x0, 0x4]}}, @jumbo, @calipso={0x7, 0x28, {0x2, 0x8, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}}, @generic={0x0, 0xbc4, "dc733e56d5e0dffc92fe381f7e59a85405fcac11efe328327ba77b61d75c9b4a52ba908550849d16616e3109da0b774f1cfbd53c86c37963124edfbf35f4657de4f594b9a53ae13df8d0201e34ed6f6014a5c86e11affdf1d097c9028235c908c9afcf1d25e7d44d72162f5befed065f67599646ce098e5841d399276fb729faabc579531cc60088d025423e0ef8be5d996fedea4cffa6a8a4b0a9b639d7d5a78a298e02b16fc9810df711c725ed6344fcfea4f3601bf17f3837eb8ca45b583b120308de1f53741e81031409b3c70566d7fb088acea835476c77a3e53992ab859305fe14c882dbd019526699fcbd3c4176bb5d3ea412eeede2fa2d381317f2b3e88c528cd6a17c4b864884bc21f1a3f432387ca5a0da91480929542322a6ae494f57b4e8670f2f59906b36251800c64a2b4620d42946eff9a184005cf36d538033f43f2d7c34810245e027e5c1107d0eb79a62122def8c195b4c72358f4450ccc7cc1a58da745c47dfa0bcd3ae125b119b0817a3b3cc54fdbeacd62b1df80694e67ebd8054bae0e47b3aff499e3ed9767eff1cb1ce6853a66a1270a12ffcaa6ed846673707710018c4887d8a0b5a0a3b25b73c7eb0f08211a9f197f9886d5522b922e66fe23590123ee5f548c2ac96f068c5bb45c3aeb98e43af0e1e64d635e58f2b3b322fb037070f21baebaee9d0759818cf1423fb17dad7221b4405848e1d49a7f575524e7699dcae9d820bf21d0a80f857b0fa3568eafc4d7f1b5510a3f82948914a25c38292a34ba7700e56e54455a5f649964a4c77d345a76990d751ef82df3500e947cb90235378183bc74b84f680b716925063e908e3cd5ad965865a81f5f037f30cec1f17946cf18e379855c873de0a3c03a7d7ef5b01932f4a5caecc2b8e672750e3b56bf0b6b13794472290bcbb4344cd1df3335afa343d04bbbe6c12b8c2ecafa54b778b31a48f9e5cbf14a0b579e60563d0b08d8b00c0d462d4eaf4d46265853df427d84d86e68ecdbc7c4f68b479718dd1e5d80d6500eca741b5e218d70cc33689b386ee1d172233ce547d158832d558dbb8b8d7f3c384905a9f261b8083ed7d24d2e9ea403269c98a1ced9b569044ceaed1c83b41de642e2f0e88d676036f54e9ed115633e35b777af432d360f25b0aef0a4631e003b9db784953b9becc711a65ca3adea326cd18c8aae01eda13d735ad8b518c8c2f2e7a3410490d8eb80e9bea318c9fee4b7c59b992fe9b91128555f6486bb78e983d81e8ad7d5b451a6c5c374225801a94f69488f4ed00b8ae174985396b4ca91f8a157b17cfea3778c5cf62d35b40bb44bb137358ce25e6b179c90198eac0c0e8df6b248b2ef990ed424c43706c613a121ce6fedc0198872eb983fca1fe036a7fec23b33b39d0bc6f5956090ce521aca3d9632540d294e740606aa19c24281d19c1910c15bcb51dfa32ee1c643543e24dcebfb611dca5cc7106fe26166ae272ae878c82ad025d7e8c21560c94c610feee745496f5c9ce9924bcfd9899fc30ba09184006a6306402102a621a10c432e0cad32f74911868ddbae34cf288e57fe428b4eb616fa05571288a71115c28d3977e4d38fa2c67f908c321f99737b1a8f5ffef7583022448c0549518f841f0dcc6e57d81d68da4c6f29066e4307dea8e11f1e5e517672aeee90079a76dd8b28488706a0e0cfccee67c87dbafd846a1b61920cb159569480618f29d99e09505db4ff78135349769393593951a3c9e72ff91846fcab32a6b69c0d8116feeec57b03affc60fb470f67d148a8c4c8a63071a5fb05f97d038f9948096e6ace12dcec8b7bc7680a5acca359b235d029eaaef3503b7b0a2aaabe63e0a51aefa26fe63f1c8017b4408d216b6d6ef19f33ce4a12c10ea95b60a780da1da5d5b46b11e871947dd3de79584bcb896d868051ad2e8b7f5645b2ece9bac99eccb37071fdc7225b14df13f074f0bf6e6b5f73842d9976ab2fbac7c468302defd77170ae6a98ee48b50766969b5d5843a1b5f84223f72d1df80c0f6ca2a47639264abccae6a5b8eb5de0aad90f7860501c0352732be643eb4b7ea9e1f55095c9f8a23c6e065e69002967a85a89304da189e4893e14c4d93738c7969e2b2f3af53a2efcc5d621e8c938719f7bfa12a2417d72296a85a3901cfc5144226835a2ef5d95aef20e5a3c25f1ac4d3ef9e5edf45fa60e844cbee8eb197289a0bd4a65a22de70a0730a0b2a481f9eae7fac436d6cc4d4ab9c2502ce70b5252f7f42a2d3253046220022064dd0e94dbbf6dc0df4e23bc8fde3d546a533086f49fc5139dab3c8c7856a5016ca05c3241140aa40790af2c95e1e89bee5d339d974ec09ac8982080c03cc09e996592750437210519c03b975afa4e2d949eda4907d109919d894647e7995e771529bb3af3588e293251d75b19e5493e93fb669ca6c1d304df72d8b3146835b92fcbd01f0e5ca874e121fc084bbfd920ddb8ff10bfd87ccdbc52eadb641d5d2291479f10d4ff78678e53fb986204947f02f7e796c305fea8f1324917f8f6f5bdec1713ad4203ef46ad6b5d1883235c19bbde32b30593c38a577d2e393417e4aa73d8632cc5c32750edceeb7f8ac3ee50a9daeb7ea52d8ea1504467e33c397f4d53dcd37c4d99f76bfb65db27dd086073c65fe2f811df4f0708e8bc9e7a92ab19efe61aa8814f6c786d5fd10cb652f5a851982b665cebd26e94bcab9edf05d827a87e64f7de24602c082799cfb49e86e35fa80eedd5abc7fb22cfa5f0027ce2bfc20262b8b2502cc52afb1fd6a994c7d9f67b7f6e27ed0347c7ff0557dd07ac7b89b8da8a8d1bb282734ad24c4741f1bc544f8697e3768cd664c8a37cb6a648c76982b065b75b25d5016e18e32d98048a309943ae7d87a3fe90b4aeb85348ba5d6a50e8927fd28e5ef90d359b8b24dd49992785cd8f47548510a61d89769971b519e535eb0d8ed4112bd151a77758dccde1acaff9caf0e2524617ede84560e5d729e24c7afaaf3030f2ddb6815dc1dd0f5a503e179eb5df9a4b58fb7a19db62ac99b7fc20270bc52cfb688ebb12c7519404f95894594e99c22a9b36db13f703b84cd392065e57a019455109f6589155f50eb3d0b7efc25e8d6e6b3bfbffb6befbb05e4ceaad437c9749467c25ce4fd14d02f29957488773ca605787882d4e96248a52adb08222911ae8771bab39c5a39ac8cd4671c95db67b1a93cb928917d09b11e6c49adf047b96a6906ffe76f4d3dd5643cbc846b0fcc35e57b6007c7c0f19b3fbd446f6fbb0d640781fb89dac774e58d0fd8f5452d75dd1d1c059f3c0de0d056936941a37cc45b71cae59495fca4f6e08f5e5c38a5c906416bcb5b4d47b7e0570cd74f9436870b641b04fece9eff8df11891f80f94821633bf5af78437fc9266dfd702b8e0c7d05a8718ead75e52e7adc6b01c3fa961c9a1991b2c2f761d56c68261e67709f7781061ac1af0257bd8328524733ecf9005dad44363fc7eeb9c1d2201e41d72e59e339830904602a854b93565ec9ec4a757005e4e6b87959b1232dab1aa6a4ffe11a31644deb22f6f7cca5b90aac548125d79405faa101ed5c093db514962989bea2a46370311ffb304320d49a36970fae564c80627b59b495efb8fc8e28637617ce6e2e5f95344605952359fc240a4378c545dffcb04a180107236b8aab06e54aa8a42e17abf58d324c9c012a0aa71e211e5a89650f821723d22e7ead40e96f6e0e7cf9da4dc95ebc07591f3b0c9d320925550a139897374a59c7a408e20f48413ea8d770d4558d18e0bc3b8cb780031d131331e8281f2aff03b0b77890a80bb1fdfbc1190bafb553721c61f11f59c2e59f6eee602294d9819fdfa35cf6641dfbee142e92081cd73909fff9bed4217179a2eeb3acd4671cc43d47c38d6a9f0935ee0ec0f7be1a1d5eba8bc1f45940672a7c511c7834eedb33cb6ebc07525c6dc686d18a5e8bf706ec0fd9f594e6e4b6e829dea06336e00bbb9e800b81dda33e58f4d2625ea24ca6c798791045059c2de67f45f65bae3b68c05832d3dc1ec5252befe0e109b263d4e0ce4da524d85171ffee6436b72f8c909f290126d02e864dc4b17e490069d36f6d77adf6b56e3dbccdb5b48d66465cd302a7db901636bd737271350d97b00fe5902b5746f85bb96d1a130f02cb41a2529282274045c473d5ba29c17c7b47e26e990809a67b02ed386fc8aaa185ed871dcac43f915b3477da89274fbedb4a128db89328ff24464e857127d3c"}]}]}}}}}}}, 0x0)

14.889749ms ago: executing program 4 (id=2279):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001a00000020000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r3], 0x34}}, 0x0)

0s ago: executing program 4 (id=2280):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r1}, 0x10)
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x23}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x2}, {0x7, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x7}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

kernel console output (not intermixed with test programs):

5235][ T5870] System zones: 0-1, 3-36
[  296.250713][ T5870] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  296.306779][ T5871] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.313879][ T5871] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.321993][ T5871] device bridge_slave_0 entered promiscuous mode
[  296.329390][ T5871] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.336327][ T5871] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.343904][ T5871] device bridge_slave_1 entered promiscuous mode
[  296.689172][ T5871] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.696225][ T5871] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.703402][ T5871] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.710261][ T5871] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.733474][ T5881] loop1: detected capacity change from 0 to 512
[  296.741902][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.742073][ T5881] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.1672: corrupted in-inode xattr
[  296.761342][  T923] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.762166][ T5881] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1672: couldn't read orphan inode 15 (err -117)
[  296.780091][ T5881] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  296.789196][  T923] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.808408][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.816644][  T923] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.823550][  T923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.831212][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.839378][  T923] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.846258][  T923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.862391][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  296.884959][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  296.892679][   T28] audit: type=1400 audit(2000000759.765:1499): avc:  denied  { create } for  pid=5884 comm="syz.4.1673" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  296.913441][   T28] audit: type=1400 audit(2000000759.765:1500): avc:  denied  { read } for  pid=5884 comm="syz.4.1673" name="file0" dev="tmpfs" ino=689 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  296.926319][ T5871] device veth0_vlan entered promiscuous mode
[  296.941663][   T28] audit: type=1400 audit(2000000759.765:1501): avc:  denied  { open } for  pid=5884 comm="syz.4.1673" path="/122/file0" dev="tmpfs" ino=689 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  296.965142][   T28] audit: type=1400 audit(2000000759.765:1502): avc:  denied  { ioctl } for  pid=5884 comm="syz.4.1673" path="/122/file0" dev="tmpfs" ino=689 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  296.991235][   T28] audit: type=1400 audit(2000000759.785:1503): avc:  denied  { unlink } for  pid=3683 comm="syz-executor" name="file0" dev="tmpfs" ino=689 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  297.031954][   T10] device bridge_slave_1 left promiscuous mode
[  297.040161][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.160035][   T10] device bridge_slave_0 left promiscuous mode
[  297.166077][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.174432][   T10] device veth1_macvtap left promiscuous mode
[  297.181445][   T10] device veth0_vlan left promiscuous mode
[  297.185327][ T4427] EXT4-fs (loop3): unmounting filesystem.
[  297.266374][ T1005] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  297.292032][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  297.300462][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  297.308208][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  297.316154][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  297.331057][ T5871] device veth1_macvtap entered promiscuous mode
[  297.656040][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  297.674939][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  297.684783][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  297.692576][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  297.700311][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  297.708826][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  297.717064][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  297.725367][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.757785][ T5905] loop2: detected capacity change from 0 to 512
[  297.764207][ T1005] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  297.796980][ T5905] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  297.806163][ T5905] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[  297.831611][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  297.835199][ T1005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  297.848255][ T1005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  297.859678][ T1005] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  297.872425][ T1005] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  297.881322][ T1005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.890247][ T1005] usb 5-1: config 0 descriptor??
[  297.908480][ T5887] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  298.479280][ T1005] plantronics 0003:047F:FFFF.0039: unknown main item tag 0xd
[  298.487922][ T1005] plantronics 0003:047F:FFFF.0039: No inputs registered, leaving
[  298.496431][ T1005] plantronics 0003:047F:FFFF.0039: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  298.650097][   T10] device bridge_slave_0 left promiscuous mode
[  298.656372][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.665350][   T10] device veth1_macvtap left promiscuous mode
[  298.716983][   T28] audit: type=1326 audit(2000000761.595:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5929 comm="syz.1.1688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f146bd773b9 code=0x0
[  298.759485][ T1005] usb 5-1: USB disconnect, device number 34
[  298.852339][ T5942] loop3: detected capacity change from 0 to 256
[  298.860826][ T5942] exfat: Deprecated parameter 'namecase'
[  298.871509][ T5942] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  298.891672][ T5942] exFAT-fs (loop3): hint_cluster is invalid (1)
[  298.898284][ T5942] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000)
[  298.906943][ T5942] exFAT-fs (loop3): error, failed to bmap (inode : ffff888133836e30 iblock : 9, err : -5)
[  298.917453][ T5942] syz.3.1693: attempt to access beyond end of device
[  298.917453][ T5942] loop3: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  298.968039][ T5945] loop3: detected capacity change from 0 to 16
[  298.975447][ T5945] erofs: (device loop3): mounted with root inode @ nid 36.
[  299.618768][ T5952] syz.3.1694: attempt to access beyond end of device
[  299.618768][ T5952] loop3: rw=0, sector=8, nr_sectors = 32 limit=16
[  299.907328][ T5960] loop4: detected capacity change from 0 to 128
[  299.921531][ T5960] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  299.944671][ T5963] loop3: detected capacity change from 0 to 256
[  299.951453][ T5960] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038 (0x7fffffff)
[  299.993697][ T3683] EXT4-fs (loop4): unmounting filesystem.
[  300.017800][   T28] audit: type=1326 audit(2000000762.895:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5956 comm="syz.3.1699" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3546d773b9 code=0x0
[  300.167715][ T5977] loop2: detected capacity change from 0 to 2048
[  300.211904][ T5977] Alternate GPT is invalid, using primary GPT.
[  300.218353][ T5977]  loop2: p1 p2 p3
[  301.131136][ T5988] loop2: detected capacity change from 0 to 256
[  301.137760][ T5988] exfat: Deprecated parameter 'namecase'
[  301.146225][ T5988] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  301.164245][ T5988] exFAT-fs (loop2): hint_cluster is invalid (1)
[  301.185481][ T5988] exFAT-fs (loop2): error, invalid access to exfat cache (entry 0x00000000)
[  301.194284][ T5988] exFAT-fs (loop2): error, failed to bmap (inode : ffff888133834d30 iblock : 9, err : -5)
[  301.204517][ T5988] syz.2.1705: attempt to access beyond end of device
[  301.204517][ T5988] loop2: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  301.598269][   T28] audit: type=1326 audit(2000000764.475:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6001 comm="syz.4.1711" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f1af773b9 code=0x0
[  301.792642][ T6006] loop4: detected capacity change from 0 to 16
[  301.799375][ T6006] erofs: (device loop4): mounted with root inode @ nid 36.
[  301.908382][ T3040] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  302.032504][ T6009] syz.4.1712: attempt to access beyond end of device
[  302.032504][ T6009] loop4: rw=0, sector=8, nr_sectors = 32 limit=16
[  302.238599][   T28] audit: type=1400 audit(2000000765.125:1507): avc:  denied  { shutdown } for  pid=6019 comm="syz.0.1717" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  302.508480][ T3040] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  302.516563][ T3040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  302.527921][ T3040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  302.539180][ T3040] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  302.551951][ T3040] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  302.560949][ T3040] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.575365][ T3040] usb 3-1: config 0 descriptor??
[  302.598553][ T5998] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  302.854123][ T6036] loop4: detected capacity change from 0 to 40427
[  302.861142][ T6036] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  302.869554][ T6036] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  302.884131][ T6036] F2FS-fs (loop4): invalid crc value
[  302.899327][ T6036] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  303.001213][ T6036] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  303.008472][ T6036] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  303.059608][ T3040] plantronics 0003:047F:FFFF.003A: unknown main item tag 0xd
[  303.069487][ T3040] plantronics 0003:047F:FFFF.003A: No inputs registered, leaving
[  303.082238][ T3040] plantronics 0003:047F:FFFF.003A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  303.150259][ T6044] loop3: detected capacity change from 0 to 1024
[  303.157313][ T6044] EXT4-fs: Ignoring removed orlov option
[  303.388991][  T320] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  303.400333][ T6044] EXT4-fs (loop3): Test dummy encryption mode enabled
[  303.452567][ T6044] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  303.546804][ T3049] usb 3-1: USB disconnect, device number 29
[  303.832557][ T6060] loop4: detected capacity change from 0 to 16
[  303.839424][ T6060] erofs: (device loop4): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  303.850375][ T6060] erofs: (device loop4): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  303.860859][ T6060] erofs: (device loop4): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  303.871390][ T6060] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 58320
[  303.925843][ T6060] loop4: detected capacity change from 0 to 512
[  303.933459][ T6060] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  303.939799][ T6060] EXT4-fs (loop4): mount failed
[  304.688387][ T3049] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  304.829018][  T923] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  304.928382][ T3049] usb 5-1: Using ep0 maxpacket: 8
[  305.023302][ T6087] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1738'.
[  305.048453][ T3049] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  305.058584][ T3049] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  305.067256][ T3049] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.077618][ T3049] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  305.087068][ T3049] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.128840][ T3049] hub 5-1:1.0: bad descriptor, ignoring hub
[  305.134735][ T3049] hub: probe of 5-1:1.0 failed with error -5
[  305.140771][ T3049] cdc_wdm 5-1:1.0: skipping garbage
[  305.145837][ T3049] cdc_wdm 5-1:1.0: skipping garbage
[  305.151297][ T3049] cdc_wdm: probe of 5-1:1.0 failed with error -22
[  305.188423][  T923] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.198760][  T923] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  305.207606][  T923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.216251][  T923] usb 1-1: config 0 descriptor??
[  305.378416][ T3040] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  305.448492][  T923] usb 5-1: USB disconnect, device number 35
[  305.459591][  T923] usb 1-1: USB disconnect, device number 32
[  305.738450][ T3040] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  305.746559][ T3040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  305.757523][ T3040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  305.768537][ T3040] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  305.781368][ T3040] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  305.790159][ T3040] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.798652][ T3040] usb 3-1: config 0 descriptor??
[  305.818449][ T6097] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  306.118400][ T1005] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  306.279509][ T3040] plantronics 0003:047F:FFFF.003B: unknown main item tag 0xd
[  306.283440][ T6107] loop1: detected capacity change from 0 to 512
[  306.288779][ T3040] plantronics 0003:047F:FFFF.003B: No inputs registered, leaving
[  306.297131][ T6107] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1747: bg 0: block 393: padding at end of block bitmap is not set
[  306.301838][ T3040] plantronics 0003:047F:FFFF.003B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  306.315363][ T6107] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  306.335807][ T6107] EXT4-fs (loop1): 2 truncates cleaned up
[  306.341481][ T6107] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  306.352892][ T6107] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #12: block 7: comm syz.1.1747: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[  306.373471][ T6107] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6107 comm=syz.1.1747
[  306.387727][ T6107] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6107 comm=syz.1.1747
[  306.387746][   T28] audit: type=1400 audit(2000000769.275:1508): avc:  denied  { nlmsg_write } for  pid=6106 comm="syz.1.1747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  306.425679][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  306.459280][ T6115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1750'.
[  306.518869][ T6124] loop1: detected capacity change from 0 to 512
[  306.527037][ T6124] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1754: casefold flag without casefold feature
[  306.540010][ T6124] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1754: missing EA_INODE flag
[  306.551750][ T6124] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1754: error while reading EA inode 2 err=-117
[  306.564041][ T6124] EXT4-fs (loop1): 1 orphan inode deleted
[  306.569909][ T1005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.570832][ T3040] usb 3-1: USB disconnect, device number 30
[  306.580809][ T6124] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  306.594826][ T1005] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  306.603821][ T1005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.658562][ T1005] usb 5-1: config 0 descriptor??
[  306.966326][ T6131] netlink: 'syz.0.1755': attribute type 4 has an invalid length.
[  306.980410][ T6131] netlink: 'syz.0.1755': attribute type 4 has an invalid length.
[  307.474991][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  307.517584][ T6145] loop1: detected capacity change from 0 to 512
[  307.540367][ T6145] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1759: bg 0: block 393: padding at end of block bitmap is not set
[  307.635954][ T6145] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  307.656298][ T6145] EXT4-fs (loop1): 2 truncates cleaned up
[  307.662244][ T6145] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  307.669102][ T1005] keytouch 0003:0926:3333.003C: fixing up Keytouch IEC report descriptor
[  307.682303][ T6145] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #12: block 7: comm syz.1.1759: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[  307.710583][ T1005] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.003C/input/input36
[  307.773571][ T6145] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6145 comm=syz.1.1759
[  307.801104][ T1005] keytouch 0003:0926:3333.003C: input,hidraw0: USB HID v73.1e Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  307.827336][ T6145] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6145 comm=syz.1.1759
[  307.969602][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  308.245117][ T1005] usb 5-1: USB disconnect, device number 36
[  308.248415][  T923] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  308.388420][ T3040] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  308.437510][ T6167] loop2: detected capacity change from 0 to 512
[  308.445786][ T6167] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1768: casefold flag without casefold feature
[  308.458539][ T6167] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz.2.1768: missing EA_INODE flag
[  308.470111][ T6167] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1768: error while reading EA inode 2 err=-117
[  308.482972][ T6167] EXT4-fs (loop2): 1 orphan inode deleted
[  308.488887][ T6167] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  309.039656][ T6173] loop4: detected capacity change from 0 to 256
[  309.048500][ T6173] exfat: Deprecated parameter 'namecase'
[  309.054716][ T6173] exfat: Bad value for 'umask'
[  309.148900][  T923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.160674][ T3040] usb 1-1: Using ep0 maxpacket: 32
[  309.166074][  T923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.172293][   T28] audit: type=1400 audit(2000000772.055:1509): avc:  denied  { setcheckreqprot } for  pid=6172 comm="syz.4.1769" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  309.175688][  T923] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  309.205278][  T923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.214978][  T923] usb 2-1: config 0 descriptor??
[  309.215736][ T6175] loop4: detected capacity change from 0 to 128
[  309.237566][ T6175] syz.4.1770: attempt to access beyond end of device
[  309.237566][ T6175] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  309.256076][ T6175] syz.4.1770: attempt to access beyond end of device
[  309.256076][ T6175] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[  309.271439][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.271439][ T6174] loop4: rw=0, sector=177, nr_sectors = 1 limit=128
[  309.284664][ T6174] Buffer I/O error on dev loop4, logical block 177, async page read
[  309.292885][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.292885][ T6174] loop4: rw=0, sector=178, nr_sectors = 1 limit=128
[  309.306251][ T6174] Buffer I/O error on dev loop4, logical block 178, async page read
[  309.314848][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.314848][ T6174] loop4: rw=0, sector=179, nr_sectors = 1 limit=128
[  309.328283][ T6174] Buffer I/O error on dev loop4, logical block 179, async page read
[  309.336857][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.336857][ T6174] loop4: rw=0, sector=180, nr_sectors = 1 limit=128
[  309.337880][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  309.349848][ T6174] Buffer I/O error on dev loop4, logical block 180, async page read
[  309.363506][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.363506][ T6174] loop4: rw=0, sector=181, nr_sectors = 1 limit=128
[  309.376695][ T6174] Buffer I/O error on dev loop4, logical block 181, async page read
[  309.384972][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.384972][ T6174] loop4: rw=0, sector=182, nr_sectors = 1 limit=128
[  309.398859][ T6174] Buffer I/O error on dev loop4, logical block 182, async page read
[  309.406688][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.406688][ T6174] loop4: rw=0, sector=183, nr_sectors = 1 limit=128
[  309.420365][ T6174] Buffer I/O error on dev loop4, logical block 183, async page read
[  309.428270][ T6174] syz.4.1770: attempt to access beyond end of device
[  309.428270][ T6174] loop4: rw=0, sector=184, nr_sectors = 1 limit=128
[  309.441922][ T6174] Buffer I/O error on dev loop4, logical block 184, async page read
[  309.450049][ T6174] Buffer I/O error on dev loop4, logical block 177, async page read
[  309.458070][ T6174] Buffer I/O error on dev loop4, logical block 178, async page read
[  309.478654][ T3040] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=3a.75
[  309.487696][ T3040] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.495638][ T3040] usb 1-1: Product: syz
[  309.499641][ T3040] usb 1-1: Manufacturer: syz
[  309.504041][ T3040] usb 1-1: SerialNumber: syz
[  309.509217][ T3040] usb 1-1: config 0 descriptor??
[  309.778434][  T339] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  309.900908][  T923] hid-multitouch 0003:1FD2:6007.003D: unknown main item tag 0x0
[  309.909517][ T3040] usb_ehset_test: probe of 1-1:0.0 failed with error -32
[  309.917568][ T3040] usb 1-1: USB disconnect, device number 33
[  309.923560][  T923] hid-multitouch 0003:1FD2:6007.003D: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  309.948466][  T923] usb 2-1: USB disconnect, device number 35
[  310.048369][  T339] usb 5-1: Using ep0 maxpacket: 32
[  310.218439][  T339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  310.229533][  T339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  310.240513][  T339] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  310.249360][  T339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.258108][  T339] usb 5-1: config 0 descriptor??
[  310.288500][ T6175] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  310.363934][  T339] hub 5-1:0.0: USB hub found
[  310.684577][  T339] hub 5-1:0.0: 2 ports detected
[  310.712838][ T6193] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  310.734665][   T28] audit: type=1400 audit(2000000773.615:1510): avc:  denied  { ioctl } for  pid=6194 comm="syz.1.1776" path="/102/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  310.937181][   T28] audit: type=1400 audit(2000000773.815:1511): avc:  denied  { lock } for  pid=6174 comm="syz.4.1770" path="socket:[45063]" dev="sockfs" ino=45063 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  311.086668][  T339] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  311.093182][  T339] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  311.248466][  T339] usbhid 5-1:0.0: can't add hid device: -71
[  311.254532][  T339] usbhid: probe of 5-1:0.0 failed with error -71
[  311.270374][ T6207] loop2: detected capacity change from 0 to 256
[  311.276866][ T6207] exfat: Deprecated parameter 'namecase'
[  311.282524][ T6207] exfat: Bad value for 'umask'
[  311.298793][  T339] usb 5-1: USB disconnect, device number 37
[  311.338407][ T3040] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  312.374754][ T6221] loop4: detected capacity change from 0 to 2048
[  312.421570][ T6221] Alternate GPT is invalid, using primary GPT.
[  312.427903][ T6221]  loop4: p1 p2 p3
[  312.648503][ T3040] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.657007][  T737] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  312.660229][ T3040] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  312.676337][ T3040] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.678291][ T6225] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  312.693662][ T3040] usb 2-1: config 0 descriptor??
[  312.920297][ T6234] loop2: detected capacity change from 0 to 256
[  313.068478][ T6234] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  313.087309][ T6234] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  313.218596][  T737] usb 1-1: New USB device found, idVendor=1bcf, idProduct=0b40, bcdDevice=e6.01
[  313.238592][  T737] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.276991][  T737] usb 1-1: Product: syz
[  313.297672][  T737] usb 1-1: Manufacturer: syz
[  313.319523][  T737] usb 1-1: SerialNumber: syz
[  313.348098][  T737] usb 1-1: config 0 descriptor??
[  313.411464][  T737] usb 1-1: Found UVC 0.00 device syz (1bcf:0b40)
[  313.449633][ T4427] EXT4-fs (loop3): unmounting filesystem.
[  313.455346][  T737] usb 1-1: Forcing UVC version to 1.0a
[  313.461957][  T737] usb 1-1: No valid video chain found.
[  313.469112][ T3040] keytouch 0003:0926:3333.003E: fixing up Keytouch IEC report descriptor
[  313.482124][ T3040] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.003E/input/input38
[  313.494081][  T319] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  313.589488][ T3040] keytouch 0003:0926:3333.003E: input,hidraw0: USB HID v73.1e Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  313.613350][ T6238] loop2: detected capacity change from 0 to 16
[  313.628740][ T6238] erofs: (device loop2): mounted with root inode @ nid 36.
[  313.648249][ T6238] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  313.666999][ T6238] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 8 of nid 36
[  313.719322][ T6239] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.731597][ T6239] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.748431][  T319] usb 5-1: Using ep0 maxpacket: 32
[  313.776994][ T6239] device bridge_slave_0 entered promiscuous mode
[  313.794585][ T6239] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.818147][ T6239] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.825932][ T6239] device bridge_slave_1 entered promiscuous mode
[  314.698978][ T3720] usb 2-1: USB disconnect, device number 36
[  314.715899][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  314.723605][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  314.758014][ T3040] usb 1-1: USB disconnect, device number 34
[  314.771810][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  314.780437][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  314.788786][  T339] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.795702][  T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.820537][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  314.828267][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  314.836715][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  314.845542][  T339] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.848609][  T319] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=3a.75
[  314.852441][  T339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.869462][  T319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.878190][  T319] usb 5-1: Product: syz
[  314.878830][ T3275] device bridge_slave_1 left promiscuous mode
[  314.882262][  T319] usb 5-1: Manufacturer: syz
[  314.892697][  T319] usb 5-1: SerialNumber: syz
[  314.898756][  T319] usb 5-1: config 0 descriptor??
[  314.903426][ T3275] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.912211][ T3275] device bridge_slave_0 left promiscuous mode
[  314.918992][ T3275] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.922630][ T6260] loop2: detected capacity change from 0 to 256
[  314.933247][ T3275] device veth1_macvtap left promiscuous mode
[  314.939225][ T3275] device veth0_vlan left promiscuous mode
[  314.949679][  T319] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[  314.992545][   T28] audit: type=1326 audit(2000000777.875:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6259 comm="syz.2.1797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc070d773b9 code=0x0
[  315.034687][ T6266] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6266 comm=syz.0.1798
[  315.050052][ T6266] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6266 comm=syz.0.1798
[  315.066425][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  315.074691][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  315.082713][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  315.094134][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  315.114160][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  315.122982][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  315.137339][ T6239] device veth0_vlan entered promiscuous mode
[  315.146174][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  315.155383][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  315.164321][  T737] usb 5-1: USB disconnect, device number 38
[  315.173184][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  315.180673][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  315.187911][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  315.195997][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  315.205321][ T6239] device veth1_macvtap entered promiscuous mode
[  315.219528][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  315.227339][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  315.236149][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  315.244682][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  315.253542][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  315.280630][ T6275] loop1: detected capacity change from 0 to 128
[  315.282484][ T6277] syz.3.1790[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.286933][ T6277] syz.3.1790[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.293632][ T6275] FAT-fs (loop1): Unrecognized mount option "18446744073709551615" or missing value
[  315.355980][ T6275] loop1: detected capacity change from 0 to 256
[  315.362999][ T6275] exfat: Bad value for 'uid'
[  315.429508][ T6275] loop1: detected capacity change from 0 to 512
[  315.526024][ T6280] loop3: detected capacity change from 0 to 40427
[  315.533147][ T6280] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  315.540982][ T6280] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  315.550286][ T6280] F2FS-fs (loop3): invalid crc value
[  315.556984][ T6280] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  315.581272][ T6286] loop1: detected capacity change from 0 to 16
[  315.588212][ T6286] erofs: (device loop1): mounted with root inode @ nid 36.
[  315.590185][ T6280] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  315.602714][ T6280] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  316.059353][ T6298] bio_check_eod: 185 callbacks suppressed
[  316.059402][ T6298] syz.1.1804: attempt to access beyond end of device
[  316.059402][ T6298] loop1: rw=0, sector=8, nr_sectors = 32 limit=16
[  318.858211][ T6307] loop1: detected capacity change from 0 to 512
[  318.867833][ T6307] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1809: bg 0: block 393: padding at end of block bitmap is not set
[  318.886904][ T6307] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  318.905531][ T6307] EXT4-fs (loop1): 2 truncates cleaned up
[  318.912214][ T6307] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  318.994999][ T6307] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #12: block 7: comm syz.1.1809: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[  319.056186][ T6307] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6307 comm=syz.1.1809
[  319.100436][ T6307] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6307 comm=syz.1.1809
[  319.141704][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  319.214187][  T737] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  319.226272][  T737] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  319.234488][  T737] hid-generic 0000:0000:0000.003F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  319.238421][ T3040] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  319.256215][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.268699][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.281496][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.294109][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.306452][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.319512][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  319.498384][  T320] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  319.648575][ T3040] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.659618][ T3040] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  319.668508][ T3040] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.677006][ T3040] usb 1-1: config 0 descriptor??
[  319.740496][  T320] usb 3-1: Using ep0 maxpacket: 16
[  319.747169][   T28] audit: type=1400 audit(2000000782.625:1513): avc:  denied  { attach_queue } for  pid=6337 comm="syz.1.1820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  319.840522][   T28] audit: type=1400 audit(2000000782.725:1514): avc:  denied  { mount } for  pid=6341 comm="syz.1.1822" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  319.862828][  T320] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  319.871079][  T320] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  319.881492][  T320] usb 3-1: config 0 has no interface number 0
[  319.887580][  T320] usb 3-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  320.018420][  T320] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  320.027409][  T320] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  320.035254][  T320] usb 3-1: Product: syz
[  320.039444][  T320] usb 3-1: SerialNumber: syz
[  320.044618][ T6335] selinux_netlink_send: 71 callbacks suppressed
[  320.044637][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  320.058620][  T320] usb 3-1: config 0 descriptor??
[  320.063520][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  320.080409][ T6335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6335 comm=syz.4.1819
[  320.101202][  T320] snd-usb-audio: probe of 3-1:0.2 failed with error -2
[  320.183462][ T6355] overlayfs: unrecognized mount option "B: KEY=10000000000000 0
[  320.183462][ T6355] 
[  320.183462][ T6355] I: Bus=0019 Vendor=0000 Product=0003 Version=0000
[  320.183462][ T6355] N: Name="Sleep Button"
[  320.183462][ T6355] P: Phys=LNXSLPBN/button/input0
[  320.183462][ T6355] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1
[  320.183462][ T6355] U: Uniq=
[  320.183462][ T6355] H: Handlers=kbd event1 
[  320.183462][ T6355] B: PROP=0
[  320.183462][ T6355] B: EV=3
[  320.183462][ T6355] B: KEY=4000 0 0
[  320.183462][ T6355] 
[  320.183462][ T6355] I: Bus=0011 Vendor=0001 Product=0001 Version=abba
[  320.183462][ T6355] N: Name="AT Translated Set 2 keyboard"
[  320.183462][ T6355] P: Phys=isa0060/serio0/input0
[  320.183462][ T6355] S: Sysfs=/devices/platform/i8042/serio0/input/input2
[  320.183462][ T6355] U: Uniq=
[  320.183462][ T6355] H: Handlers=kbd leds event2 
[  320.183462][ T6355] B: PROP=0
[  320.183462][ T6355] B: EV=120013
[  320.238483][ T3049] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  320.302380][  T320] usb 3-1: USB disconnect, device number 31
[  320.349140][ T3040] keytouch 0003:0926:3333.0040: fixing up Keytouch IEC report descriptor
[  320.359221][ T3040] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0040/input/input39
[  320.411329][ T6354] loop3: detected capacity change from 0 to 40427
[  320.418248][ T6354] F2FS-fs (loop3): Invalid segment count (0)
[  320.424531][ T6354] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  320.433877][ T6354] F2FS-fs (loop3): invalid crc value
[  320.440771][ T6354] F2FS-fs (loop3): Found nat_bits in checkpoint
[  320.461408][ T3040] keytouch 0003:0926:3333.0040: input,hidraw0: USB HID v73.1e Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  320.505767][ T6354] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  320.512857][ T6354] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  320.532064][ T6354] syz.3.1827: attempt to access beyond end of device
[  320.532064][ T6354] loop3: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  320.557290][ T6354] syz.3.1827: attempt to access beyond end of device
[  320.557290][ T6354] loop3: rw=2049, sector=53376, nr_sectors = 416 limit=40427
[  320.571217][ T3049] usb 2-1: Using ep0 maxpacket: 32
[  320.586468][ T6354] syz.3.1827: attempt to access beyond end of device
[  320.586468][ T6354] loop3: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  320.615471][ T6239] syz-executor: attempt to access beyond end of device
[  320.615471][ T6239] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  320.888652][ T3049] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=3a.75
[  320.908020][ T3049] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.936937][ T3049] usb 2-1: Product: syz
[  320.941000][ T3049] usb 2-1: Manufacturer: syz
[  320.945476][ T3049] usb 2-1: SerialNumber: syz
[  320.950996][ T3049] usb 2-1: config 0 descriptor??
[  320.999135][ T3049] usb_ehset_test: probe of 2-1:0.0 failed with error -32
[  321.052889][ T6368] loop2: detected capacity change from 0 to 40427
[  321.063630][ T6368] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  321.074937][ T6368] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  321.084374][ T6368] F2FS-fs (loop2): invalid crc value
[  321.088928][  T320] usb 1-1: USB disconnect, device number 35
[  321.101598][ T6368] F2FS-fs (loop2): Found nat_bits in checkpoint
[  321.126943][ T6381] loop3: detected capacity change from 0 to 512
[  321.133450][ T6381] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  321.148404][ T6368] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  321.155283][ T6368] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  321.172119][ T6368] F2FS-fs (loop2): Unrecognized mount option "€" or missing value
[  321.206150][ T6381] loop3: detected capacity change from 0 to 1024
[  321.216403][ T3049] usb 2-1: USB disconnect, device number 37
[  321.224164][ T6381] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  321.249647][   T28] audit: type=1400 audit(2000000784.135:1515): avc:  denied  { link } for  pid=6380 comm="syz.3.1835" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  321.292603][   T28] audit: type=1400 audit(2000000784.135:1516): avc:  denied  { rename } for  pid=6380 comm="syz.3.1835" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  321.316029][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  321.364672][ T3720] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[  321.372731][ T3720] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[  321.380990][ T3720] hid-generic 0000:0000:0000.0041: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  321.488424][  T339] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  321.837263][   T28] audit: type=1326 audit(2000000784.715:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6397 comm="syz.0.1839" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa563773b9 code=0x0
[  321.878491][  T339] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  321.888684][  T339] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  321.897631][  T339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.912063][  T339] usb 3-1: config 0 descriptor??
[  321.929494][ T6401] loop1: detected capacity change from 0 to 40427
[  321.936516][ T6401] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  321.944233][ T6401] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  321.949214][  T339] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  321.953720][ T6401] F2FS-fs (loop1): invalid crc value
[  321.959455][  T339] usb 3-1: No valid video chain found.
[  321.966215][ T6401] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  321.995357][ T6401] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  322.002362][ T6401] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  322.804762][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  322.812361][ T3049] usb 3-1: USB disconnect, device number 32
[  322.941389][   T28] audit: type=1400 audit(2000000785.825:1518): avc:  denied  { write } for  pid=6431 comm="syz.4.1851" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  323.187124][ T6443] loop1: detected capacity change from 0 to 40427
[  323.193557][   T40] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  323.194465][ T6443] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  323.208553][ T6443] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  323.217475][ T6443] F2FS-fs (loop1): invalid crc value
[  323.224427][ T6443] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  323.250875][ T6443] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  323.257838][ T6443] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  323.608568][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.620695][   T40] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  323.631777][   T40] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.648726][   T40] usb 1-1: config 0 descriptor??
[  323.796293][ T3049] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  323.803780][ T3049] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  323.811579][ T3049] hid-generic 0000:0000:0000.0042: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  324.219056][   T40] keytouch 0003:0926:3333.0043: fixing up Keytouch IEC report descriptor
[  324.228980][   T40] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0043/input/input40
[  324.299249][   T28] audit: type=1400 audit(2000000787.185:1519): avc:  denied  { create } for  pid=6463 comm="syz.1.1858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  324.336420][   T28] audit: type=1400 audit(2000000787.185:1520): avc:  denied  { sys_admin } for  pid=6463 comm="syz.1.1858" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  324.771343][ T6468] loop4: detected capacity change from 0 to 256
[  324.844682][   T28] audit: type=1326 audit(2000000787.725:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6467 comm="syz.4.1859" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f1af773b9 code=0x0
[  324.868391][ T1900] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  325.016464][   T40] keytouch 0003:0926:3333.0043: input,hidraw0: USB HID v73.1e Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  325.030039][   T40] usb 1-1: USB disconnect, device number 36
[  325.070590][ T6478] loop1: detected capacity change from 0 to 512
[  325.086253][ T6478] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1863: casefold flag without casefold feature
[  325.104992][ T6478] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1863: missing EA_INODE flag
[  325.116745][ T6478] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1863: error while reading EA inode 2 err=-117
[  325.129488][ T6478] EXT4-fs (loop1): 1 orphan inode deleted
[  325.135043][ T6478] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  326.034475][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  326.049685][ T6500] loop1: detected capacity change from 0 to 128
[  326.058994][ T6500] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  326.067950][ T6500] ext4 filesystem being mounted at /128/mnt supports timestamps until 2038 (0x7fffffff)
[  326.185223][ T6508] loop3: detected capacity change from 0 to 16
[  326.193977][   T28] audit: type=1400 audit(2000000789.075:1522): avc:  denied  { ioctl } for  pid=6497 comm="syz.0.1868" path="socket:[46547]" dev="sockfs" ino=46547 ioctlcmd=0x545c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  326.221373][ T6499] xt_CT: You must specify a L4 protocol and not use inversions on it
[  326.237547][ T6508] erofs: (device loop3): mounted with root inode @ nid 36.
[  327.021497][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  327.053353][ T6530] loop1: detected capacity change from 0 to 512
[  327.053703][  T339] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  327.087586][ T6530] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1878: casefold flag without casefold feature
[  327.100719][ T6530] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1878: missing EA_INODE flag
[  327.117383][ T6530] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1878: error while reading EA inode 2 err=-117
[  327.130530][ T6530] EXT4-fs (loop1): 1 orphan inode deleted
[  327.136096][ T6530] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  327.779451][  T339] usb 4-1: Using ep0 maxpacket: 8
[  328.495176][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  328.598424][  T339] usb 4-1: config 0 has no interfaces?
[  328.603912][  T339] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  328.616506][ T6563] xt_CT: You must specify a L4 protocol and not use inversions on it
[  328.625351][ T6558] netlink: 'syz.2.1886': attribute type 6 has an invalid length.
[  328.647580][  T339] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.657946][  T339] usb 4-1: config 0 descriptor??
[  328.731541][ T6575] syz.1.1892[6575] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  328.731637][ T6575] syz.1.1892[6575] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  328.938434][ T1005] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  329.172986][ T6583] loop4: detected capacity change from 0 to 512
[  329.228345][ T1005] usb 3-1: Using ep0 maxpacket: 16
[  329.255921][ T6583] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1889: invalid indirect mapped block 256 (level 2)
[  329.304826][ T6583] EXT4-fs (loop4): 2 truncates cleaned up
[  329.311165][ T6583] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  329.328371][ T3049] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  329.332875][  T339] usb 4-1: USB disconnect, device number 36
[  329.348485][ T1005] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  329.358702][ T1005] usb 3-1: config 0 has no interface number 0
[  329.364721][ T1005] usb 3-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid maxpacket 29030, setting to 1024
[  329.377483][ T1005] usb 3-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  329.508447][ T1005] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  329.518940][ T1005] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  329.526776][ T1005] usb 3-1: Product: syz
[  329.531196][ T1005] usb 3-1: SerialNumber: syz
[  329.538886][ T1005] usb 3-1: config 0 descriptor??
[  329.544881][ T3683] EXT4-fs (loop4): unmounting filesystem.
[  329.558657][ T6570] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  329.581405][   T28] audit: type=1400 audit(2000000792.465:1523): avc:  denied  { unmount } for  pid=3683 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  329.755859][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.767166][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.777269][ T3049] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  329.788396][ T3049] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.797191][ T3049] usb 2-1: config 0 descriptor??
[  329.842137][ T1005] usb 3-1: invalid MIDI in EP 0
[  329.851196][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.858208][ T6596] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.859376][ T1005] snd-usb-audio: probe of 3-1:0.2 failed with error -22
[  329.865779][ T6596] device bridge_slave_0 entered promiscuous mode
[  329.873809][ T1005] usb 3-1: USB disconnect, device number 33
[  329.879546][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.890926][ T6596] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.902084][ T6596] device bridge_slave_1 entered promiscuous mode
[  329.981554][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.988448][ T6596] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.995529][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.002340][ T6596] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.026361][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  330.034227][ T3040] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.041693][ T3040] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.053088][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  330.061522][  T339] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.068406][  T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.083287][ T6608] xt_CT: You must specify a L4 protocol and not use inversions on it
[  330.092371][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  330.101198][ T3040] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.108049][ T3040] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.115315][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  330.123183][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  330.138569][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  330.151018][ T6596] device veth0_vlan entered promiscuous mode
[  330.158983][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  330.166792][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  330.174156][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  330.185415][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  330.194825][ T6596] device veth1_macvtap entered promiscuous mode
[  330.209863][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  330.222472][ T6610] netlink: 'syz.3.1904': attribute type 6 has an invalid length.
[  330.230795][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  330.258666][ T3049] hid (null): bogus close delimiter
[  330.397258][ T6612] loop3: detected capacity change from 0 to 40427
[  330.407356][ T6612] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  330.417026][ T6612] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  330.430203][ T6612] F2FS-fs (loop3): invalid crc value
[  330.454142][ T6612] F2FS-fs (loop3): Found nat_bits in checkpoint
[  330.917882][ T3049] usb 2-1: language id specifier not provided by device, defaulting to English
[  330.976478][ T6612] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  330.983579][ T6612] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  331.000497][ T6612] F2FS-fs (loop3): Unrecognized mount option "€" or missing value
[  331.016876][ T6632] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  331.159390][ T6638] loop4: detected capacity change from 0 to 512
[  331.169001][ T6638] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz.4.1914: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  331.187051][ T6638] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1914: couldn't read orphan inode 15 (err -117)
[  331.199396][ T6638] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  331.207822][ T6638] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[  331.224550][ T6638] overlayfs: upper fs needs to support d_type.
[  331.231770][ T6636] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.239106][ T3049] uclogic 0003:256C:006D.0044: interface is invalid, ignoring
[  331.243304][ T6636] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.254567][ T6636] device bridge_slave_0 entered promiscuous mode
[  331.261749][ T6596] EXT4-fs (loop4): unmounting filesystem.
[  331.270027][ T6636] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.277095][ T6636] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.284610][ T6636] device bridge_slave_1 entered promiscuous mode
[  331.291110][ T6645] netlink: 'syz.4.1915': attribute type 6 has an invalid length.
[  331.298925][   T40] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  331.328353][ T3040] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  331.391491][ T6636] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.398567][ T6636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.405676][ T6636] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.412486][ T6636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.443115][  T319] usb 2-1: USB disconnect, device number 38
[  331.449373][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  331.457231][ T1005] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.464786][ T1005] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.480033][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  331.488214][  T339] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.495167][  T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.503031][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  331.511998][  T339] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.518906][  T339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.539308][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  331.547380][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.562168][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  331.574200][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  331.581976][ T3040] usb 3-1: Using ep0 maxpacket: 32
[  331.587829][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  331.595709][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  331.604510][ T6636] device veth0_vlan entered promiscuous mode
[  331.621977][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  331.632200][ T6636] device veth1_macvtap entered promiscuous mode
[  331.645190][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  331.660501][ T3275] device bridge_slave_1 left promiscuous mode
[  331.666941][ T3275] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.668510][   T40] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  331.684775][ T3275] device veth1_macvtap left promiscuous mode
[  331.684905][   T40] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  331.699593][   T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.708807][   T40] usb 4-1: config 0 descriptor??
[  331.741156][ T6656] loop4: detected capacity change from 0 to 128
[  331.749182][   T40] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  331.757617][   T40] usb 4-1: No valid video chain found.
[  331.842878][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  331.868234][ T6659] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1912'.
[  331.877418][ T6659] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1912'.
[  331.958973][ T3040] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=3a.75
[  331.978463][  T737] usb 4-1: USB disconnect, device number 37
[  331.988418][ T3040] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.002958][ T3040] usb 3-1: Product: syz
[  332.011509][ T3040] usb 3-1: Manufacturer: syz
[  332.016379][ T3040] usb 3-1: SerialNumber: syz
[  332.026422][ T3040] usb 3-1: config 0 descriptor??
[  332.064398][ T6665] loop1: detected capacity change from 0 to 256
[  332.082536][ T3040] usb_ehset_test: probe of 3-1:0.0 failed with error -32
[  332.095546][ T6669] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  332.139351][   T28] audit: type=1326 audit(2000000795.025:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6664 comm="syz.1.1921" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f146bd773b9 code=0x0
[  332.292097][ T3040] usb 3-1: USB disconnect, device number 34
[  332.916048][ T6689] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1931'.
[  332.925388][ T6689] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1931'.
[  333.079094][   T40] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  333.105741][ T6695] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  333.218419][ T3049] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  333.261773][   T28] audit: type=1326 audit(2000000796.145:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6706 comm="syz.0.1939" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c3a7773b9 code=0x0
[  333.448440][   T40] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.459439][   T40] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.469215][   T40] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  333.478099][   T40] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.487304][   T40] usb 3-1: config 0 descriptor??
[  333.632537][ T6712] loop4: detected capacity change from 0 to 256
[  333.642374][ T6712] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  333.655038][ T6712] exFAT-fs (loop4): error, invalid access to FAT bad cluster (entry 0x00000005)
[  333.664182][ T6712] exFAT-fs (loop4): Filesystem has been set read-only
[  333.670677][ T6712] exFAT-fs (loop4): failed to initialize root inode
[  333.677729][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.688522][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.698060][ T3049] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  333.706969][ T3049] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.715293][ T3049] usb 2-1: config 0 descriptor??
[  333.882544][ T6718] loop4: detected capacity change from 0 to 40427
[  333.889437][ T6718] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  333.897240][ T6718] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  333.906347][ T6718] F2FS-fs (loop4): invalid crc value
[  333.913237][ T6718] F2FS-fs (loop4): Found nat_bits in checkpoint
[  333.948510][ T6718] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  333.955385][ T6718] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  334.015059][   T40] hid-multitouch 0003:1FD2:6007.0045: unknown main item tag 0x0
[  334.023909][   T40] hid-multitouch 0003:1FD2:6007.0045: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[  334.038653][ T5043] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  334.038685][ T1900] Bluetooth: hci0: command 0x1003 tx timeout
[  334.697931][ T3049] hid (null): bogus close delimiter
[  334.704973][  T526] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  334.714728][   T40] usb 3-1: USB disconnect, device number 35
[  334.721716][  T526] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  334.758463][ T3049] usb 2-1: language id specifier not provided by device, defaulting to English
[  334.790192][ T6731] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  334.940299][ T6741] loop3: detected capacity change from 0 to 40427
[  334.947077][ T6741] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  334.954672][ T6741] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  334.965299][ T6741] F2FS-fs (loop3): Found nat_bits in checkpoint
[  334.996362][ T6741] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  335.008846][ T6741] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  335.015834][ T6741] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  335.068442][ T3049] uclogic 0003:256C:006D.0046: interface is invalid, ignoring
[  335.095883][  T339] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  335.211203][ T6749] syz.3.1950: attempt to access beyond end of device
[  335.211203][ T6749] loop3: rw=2049, sector=45096, nr_sectors = 64 limit=40427
[  335.341039][ T6751] loop2: detected capacity change from 0 to 1024
[  335.352672][ T6751] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  335.369992][ T6751] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  335.382054][   T40] usb 2-1: USB disconnect, device number 39
[  335.432380][ T6751] EXT4-fs error (device loop2): ext4_get_journal_inode:5720: inode #5: comm syz.2.1951: unexpected bad inode w/o EXT4_IGET_BAD
[  335.445956][ T6751] EXT4-fs (loop2): no journal found
[  335.451123][ T6751] EXT4-fs (loop2): can't get journal size
[  335.457752][ T6751] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  335.498428][  T339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  335.512441][  T339] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  335.531503][  T339] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  335.544757][  T339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.557797][  T339] usb 5-1: config 0 descriptor??
[  336.039925][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.057258][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.078627][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.098408][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.105814][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.138413][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.155962][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.176159][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.187252][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.195118][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  336.199187][  T339] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[  336.212890][  T339] plantronics 0003:047F:FFFF.0047: No inputs registered, leaving
[  336.226265][  T339] plantronics 0003:047F:FFFF.0047: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  336.259398][ T6767] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.268736][ T6762] loop1: detected capacity change from 0 to 40427
[  336.273038][ T6767] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.275884][ T6762] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  336.289950][ T6762] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  336.298885][ T6762] F2FS-fs (loop1): invalid crc value
[  336.303181][ T6767] device bridge_slave_0 entered promiscuous mode
[  336.321623][ T6767] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.329484][ T6762] F2FS-fs (loop1): Found nat_bits in checkpoint
[  336.347207][ T6767] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.368239][ T6767] device bridge_slave_1 entered promiscuous mode
[  336.384573][ T6762] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  336.395835][ T6762] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  336.416993][ T6762] F2FS-fs (loop1): Unrecognized mount option "€" or missing value
[  336.481989][ T6767] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.488888][ T6767] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.496003][ T6767] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.502907][ T6767] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.529506][ T3049] usb 5-1: USB disconnect, device number 39
[  336.567866][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  336.576162][ T3040] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.583819][ T3040] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.610380][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  336.619132][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.625985][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.633901][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  336.643991][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.651052][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.685566][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  336.703505][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  336.750065][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  336.778419][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  336.787963][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  336.796610][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  336.810463][ T6767] device veth0_vlan entered promiscuous mode
[  336.828532][ T3720] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  336.835992][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  336.851475][ T6767] device veth1_macvtap entered promiscuous mode
[  336.877806][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  336.887307][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  336.903337][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  336.912885][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  338.398649][ T6798] fuse: Bad value for 'fd'
[  339.010364][ T6805] loop2: detected capacity change from 0 to 256
[  339.020522][ T6805] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  339.037523][ T6805] exFAT-fs (loop2): error, invalid access to FAT bad cluster (entry 0x00000005)
[  339.047020][ T6805] exFAT-fs (loop2): Filesystem has been set read-only
[  339.054190][ T6805] exFAT-fs (loop2): failed to initialize root inode
[  339.061792][ T3720] usb 2-1: unable to read config index 0 descriptor/all
[  339.068980][ T3720] usb 2-1: can't read configurations, error -71
[  339.157399][ T6823] loop2: detected capacity change from 0 to 128
[  339.208424][  T339] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  339.208827][ T6823] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  339.224844][ T6823] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038 (0x7fffffff)
[  339.232894][ T6828] loop1: detected capacity change from 0 to 128
[  340.927553][  T339] usb 4-1: Using ep0 maxpacket: 16
[  340.964984][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  341.218486][  T339] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  341.226539][  T339] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  341.236733][  T339] usb 4-1: config 0 has no interface number 0
[  341.728537][  T339] usb 4-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  341.744848][ T6861] serio: Serial port ptm0
[  341.858773][  T339] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  341.879939][  T339] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  341.972438][ T6867] loop4: detected capacity change from 0 to 1024
[  341.985072][  T339] usb 4-1: Product: syz
[  341.989548][  T339] usb 4-1: SerialNumber: syz
[  341.994750][  T339] usb 4-1: config 0 descriptor??
[  342.018439][  T339] usb 4-1: can't set config #0, error -71
[  342.024937][  T339] usb 4-1: USB disconnect, device number 38
[  342.073947][ T6870] loop3: detected capacity change from 0 to 256
[  342.117313][ T6867] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  342.128744][ T6870] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  342.141378][ T6870] exFAT-fs (loop3): error, invalid access to FAT bad cluster (entry 0x00000005)
[  342.143467][ T6867] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  342.150279][ T6870] exFAT-fs (loop3): Filesystem has been set read-only
[  342.150297][ T6870] exFAT-fs (loop3): failed to initialize root inode
[  342.274532][ T6882] xt_CONNSECMARK: invalid mode: 0
[  343.258637][ T6867] EXT4-fs error (device loop4): ext4_get_journal_inode:5720: inode #5: comm syz.4.1987: unexpected bad inode w/o EXT4_IGET_BAD
[  343.271791][ T6887] loop3: detected capacity change from 0 to 256
[  343.274219][   T28] audit: type=1400 audit(2000000806.161:1526): avc:  denied  { setattr } for  pid=6885 comm="syz.0.1994" name="" dev="pipefs" ino=48466 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  343.281601][ T6887] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  343.301281][ T6867] EXT4-fs (loop4): no journal found
[  343.319966][ T6867] EXT4-fs (loop4): can't get journal size
[  343.345985][   T28] audit: type=1400 audit(2000000806.201:1527): avc:  denied  { unlink } for  pid=6885 comm="syz.0.1994" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  343.402842][ T6867] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  344.231141][   T28] audit: type=1400 audit(2000000807.121:1528): avc:  denied  { lock } for  pid=6886 comm="syz.3.1993" path="/34/file0/file0" dev="loop3" ino=1048814 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  344.560619][ T6904] loop1: detected capacity change from 0 to 256
[  344.587441][ T6904] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  344.778404][  T318] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  345.115384][  T318] usb 4-1: Using ep0 maxpacket: 16
[  345.168423][ T3720] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  345.193733][ T6596] EXT4-fs (loop4): unmounting filesystem.
[  345.300119][  T318] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  345.308372][  T318] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  345.340124][  T318] usb 4-1: config 0 has no interface number 0
[  345.346164][  T318] usb 4-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  345.432416][ T3720] usb 1-1: Using ep0 maxpacket: 16
[  345.470205][ T6921] serio: Serial port ptm0
[  345.486992][  T318] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  345.563879][  T318] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  345.674016][  T318] usb 4-1: Product: syz
[  345.682319][  T318] usb 4-1: SerialNumber: syz
[  345.690900][  T318] usb 4-1: config 0 descriptor??
[  347.218203][  T318] snd-usb-audio: probe of 4-1:0.2 failed with error -2
[  347.229948][  T318] usb 4-1: USB disconnect, device number 39
[  347.350674][ T3720] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  347.359713][ T3720] usb 1-1: config 0 has no interface number 0
[  347.366244][ T3720] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid maxpacket 29030, setting to 1024
[  347.375752][ T6939] loop4: detected capacity change from 0 to 256
[  347.377461][ T3720] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  347.395249][ T6936] loop2: detected capacity change from 0 to 256
[  347.405821][ T6936] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  347.419391][ T6936] exFAT-fs (loop2): error, invalid access to FAT bad cluster (entry 0x00000005)
[  347.428253][ T6936] exFAT-fs (loop2): Filesystem has been set read-only
[  347.434882][ T6936] exFAT-fs (loop2): failed to initialize root inode
[  347.444786][ T6939] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  347.878741][ T6951] xt_CONNSECMARK: invalid mode: 0
[  348.139620][ T3720] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  348.149569][ T3720] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  348.159812][ T3720] usb 1-1: Product: syz
[  348.165572][ T3720] usb 1-1: SerialNumber: syz
[  348.173896][ T3720] usb 1-1: config 0 descriptor??
[  348.182110][ T6958] loop3: detected capacity change from 0 to 512
[  348.198669][ T3720] usb 1-1: can't set config #0, error -71
[  348.205310][ T3720] usb 1-1: USB disconnect, device number 37
[  348.352786][ T6958] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  348.361831][ T6958] ext4 filesystem being mounted at /36/bus supports timestamps until 2038 (0x7fffffff)
[  348.795381][ T6977] Bluetooth: hci0: Frame reassembly failed (-84)
[  349.399930][ T6990] fuse: Bad value for 'fd'
[  349.476628][ T6991] loop2: detected capacity change from 0 to 256
[  350.128461][  T339] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  350.139074][ T7008] loop2: detected capacity change from 0 to 128
[  350.157760][ T7008] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  350.168151][ T7008] ext4 filesystem being mounted at /76/mnt supports timestamps until 2038 (0x7fffffff)
[  350.435992][  T339] usb 2-1: Using ep0 maxpacket: 16
[  350.559265][  T339] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  350.567253][  T339] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  350.577186][  T339] usb 2-1: config 0 has no interface number 0
[  350.583067][  T339] usb 2-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  350.708448][  T339] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  350.718206][  T339] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  350.726485][  T339] usb 2-1: Product: syz
[  350.730537][  T339] usb 2-1: SerialNumber: syz
[  350.735575][  T339] usb 2-1: config 0 descriptor??
[  350.795558][  T339] snd-usb-audio: probe of 2-1:0.2 failed with error -2
[  350.838336][ T5043] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  350.838363][ T1900] Bluetooth: hci0: command 0x1003 tx timeout
[  350.876295][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  350.985186][ T3720] usb 2-1: USB disconnect, device number 42
[  350.992735][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  351.318793][ T3049] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  351.688470][ T3049] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.699436][ T3049] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.709617][ T3049] usb 1-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  351.718859][ T3049] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.744648][ T3049] usb 1-1: config 0 descriptor??
[  352.178092][ T7044] fuse: Bad value for 'fd'
[  352.253942][ T7045] loop2: detected capacity change from 0 to 256
[  352.411575][ T3049] elo 0003:04E7:0030.0048: unknown main item tag 0xd
[  352.427129][ T3049] elo 0003:04E7:0030.0048: hidraw0: USB HID v0.00 Device [HID 04e7:0030] on usb-dummy_hcd.0-1/input0
[  352.457844][ T7047] loop4: detected capacity change from 0 to 1024
[  352.465150][ T7047] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  352.523908][ T7047] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2037'.
[  352.532868][   T40] usb 1-1: USB disconnect, device number 38
[  352.705319][ T7055] ------------[ cut here ]------------
[  352.710799][ T7055] Please remove unsupported %[  352.715712][ T7055] WARNING: CPU: 1 PID: 7055 at lib/vsprintf.c:2661 format_decode+0x12d2/0x1f10
[  352.724600][ T7055] Modules linked in:
[  352.728275][ T7055] CPU: 1 PID: 7055 Comm: syz.3.2039 Not tainted 6.1.90-syzkaller-00122-g7fa70ede91bb #0
[  352.737847][ T7055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  352.747765][ T7055] RIP: 0010:format_decode+0x12d2/0x1f10
[  352.753142][ T7055] Code: 5b 02 01 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 07 84 c0 0f 85 30 0c 00 00 41 0f be 36 48 c7 c7 80 2c 0a 86 e8 ee 7a 30 fc <0f> 0b e9 01 fa ff ff 48 8b 4c 24 18 80 e1 07 38 c1 0f 8c e3 ed ff
[  352.759409][ T7052] loop1: detected capacity change from 0 to 40427
[  352.772652][ T7055] RSP: 0018:ffffc900085d75c0 EFLAGS: 00010246
[  352.784712][ T7055] RAX: 440595db0987e000 RBX: 00000000ffffffdb RCX: 0000000000040000
[  352.784933][ T7056] loop3: detected capacity change from 0 to 256
[  352.792543][ T7055] RDX: ffffc90001dd9000 RSI: 0000000000000516 RDI: 0000000000000517
[  352.806404][ T7055] RBP: ffffc900085d76b0 R08: ffffffff81449e5e R09: ffffed103ee24e9b
[  352.814248][ T7055] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff0a00ffffff00
[  352.822070][ T7055] R13: ffff0000ffffff00 R14: ffffc900085d78ec R15: 1ffff920010baf1d
[  352.829863][ T7055] FS:  00007f7a35ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  352.837545][ T7052] F2FS-fs (loop1): Found nat_bits in checkpoint
[  352.838627][ T7055] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  352.838650][ T7055] CR2: 0000001b31e1bff8 CR3: 0000000129862000 CR4: 00000000003526a0
[  352.838671][ T7055] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  352.866697][ T7055] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  352.874539][ T7055] Call Trace:
[  352.877636][ T7055]  <TASK>
[  352.880449][ T7055]  ? show_regs+0x58/0x60
[  352.884583][ T7055]  ? __warn+0x160/0x3d0
[  352.887173][ T7052] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  352.888637][ T7055]  ? format_decode+0x12d2/0x1f10
[  352.900686][ T7055]  ? report_bug+0x4d5/0x7d0
[  352.902449][ T7057] f2fs_ckpt-7:1: attempt to access beyond end of device
[  352.902449][ T7057] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  352.904975][ T7055]  ? format_decode+0x12d2/0x1f10
[  352.921716][ T7052] syz.1.2038: attempt to access beyond end of device
[  352.921716][ T7052] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  352.923660][ T7055]  ? handle_bug+0x41/0x70
[  352.937686][ T7052] syz.1.2038: attempt to access beyond end of device
[  352.937686][ T7052] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  352.941539][ T7055]  ? exc_invalid_op+0x1b/0x50
[  352.941566][ T7055]  ? asm_exc_invalid_op+0x1b/0x20
[  352.964166][ T7055]  ? __warn_printk+0x28e/0x350
[  352.968798][ T7055]  ? format_decode+0x12d2/0x1f10
[  352.973544][ T7055]  ? vsnprintf+0x1c70/0x1c70
[  352.977965][ T7055]  ? bstr_printf+0x1b6/0x10c0
[  352.982528][ T7055]  ? memcpy+0x56/0x70
[  352.986305][ T7055]  bstr_printf+0x130/0x10c0
[  352.990706][ T7055]  ? bpf_bprintf_cleanup+0xc0/0xc0
[  352.995588][ T7055]  ? vbin_printf+0x1bc0/0x1bc0
[  353.000207][ T7055]  ? bpf_trace_printk+0x122/0x330
[  353.005045][ T7055]  ? memcpy+0x56/0x70
[  353.008900][ T7055]  bpf_trace_printk+0x1b5/0x330
[  353.013551][ T7055]  ? kmem_cache_alloc+0x175/0x2c0
[  353.018444][ T7055]  ? ktime_get+0xf1/0x160
[  353.022577][ T7055]  ? bpf_probe_write_user+0xf0/0xf0
[  353.026183][   T28] audit: type=1326 audit(2000000815.906:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.3.2039" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a34f773b9 code=0x0
[  353.027608][ T7055]  ? do_syscall_64+0x3b/0xb0
[  353.054723][ T7055]  ? ktime_get+0xf1/0x160
[  353.058898][ T7055]  bpf_prog_12183cdb1cd51dab+0x2e/0x32
[  353.064158][ T7055]  bpf_test_run+0x4ab/0xa40
[  353.068541][ T7055]  ? convert___skb_to_skb+0x670/0x670
[  353.073697][ T7055]  ? eth_type_trans+0x342/0x710
[  353.078452][ T7055]  ? eth_get_headlen+0x240/0x240
[  353.083158][ T7055]  ? convert___skb_to_skb+0x44/0x670
[  353.088313][ T7055]  ? build_skb+0xde/0x220
[  353.092459][ T7055]  bpf_prog_test_run_skb+0xaf1/0x13a0
[  353.097655][ T7055]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  353.103407][ T7055]  ? __kasan_check_write+0x14/0x20
[  353.108347][ T7055]  ? fput+0x15b/0x1b0
[  353.112144][ T7055]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  353.117916][ T7055]  bpf_prog_test_run+0x3b0/0x630
[  353.122702][ T7055]  ? bpf_prog_query+0x260/0x260
[  353.127339][ T7055]  ? selinux_bpf+0xd2/0x100
[  353.131732][ T7055]  ? security_bpf+0x82/0xb0
[  353.136020][ T7055]  __sys_bpf+0x59f/0x7f0
[  353.140136][ T7055]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  353.145306][ T7055]  ? __x64_sys_futex+0x100/0x100
[  353.150123][ T7055]  ? from_kgid_munged+0x1fa/0x7a0
[  353.154941][ T7055]  ? fpregs_restore_userregs+0x130/0x290
[  353.160440][ T7055]  __x64_sys_bpf+0x7c/0x90
[  353.164658][ T7055]  x64_sys_call+0x87f/0x9a0
[  353.169060][ T7055]  do_syscall_64+0x3b/0xb0
[  353.173251][ T7055]  ? clear_bhb_loop+0x55/0xb0
[  353.177764][ T7055]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  353.183530][ T7055] RIP: 0033:0x7f7a34f773b9
[  353.187743][ T7055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.207248][ T7055] RSP: 002b:00007f7a35ca8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  353.215461][ T7055] RAX: ffffffffffffffda RBX: 00007f7a35105f80 RCX: 00007f7a34f773b9
[  353.223258][ T7055] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a
[  353.231076][ T7055] RBP: 00007f7a34fe48e6 R08: 0000000000000000 R09: 0000000000000000
[  353.239204][ T7055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.247009][ T7055] R13: 000000000000000b R14: 00007f7a35105f80 R15: 00007ffc08885938
[  353.255007][ T7055]  </TASK>
[  353.257902][ T7055] ---[ end trace 0000000000000000 ]---
[  353.567035][ T7080] loop1: detected capacity change from 0 to 256
[  353.648151][   T40] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  353.668601][ T7080] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  353.798717][ T7086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2046'.
[  354.169688][   T40] usb 3-1: Using ep0 maxpacket: 16
[  354.288715][   T40] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  354.315873][   T40] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  354.348689][   T40] usb 3-1: config 0 has no interface number 0
[  354.373833][   T40] usb 3-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  354.445006][   T28] audit: type=1400 audit(2000000817.326:1530): avc:  denied  { execute } for  pid=7089 comm="syz.0.2047" path="/19/file0/bus" dev="ramfs" ino=50516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  354.618457][   T40] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  355.040414][   T40] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  355.048335][   T40] usb 3-1: Product: syz
[  355.052391][   T40] usb 3-1: SerialNumber: syz
[  355.057662][   T40] usb 3-1: config 0 descriptor??
[  356.294873][   T40] snd-usb-audio: probe of 3-1:0.2 failed with error -2
[  356.341515][  T319] usb 3-1: USB disconnect, device number 36
[  356.393601][ T7118] loop2: detected capacity change from 0 to 1024
[  356.402830][ T7118] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  356.417358][ T7121] input: syz0 as /devices/virtual/input/input41
[  357.043293][ T7137] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2060'.
[  357.118692][ T3720] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  357.358379][ T3720] usb 4-1: Using ep0 maxpacket: 16
[  357.488503][ T3720] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  357.509691][ T3720] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  357.518713][ T3720] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.537728][ T3720] usb 4-1: config 0 descriptor??
[  357.706857][  T319] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  357.719895][ T3720] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  357.818009][ T7162] syz.1.2069[7162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.818081][ T7162] syz.1.2069[7162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.830418][ T7162] syz.1.2069[7162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.841882][ T7162] syz.1.2069[7162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.948390][  T319] usb 5-1: Using ep0 maxpacket: 32
[  358.138045][ T7165] fuse: Bad value for 'fd'
[  358.194576][ T7166] loop1: detected capacity change from 0 to 256
[  358.201331][  T339] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  358.218461][  T319] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  358.229564][  T319] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  358.240640][  T319] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  358.250343][  T319] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.259128][  T319] usb 5-1: config 0 descriptor??
[  358.278537][ T7143] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  358.303904][  T319] hub 5-1:0.0: USB hub found
[  358.498357][  T339] usb 3-1: Using ep0 maxpacket: 16
[  358.508567][  T319] hub 5-1:0.0: 2 ports detected
[  358.628595][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.639536][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.649130][  T339] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  358.661825][  T339] usb 3-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  358.670637][  T339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.679220][  T339] usb 3-1: config 0 descriptor??
[  358.743452][ T7173] loop1: detected capacity change from 0 to 1024
[  358.750263][ T7173] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  358.795864][ T7173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2073'.
[  358.988410][  T319] hub 5-1:0.0: set hub depth failed
[  359.029452][  T319] usb 5-1: USB disconnect, device number 40
[  359.139591][  T339] ryos 0003:1E7D:31CE.0049: unknown main item tag 0x0
[  359.146259][  T339] ryos 0003:1E7D:31CE.0049: item fetching failed at offset 7/11
[  359.328348][  T339] ryos 0003:1E7D:31CE.0049: parse failed
[  359.335404][  T339] ryos: probe of 0003:1E7D:31CE.0049 failed with error -22
[  359.408208][ T3720] usb 4-1: USB disconnect, device number 40
[  359.413080][  T339] usb 3-1: USB disconnect, device number 37
[  360.637312][ T5043] Bluetooth: hci0: sending frame failed (-49)
[  360.644390][ T1900] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  360.651157][ T7192] serio: Serial port ptm1
[  361.178472][ T7212] loop2: detected capacity change from 0 to 1024
[  361.190116][ T7212] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  361.265899][ T7212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2085'.
[  362.946983][ T7243] loop1: detected capacity change from 0 to 16
[  362.986542][ T7243] erofs: (device loop1): mounted with root inode @ nid 36.
[  363.131056][ T7255] futex_wake_op: syz.4.2098 tries to shift op by 32; fix this program
[  363.233938][  T339] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  363.277754][ T7256] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=46
[  363.342634][ T7258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2098'.
[  363.618349][  T339] usb 3-1: Using ep0 maxpacket: 32
[  363.738416][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  363.751269][ T7253] loop3: detected capacity change from 0 to 40427
[  363.755673][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  363.769126][  T339] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  363.837812][ T7253] F2FS-fs (loop3): Found nat_bits in checkpoint
[  363.839509][  T339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.921892][ T7253] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  363.923428][  T339] usb 3-1: config 0 descriptor??
[  363.948470][ T7233] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  363.948468][ T7259] f2fs_ckpt-7:3: attempt to access beyond end of device
[  363.948468][ T7259] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  363.969660][ T7253] syz.3.2097: attempt to access beyond end of device
[  363.969660][ T7253] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  363.984375][ T7253] syz.3.2097: attempt to access beyond end of device
[  363.984375][ T7253] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  364.635082][  T339] hub 3-1:0.0: USB hub found
[  364.662986][ T7272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2102'.
[  364.755197][  T339] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  365.009514][  T339] usbhid 3-1:0.0: can't add hid device: -71
[  365.032625][  T339] usbhid: probe of 3-1:0.0 failed with error -71
[  365.179450][  T339] usb 3-1: USB disconnect, device number 38
[  365.240857][ T7289] loop1: detected capacity change from 0 to 1024
[  365.247412][ T7289] EXT4-fs: Ignoring removed orlov option
[  365.268410][ T7289] EXT4-fs: Ignoring removed nomblk_io_submit option
[  365.300967][ T7289] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  366.318276][    C1] sched: RT throttling activated
[  366.401231][ T7300] loop4: detected capacity change from 0 to 256
[  366.471948][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  366.519542][   T28] audit: type=1400 audit(2000000829.406:1531): avc:  denied  { mounton } for  pid=7297 comm="syz.4.2110" path="/44/file0/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  366.544754][   T28] audit: type=1326 audit(2000000829.426:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7297 comm="syz.4.2110" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b689773b9 code=0x0
[  366.738390][  T339] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  366.768428][  T737] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  366.978354][  T339] usb 3-1: Using ep0 maxpacket: 16
[  367.028318][  T737] usb 1-1: Using ep0 maxpacket: 32
[  367.108464][  T339] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  367.168515][  T737] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  367.186401][  T737] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  367.209381][  T737] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  367.228351][  T737] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.247358][ T7317] loop4: detected capacity change from 0 to 512
[  367.268734][ T7317] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  367.268787][  T737] usb 1-1: config 0 descriptor??
[  367.301333][ T6596] EXT4-fs (loop4): unmounting filesystem.
[  367.308583][ T7310] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  367.315618][  T339] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[  367.326795][  T339] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.335665][  T737] hub 1-1:0.0: USB hub found
[  367.340321][  T339] usb 3-1: Product: syz
[  367.344392][  T339] usb 3-1: Manufacturer: syz
[  367.351253][  T339] usb 3-1: SerialNumber: syz
[  367.356464][  T339] usb 3-1: config 0 descriptor??
[  367.538537][  T737] hub 1-1:0.0: 2 ports detected
[  368.128506][  T339] usb 3-1: Found UVC 0.00 device syz (045e:0721)
[  368.134783][  T339] usb 3-1: No valid video chain found.
[  368.232094][  T737] hub 1-1:0.0: set hub depth failed
[  368.238609][  T319] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  369.313326][ T3720] usb 3-1: USB disconnect, device number 39
[  369.324963][  T737] usb 1-1: USB disconnect, device number 39
[  370.377304][ T7343] loop1: detected capacity change from 0 to 1024
[  370.383920][ T7343] EXT4-fs: Ignoring removed orlov option
[  370.389839][ T7343] EXT4-fs: Ignoring removed nomblk_io_submit option
[  370.400622][ T7343] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  370.438347][  T319] usb 4-1: Using ep0 maxpacket: 16
[  370.516165][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  370.538368][  T319] usb 4-1: unable to read config index 0 descriptor/start: -71
[  370.546339][  T319] usb 4-1: can't read configurations, error -71
[  370.569189][   T28] audit: type=1400 audit(2000000833.456:1533): avc:  denied  { write } for  pid=7359 comm="syz.1.2130" path="socket:[50146]" dev="sockfs" ino=50146 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  370.678397][ T3049] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  373.358560][ T3049] usb 5-1: Using ep0 maxpacket: 16
[  373.394340][ T7383] overlayfs: statfs failed on './file0'
[  373.468482][ T3049] usb 5-1: device descriptor read/all, error -71
[  373.978333][  T319] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  374.218324][  T319] usb 4-1: Using ep0 maxpacket: 32
[  375.348478][  T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  375.360142][  T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  375.407597][  T319] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  375.428549][  T319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.460917][  T319] usb 4-1: config 0 descriptor??
[  375.472656][ T7417] overlayfs: statfs failed on './file0'
[  375.478492][ T7392] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  375.499484][  T319] hub 4-1:0.0: USB hub found
[  375.570576][ T7425] fuse: Bad value for 'fd'
[  375.588349][  T339] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  375.695806][ T7428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2157'.
[  375.757482][  T319] hub 4-1:0.0: 2 ports detected
[  375.908340][  T339] usb 3-1: device descriptor read/64, error -71
[  376.028345][ T3720] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  376.108366][ T3049] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  376.198369][  T319] hub 4-1:0.0: set hub depth failed
[  376.259353][  T319] usb 4-1: USB disconnect, device number 42
[  376.308401][  T339] usb 3-1: device descriptor read/64, error -71
[  376.359995][ T3049] usb 5-1: Using ep0 maxpacket: 32
[  376.418492][ T3720] usb 2-1: config 0 has an invalid interface number: 127 but max is 1
[  376.426614][ T3720] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 225
[  376.440503][ T3720] usb 2-1: config 0 has no interface number 1
[  376.446409][ T3720] usb 2-1: config 0 interface 127 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  376.459675][ T3720] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 29
[  376.478407][ T3049] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  376.492370][ T3049] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  376.502120][ T3049] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  376.511120][ T3049] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.519843][ T3049] usb 5-1: config 0 descriptor??
[  376.535350][   T28] audit: type=1400 audit(2000000839.416:1534): avc:  denied  { mount } for  pid=7441 comm="syz.0.2163" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  376.578448][  T339] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  376.616393][ T3049] hub 5-1:0.0: USB hub found
[  376.658497][ T3720] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  376.667564][ T3720] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.675335][ T3720] usb 2-1: Product: syz
[  376.679325][ T3720] usb 2-1: Manufacturer: syz
[  376.683853][ T3720] usb 2-1: SerialNumber: syz
[  376.691727][ T3720] usb 2-1: config 0 descriptor??
[  376.948435][ T3049] hub 5-1:0.0: 1 port detected
[  376.953690][ T3720] usb-storage 2-1:0.127: USB Mass Storage device detected
[  376.963022][ T3720] usb-storage 2-1:0.127: Quirks match for vid 1908 pid 1315: 20000
[  376.999724][ T3720] usb-storage 2-1:0.0: USB Mass Storage device detected
[  377.007523][ T3720] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  377.078445][  T339] usb 3-1: device descriptor read/64, error -71
[  377.154601][ T7428] loop1: detected capacity change from 0 to 1024
[  377.170464][ T7428] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  377.180772][  T737] usb 2-1: USB disconnect, device number 43
[  377.399109][ T3720] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  377.468420][  T339] usb 3-1: device descriptor read/64, error -71
[  377.588550][  T339] usb usb3-port1: attempt power cycle
[  377.618500][  T319] hub 5-1:0.0: activate --> -90
[  377.648355][ T3720] usb 4-1: Using ep0 maxpacket: 16
[  377.694509][ T4371] EXT4-fs (loop1): unmounting filesystem.
[  378.038249][ T3720] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  378.138379][  T339] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  378.175273][ T7483] loop1: detected capacity change from 0 to 512
[  378.208440][ T3720] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[  378.217575][ T3720] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.225440][ T3720] usb 4-1: Product: syz
[  378.229454][ T3720] usb 4-1: Manufacturer: syz
[  378.233796][ T3720] usb 4-1: SerialNumber: syz
[  378.238954][ T3720] usb 4-1: config 0 descriptor??
[  378.259114][   T40] usb 5-1: USB disconnect, device number 43
[  378.268489][  T319] usb 5-1-port1: config error
[  378.308422][  T339] usb 3-1: device descriptor read/8, error -71
[  378.425211][ T7485] loop2: detected capacity change from 0 to 1024
[  378.431890][ T7485] EXT4-fs: Ignoring removed orlov option
[  378.437823][ T7485] EXT4-fs (loop2): Test dummy encryption mode enabled
[  378.447089][ T7485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  378.578422][  T339] usb 3-1: device descriptor read/8, error -71
[  378.708496][ T3720] usb 4-1: Found UVC 0.00 device syz (045e:0721)
[  378.717043][ T3720] usb 4-1: No valid video chain found.
[  379.166336][ T3720] usb 4-1: USB disconnect, device number 43
[  379.170165][  T339] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  379.358434][  T339] usb 3-1: device descriptor read/8, error -71
[  379.548380][  T319] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  379.628463][  T339] usb 3-1: device descriptor read/8, error -71
[  379.748507][  T339] usb usb3-port1: unable to enumerate USB device
[  379.751029][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2189'.
[  379.763448][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2189'.
[  379.774437][ T7526] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2189'.
[  379.808396][  T319] usb 5-1: Using ep0 maxpacket: 32
[  380.056765][ T7534] serio: Serial port ptm0
[  380.119833][  T319] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  380.129838][  T319] usb 5-1: config 0 has no interfaces?
[  380.308450][  T319] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  380.317365][  T319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.325243][  T319] usb 5-1: Product: syz
[  380.329270][  T319] usb 5-1: Manufacturer: syz
[  380.333791][  T319] usb 5-1: SerialNumber: syz
[  380.339217][  T319] usb 5-1: config 0 descriptor??
[  381.380113][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2200'.
[  381.388946][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2200'.
[  381.399979][ T7561] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2200'.
[  381.408372][  T339] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  381.808456][  T339] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  382.198875][  T339] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=7a.b1
[  382.207806][  T339] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.215666][  T339] usb 2-1: Product: syz
[  382.219691][  T339] usb 2-1: Manufacturer: syz
[  382.224101][  T339] usb 2-1: SerialNumber: syz
[  382.229386][  T339] usb 2-1: config 0 descriptor??
[  382.269434][  T339] usb_ehset_test: probe of 2-1:0.0 failed with error -32
[  382.602798][ T7586] serio: Serial port ptm1
[  382.643422][  T339] usb 2-1: USB disconnect, device number 44
[  382.761475][   T40] usb 5-1: USB disconnect, device number 44
[  382.807417][ T7595] loop3: detected capacity change from 0 to 256
[  382.814000][ T7595] FAT-fs (loop3): Unrecognized mount option "fowner>00000000000000000000" or missing value
[  382.843092][ T7595] loop3: detected capacity change from 0 to 512
[  382.849939][ T7595] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  382.863675][ T7595] EXT4-fs error (device loop3): mb_free_blocks:1815: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  382.878750][ T7595] EXT4-fs (loop3): Remounting filesystem read-only
[  382.885238][ T7595] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2212: invalid indirect mapped block 1 (level 1)
[  382.899365][ T7595] EXT4-fs (loop3): 1 truncate cleaned up
[  382.904916][ T7595] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  383.883353][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  384.147884][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  384.266293][ T7618] loop3: detected capacity change from 0 to 128
[  384.284519][ T7618] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  384.295121][ T7618] ext4 filesystem being mounted at /79/mnt supports timestamps until 2038 (0x7fffffff)
[  385.630876][ T5871] EXT4-fs (loop2): unmounting filesystem.
[  386.870332][ T6239] EXT4-fs (loop3): unmounting filesystem.
[  386.877486][ T7641] loop4: detected capacity change from 0 to 256
[  386.884613][ T7641] FAT-fs (loop4): Unrecognized mount option "fowner>00000000000000000000" or missing value
[  386.957364][ T7644] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.973338][ T7641] loop4: detected capacity change from 0 to 512
[  386.985210][ T7641] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  386.989784][ T7644] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.004538][ T7644] device bridge_slave_0 entered promiscuous mode
[  387.020077][ T7641] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  387.025521][ T7644] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.035810][ T7641] EXT4-fs (loop4): Remounting filesystem read-only
[  387.311982][ T7641] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2224: invalid indirect mapped block 1 (level 1)
[  387.325109][ T7644] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.325752][ T7644] device bridge_slave_1 entered promiscuous mode
[  387.338808][ T7641] EXT4-fs (loop4): 1 truncate cleaned up
[  387.344365][ T7641] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  387.513070][ T7660] serio: Serial port ptm0
[  387.849965][ T3049] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  388.001113][ T6596] EXT4-fs (loop4): unmounting filesystem.
[  388.035197][ T7665] loop4: detected capacity change from 0 to 128
[  388.051785][ T7665] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  388.071210][ T7665] syz.4.2228: attempt to access beyond end of device
[  388.071210][ T7665] loop4: rw=2051, sector=104, nr_sectors = 937 limit=128
[  388.208372][ T3049] usb 2-1: Using ep0 maxpacket: 32
[  388.226617][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  388.234297][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  388.259847][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  388.269480][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  388.277583][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.284490][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  388.306179][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  388.328392][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  388.339894][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  388.348230][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  388.356805][ T3040] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.363702][ T3040] bridge0: port 2(bridge_slave_1) entered forwarding state
[  388.371874][ T3049] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.381727][ T3049] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  388.391040][ T3049] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.403830][ T3049] usb 2-1: config 0 descriptor??
[  388.409967][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  388.440242][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  388.449024][ T3049] hub 2-1:0.0: USB hub found
[  388.468064][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  388.493752][ T7669] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.500670][ T7669] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.508137][ T7669] device bridge_slave_0 entered promiscuous mode
[  388.515439][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  388.527946][ T7644] device veth0_vlan entered promiscuous mode
[  388.535217][   T10] device bridge_slave_1 left promiscuous mode
[  388.541257][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.549059][   T10] device bridge_slave_0 left promiscuous mode
[  388.554973][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.567230][   T10] device veth1_macvtap left promiscuous mode
[  388.573408][   T10] device veth0_vlan left promiscuous mode
[  388.881395][ T7669] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.888680][ T7669] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.896049][ T7669] device bridge_slave_1 entered promiscuous mode
[  388.902758][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  388.916536][ T7644] device veth1_macvtap entered promiscuous mode
[  388.932028][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  388.940425][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  388.947784][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  388.967797][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  388.976491][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  389.051765][ T7684] loop2: detected capacity change from 0 to 512
[  389.092542][ T7684] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  389.112925][ T7684] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[  389.181500][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  389.193479][  T923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  389.344218][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  389.352704][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  389.360881][ T3719] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.367739][ T3719] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.800099][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  389.810510][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  389.822123][ T3719] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.829130][ T3719] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.836369][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  389.845887][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  389.855980][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  389.865662][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  390.133241][ T7644] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  390.144954][ T7644] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  390.154879][ T7644] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz-executor: Failed to acquire dquot type 0
[  390.166640][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  390.175126][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  390.186582][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  390.195192][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  390.203384][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  390.212324][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  390.220163][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  390.279796][ T7669] device veth0_vlan entered promiscuous mode
[  390.298169][ T7669] device veth1_macvtap entered promiscuous mode
[  390.311587][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  390.320418][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  390.328456][ T1005] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  390.341860][ T7644] EXT4-fs (loop2): unmounting filesystem.
[  390.351954][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  390.364008][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  390.373498][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  390.383532][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  391.561955][   T10] device bridge_slave_1 left promiscuous mode
[  391.601576][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.753537][   T10] device bridge_slave_0 left promiscuous mode
[  391.763696][ T7717] loop4: detected capacity change from 0 to 128
[  391.768353][ T3049] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  391.778507][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.871034][   T10] device veth1_macvtap left promiscuous mode
[  391.877057][   T10] device veth0_vlan left promiscuous mode
[  391.881137][ T7719] loop1: detected capacity change from 0 to 128
[  391.888831][ T3049] usbhid 2-1:0.0: can't add hid device: -71
[  391.894632][ T3049] usbhid: probe of 2-1:0.0 failed with error -71
[  392.238809][ T3049] usb 2-1: USB disconnect, device number 45
[  394.051865][ T7722] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.058923][ T7722] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.066485][ T7722] device bridge_slave_0 entered promiscuous mode
[  394.088090][ T7722] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.453635][ T7722] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.461621][ T7722] device bridge_slave_1 entered promiscuous mode
[  394.553854][   T28] audit: type=1326 audit(2000000857.436:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7757 comm="syz.0.2253" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4d29773b9 code=0x0
[  394.645790][ T7722] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.652741][ T7722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.659872][ T7722] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.666774][ T7722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.697280][ T7767] loop1: detected capacity change from 0 to 128
[  394.726547][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.738401][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.746426][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  394.754269][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  394.765637][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  394.779151][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.785039][   T28] audit: type=1400 audit(2000000857.666:1536): avc:  denied  { mount } for  pid=7770 comm="syz.1.2259" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  394.786014][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.814433][   T28] audit: type=1400 audit(2000000857.696:1537): avc:  denied  { remount } for  pid=7770 comm="syz.1.2259" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  394.837959][   T28] audit: type=1400 audit(2000000857.696:1538): avc:  denied  { unmount } for  pid=4371 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  394.846548][ T7773] loop1: detected capacity change from 0 to 256
[  394.869949][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  394.878251][ T3049] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.885206][ T3049] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.929214][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  394.937131][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  394.971637][ T7777] loop3: detected capacity change from 0 to 128
[  395.007980][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  395.024645][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  395.033531][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  395.042574][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  395.065440][ T7722] device veth0_vlan entered promiscuous mode
[  395.078652][ T7722] device veth1_macvtap entered promiscuous mode
[  395.090108][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  395.098185][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  395.568417][ T3719] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  395.710853][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  395.718821][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  395.727310][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  395.735679][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  395.753085][ T3049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  396.758370][ T3719] usb 2-1: Using ep0 maxpacket: 16
[  396.813927][ T7797] loop4: detected capacity change from 0 to 128
[  396.859557][ T7798] loop2: detected capacity change from 0 to 8192
[  396.886076][ T7808] loop4: detected capacity change from 0 to 512
[  396.918858][ T7805] loop3: detected capacity change from 0 to 8192
[  396.926086][ T7808] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  396.935880][ T7808] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038 (0x7fffffff)
[  396.948424][ T3719] usb 2-1: config 0 has an invalid interface number: 242 but max is 1
[  396.957455][ T3719] usb 2-1: config 0 has no interface number 1
[  396.963743][ T3719] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x7 has invalid wMaxPacketSize 0
[  396.969327][ T7808] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #19: comm syz.4.2272: corrupted inode contents
[  396.980166][ T3719] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x7 has invalid maxpacket 0
[  396.985683][ T7808] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #19: comm syz.4.2272: mark_inode_dirty error
[  397.010472][ T7808] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #19: comm syz.4.2272: corrupted inode contents
[  397.022213][ T3719] usb 2-1: config 0 interface 0 has no altsetting 0
[  397.030594][ T7808] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2955: inode #19: comm syz.4.2272: mark_inode_dirty error
[  397.052801][ T7808] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2958: inode #19: comm syz.4.2272: mark inode dirty (error -117)
[  397.065730][   T10] device bridge_slave_1 left promiscuous mode
[  397.067292][ T7798] tipc: Failed to remove unknown binding: 66,1,1/0:1589020105/1589020107
[  397.072408][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.083228][ T7798] tipc: Failed to remove unknown binding: 66,1,1/0:1589020105/1589020107
[  397.102378][   T10] device bridge_slave_0 left promiscuous mode
[  397.104849][ T7808] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117)
[  397.108509][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.128056][   T10] device veth1_macvtap left promiscuous mode
[  397.134331][   T10] device veth0_vlan left promiscuous mode
[  397.180428][ T6596] EXT4-fs (loop4): unmounting filesystem.
[  397.192080][ T7817] loop2: detected capacity change from 0 to 128
[  397.198427][ T3719] usb 2-1: New USB device found, idVendor=067b, idProduct=aaa8, bcdDevice=c3.0c
[  397.207387][  T318] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  397.227871][ T3719] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.302968][ T3719] usb 2-1: Product: syz
[  397.307253][ T3719] usb 2-1: Manufacturer: syz
[  397.312048][ T3719] usb 2-1: SerialNumber: syz
[  397.317581][ T3719] usb 2-1: config 0 descriptor??
[  398.170705][ T3719] pl2303 2-1:0.0: required endpoints missing
[  398.373552][  T318] usb 1-1: device descriptor read/64, error -71
[  398.393242][ T7833] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  398.404826][ T7833] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  398.413073][ T7833] CPU: 1 PID: 7833 Comm: syz.3.2278 Tainted: G        W          6.1.90-syzkaller-00122-g7fa70ede91bb #0
[  398.424094][ T7833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  398.433986][ T7833] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  398.440055][ T7833] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 6c 02 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 d1 1f 25 00 48 89 5c 24 18 4c 8b
[  398.459618][ T7833] RSP: 0018:ffffc9000121f6a0 EFLAGS: 00010246
[  398.465517][ T7833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  398.473325][ T7833] RDX: ffffc90001dd9000 RSI: 00000000000000d7 RDI: 00000000000000d8
[  398.481140][ T7833] RBP: ffffc9000121f7f8 R08: 0000000000000005 R09: ffffffff8412c413
[  398.488947][ T7833] R10: 0000000000000004 R11: ffff88811aac0000 R12: dffffc0000000000
[  398.496761][ T7833] R13: ffff8881218c03c0 R14: 1ffff92000243ee0 R15: 0000000000000000
[  398.504574][ T7833] FS:  00007f7a35ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  398.513336][ T7833] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  398.519759][ T7833] CR2: 0000000020002000 CR3: 000000012673f000 CR4: 00000000003506a0
[  398.527575][ T7833] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  398.535382][ T7833] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  398.543193][ T7833] Call Trace:
[  398.546320][ T7833]  <TASK>
[  398.549187][ T7833]  ? __die_body+0x62/0xb0
[  398.553348][ T7833]  ? die_addr+0x9f/0xd0
[  398.557343][ T7833]  ? exc_general_protection+0x317/0x4c0
[  398.562731][ T7833]  ? asm_exc_general_protection+0x27/0x30
[  398.568282][ T7833]  ? xdp_do_generic_redirect+0x303/0xad0
[  398.573744][ T7833]  ? dev_map_generic_redirect+0x90/0x7d0
[  398.579212][ T7833]  ? kasan_quarantine_put+0x34/0x1a0
[  398.584418][ T7833]  ? kfree+0x7a/0xf0
[  398.588154][ T7833]  ? bq_enqueue+0x3e0/0x3e0
[  398.592492][ T7833]  ? bpf_prog_run_generic_xdp+0xa35/0x1200
[  398.598137][ T7833]  xdp_do_generic_redirect+0x411/0xad0
[  398.603430][ T7833]  do_xdp_generic+0x53e/0x800
[  398.607940][ T7833]  ? generic_xdp_tx+0x560/0x560
[  398.612629][ T7833]  ? tun_get_user+0x2340/0x3a90
[  398.617320][ T7833]  tun_get_user+0x238a/0x3a90
[  398.621828][ T7833]  ? cpu_curr_snapshot+0x90/0x90
[  398.626606][ T7833]  ? tun_do_read+0x2000/0x2000
[  398.631199][ T7833]  ? ref_tracker_alloc+0x31d/0x450
[  398.636147][ T7833]  ? ref_tracker_dir_print+0x160/0x160
[  398.641447][ T7833]  ? avc_policy_seqno+0x1b/0x70
[  398.646128][ T7833]  ? tun_get+0xe9/0x120
[  398.650123][ T7833]  tun_chr_write_iter+0x129/0x210
[  398.655185][ T7833]  vfs_write+0x902/0xeb0
[  398.659348][ T7833]  ? file_end_write+0x1c0/0x1c0
[  398.664025][ T7833]  ? do_futex+0x501/0x9a0
[  398.668191][ T7833]  ? __fget_files+0x2cb/0x330
[  398.672704][ T7833]  ? __fdget_pos+0x204/0x390
[  398.677128][ T7833]  ? ksys_write+0x77/0x2c0
[  398.681382][ T7833]  ksys_write+0x199/0x2c0
[  398.685547][ T7833]  ? save_fpregs_to_fpstate+0x220/0x220
[  398.690929][ T7833]  ? __ia32_sys_read+0x90/0x90
[  398.695532][ T7833]  ? fpregs_restore_userregs+0x130/0x290
[  398.701003][ T7833]  __x64_sys_write+0x7b/0x90
[  398.705510][ T7833]  x64_sys_call+0x2f/0x9a0
[  398.709764][ T7833]  do_syscall_64+0x3b/0xb0
[  398.714017][ T7833]  ? clear_bhb_loop+0x55/0xb0
[  398.718527][ T7833]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  398.724254][ T7833] RIP: 0033:0x7f7a34f75e9f
[  398.728510][ T7833] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  398.747948][ T7833] RSP: 002b:00007f7a35ca8010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  398.756193][ T7833] RAX: ffffffffffffffda RBX: 00007f7a35105f80 RCX: 00007f7a34f75e9f
[  398.764006][ T7833] RDX: 0000000000000d86 RSI: 0000000020001580 RDI: 00000000000000c8
[  398.771815][ T7833] RBP: 00007f7a34fe48e6 R08: 0000000000000000 R09: 0000000000000000
[  398.779629][ T7833] R10: 0000000000000d86 R11: 0000000000000293 R12: 0000000000000000
[  398.787441][ T7833] R13: 000000000000000b R14: 00007f7a35105f80 R15: 00007ffc08885938
[  398.795261][ T7833]  </TASK>
[  398.798112][ T7833] Modules linked in:
[  398.801947][ T7833] ---[ end trace 0000000000000000 ]---
[  398.807154][ T7833] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  398.813274][ T7833] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 6c 02 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 d1 1f 25 00 48 89 5c 24 18 4c 8b
[  398.832695][ T7833] RSP: 0018:ffffc9000121f6a0 EFLAGS: 00010246
[  398.838589][ T7833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  398.846377][ T7833] RDX: ffffc90001dd9000 RSI: 00000000000000d7 RDI: 00000000000000d8
[  398.854243][ T7833] RBP: ffffc9000121f7f8 R08: 0000000000000005 R09: ffffffff8412c413
[  398.862034][ T7833] R10: 0000000000000004 R11: ffff88811aac0000 R12: dffffc0000000000
[  398.869846][ T7833] R13: ffff8881218c03c0 R14: 1ffff92000243ee0 R15: 0000000000000000
[  398.877616][ T7833] FS:  00007f7a35ca86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  398.886435][ T7833] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  398.892837][ T7833] CR2: 0000000020002000 CR3: 000000012673f000 CR4: 00000000003506a0
[  398.900648][ T7833] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  398.908447][ T7833] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  398.916277][ T7833] Kernel panic - not syncing: Fatal exception in interrupt
[  398.923678][ T7833] Kernel Offset: disabled
[  398.927842][ T7833] Rebooting in 86400 seconds..