last executing test programs:

6.466682406s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000011000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_da_write_pages_extent\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='ext4_da_write_pages_extent\x00', r4}, 0x10)
write$cgroup_int(r2, &(0x7f0000000700), 0x12)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

6.418233473s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x2, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000711239000000000095000007000000001b3e13b94404d3a66f365e284b3e74b548c5a287c52226b7f2c3a25d886566d7d42e8a73921d2802de40ecec92e159e133fb694bfdcdcfb5892312d9ce257add51c3409fa3b088c491f5f391758ad8025a8357a61bd07a319bae33c050ad36d73732da573977e7458ae1464641213c4d5253e1d42ae6870c4c8e2a5b9e27b39db25ecca4133837af0eacb0ecc1327e71cf76693a5e6c7c41e02d7bffe6a6ba6d14a06ee0bb7df8ef23d38d88c3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001100)=ANY=[@ANYBLOB="3400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000140012800b000100627269646765"], 0x34}}, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)

5.118120253s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

5.051111804s ago: executing program 3:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002ac0)=@delchain={0x7c0, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0x778, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x434, 0x5, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x328, 0x6, [@m_ctinfo={0x38, 0x0, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE={0x6}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x124, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @loopback}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @broadcast}}]}, {0xa9, 0x6, "ef93daeef78df7f9a037a0d7a2f92a1cc341deabba437fc636cbf66a843bc4e0304e79be1f16cfa199b042be92c52b0490cb3ccc8a115bd7fba1ddd4a3ea8aa011548c0a44af30d92f016d58b7280bd34278777199f7793bcc30f7c7b74cd6eded8934fa327e1541339075fdc86a745c472c9477faee71092d6a0a50cd377c521c047f0c8b2f4314876961ef4214903d7cb9ade598b7023384c5c8f726e342e8454b6a925d"}, {0xc}, {0xc}}}, @m_connmark={0x140, 0x0, 0x0, 0x0, {{0xd}, {0x58, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}]}, {0xb9, 0x6, "66396e732cf67237ecb590a592c571fa73ca19ec26dea927df7162b385d80fe15ca7f5cb6a4d958bd18714cd4f89f48d039d7da0dc8795f6ad32634b6b66cf821e93079c15dda212b0b37b761850342ebe270d64e92b80cf9114d976338d2dbd729e033dcd00b517933d3e64d73a30fc4e9a29d250104fa297e7a7f17405df935efe7e4806b65a797a850f6a8d8e2c8a8b9f56953d1262211f307b4af9617b04c9c48dea9e41ef304ac3365b6d8846ba792c335b4b"}, {0xc}, {0xc}}}, @m_bpf={0x58, 0x0, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6}]}, {0x25, 0x6, "538ccaa56078deef003c66568338f89ce81cefabfec7b5ecd9cf6ec4c86d636a2b"}, {0xc}, {0xc}}}, @m_ctinfo={0x30, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x7c0}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x924}, {&(0x7f00000007c0)=""/154, 0xc8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

5.034460896s ago: executing program 3:
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)

4.998619171s ago: executing program 3:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getregs(0x420c, r1, 0x0, 0x0)

1.95032985s ago: executing program 4:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0xf}}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.802071563s ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1801000021000000000000000000001085"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0xd80, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x328, 0x140, 0x0, 0xfeffffff, 0xa8, 0xa8, 0x290, 0x290, 0xffffffff, 0x290, 0x290, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0xd00, {0x0, @local, @local, @gre_key, @gre_key}}}}, {{@ip={@private, @local, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388)

1.515471387s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x40b3, 0x7f}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000780), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

1.438980699s ago: executing program 0:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000100)=':', 0x2}], 0x1)

1.415138712s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_da_write_pages_extent\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='ext4_da_write_pages_extent\x00', r1}, 0x10)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000700), 0x12)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x4030582b, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000a50000002a00000095"], &(0x7f0000000b40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x1200052, &(0x7f00000003c0), 0x1, 0x793, &(0x7f00000029c0)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000880)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xc}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a62951e532b33c57004ffc2e83361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da73c32bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c54d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f6b5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415bd0f9db009acaba9eaea93f7a1d434e00000000000000000000d154ba10a8e51489a614e69722bac300"/1551], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

1.112815259s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r1, &(0x7f0000000180), &(0x7f0000000680)=""/141}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, &(0x7f00000000c0), &(0x7f0000000280)=""/239}, 0x20)

816.298135ms ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001300)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef20000000088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cbc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2dbbbfa7e120ad8c5a13fb18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122c00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3921050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000000}, 0x2c)

778.69164ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

768.417542ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000380), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r2, &(0x7f00000002c0)=ANY=[], 0x7)
write$cgroup_int(r3, &(0x7f0000000200), 0x43400)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='jbd2_handle_extend\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)

670.527197ms ago: executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000540)={[], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x4}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1807000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r7)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

636.443442ms ago: executing program 1:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0\x00')
ftruncate(r0, 0x401)
syncfs(r0)
ftruncate(r0, 0x0)

630.548283ms ago: executing program 2:
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x4})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x309000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000500))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
close(0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x208000, 0x0)

578.475221ms ago: executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f00000003c0)={0x1}, 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendto$inet6(r0, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)

566.787323ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = open(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
sendfile(r2, 0xffffffffffffffff, 0x0, 0xe065)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
open(0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000000100)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}], 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000b00), &(0x7f0000000300)=r4}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='rtc_irq_set_state\x00', r9}, 0x10)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r11, 0xae60)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)

523.52081ms ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='block_split\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='block_split\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40001)

518.61339ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r1, &(0x7f0000000180), &(0x7f0000000680)=""/141}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, &(0x7f00000000c0), &(0x7f0000000280)=""/239}, 0x20)

503.335473ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x5, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000380), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='ext4_fc_commit_stop\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000940)='ext4_fc_commit_stop\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x42400)

268.273559ms ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001300)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1ff8d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002706870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a83984e68a6d80a5f5222ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0007000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef20000000088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cbc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1f6428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2dbbbfa7e120ad8c5a13fb18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000a034000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1ebbb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa5210b16eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f086dd47e0ffff00122c00631177fbac141416e000030a44079f034d2f87e589ca6aab845013f2325f1a3921050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x7000000}, 0x2c)

236.391954ms ago: executing program 1:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x2, 0xc8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8000}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0xf}}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

235.775034ms ago: executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x1a)

235.428704ms ago: executing program 0:
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
rt_sigtimedwait(&(0x7f0000000040), 0x0, 0x0, 0x8)
ioprio_set$uid(0x3, r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r2, 0x8800000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sched_setscheduler(0x0, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r8}, 0x10)
sendfile(r4, r2, 0x0, 0x100000000)

212.901948ms ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

186.787372ms ago: executing program 4:
syz_usb_connect$uac1(0x0, 0x90, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000000000086b1d010140000102030109027e0003010000000904000000010100000a24010000000201020a2407000000008e781f090004000001020000090401010101020000090501090000000000072501000000000904020000010200000904020101010200000e24020107030000fdd551824f55072401000000000905820908000000000725"], 0x0)

0s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf974a457bb636ff6}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
llistxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  230.473587][ T1020] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.480552][ T1020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.488357][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  230.496462][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  230.504415][ T1020] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.511262][ T1020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.518513][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  230.526511][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  230.534444][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  230.542338][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  230.561728][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  230.570411][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  230.582934][ T5139] device veth0_vlan entered promiscuous mode
[  230.590072][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  230.598201][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  230.618443][ T5139] device veth1_macvtap entered promiscuous mode
[  230.625546][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  230.633124][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  230.640437][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  230.649096][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  230.656979][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  230.671397][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  230.679956][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  230.688626][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  230.696632][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  231.230062][   T24] audit: type=1400 audit(1718526608.410:3214): avc:  denied  { mounton } for  pid=5186 comm="syz-executor.1" path="/root/syzkaller-testdir2057534102/syzkaller.ju4Dfs/7/file0" dev="sda1" ino=2000 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  231.230239][ T5187] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  231.268797][ T5187] FAT-fs (loop3): unable to read boot sector
[  231.377118][ T4717] usb 3-1: Cannot set autoneg
[  231.381703][ T4717] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71
[  231.391533][ T4717] usb 3-1: USB disconnect, device number 15
[  231.499222][ T5193] EXT4-fs error (device loop1): ext4_map_blocks:600: inode #2: block 3: comm syz-executor.1: lblock 0 mapped to illegal pblock 3 (length 1)
[  231.513514][ T5193] EXT4-fs (loop1): Remounting filesystem read-only
[  231.519882][ T5193] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  231.528030][ T5193] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,auto_da_alloc=0x0000000000000000,errors=continue,init_itable,grpquota,grpjquota=.nomblk_io_submit,errors=remount-ro,jqfmt=vfsv0,delalloc,,
[  231.548407][    T9] device bridge_slave_1 left promiscuous mode
[  231.554723][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.573081][    T9] device bridge_slave_0 left promiscuous mode
[  231.597841][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.607046][    T9] device veth1_macvtap left promiscuous mode
[  231.613542][    T9] device veth0_vlan left promiscuous mode
[  231.717425][   T24] audit: type=1400 audit(1718526608.900:3215): avc:  denied  { create } for  pid=5207 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  231.740258][ T5208] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5208 comm=syz-executor.1
[  231.740269][   T24] audit: type=1400 audit(1718526608.920:3216): avc:  denied  { write } for  pid=5207 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  231.776547][   T24] audit: type=1400 audit(1718526608.950:3217): avc:  denied  { read } for  pid=5207 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  231.859370][ T5218] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz-executor.1: Invalid inode bitmap blk 4 in block_group 0
[  231.872316][ T5218] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,auto_da_alloc=0x000000000080007f,noload,nobarrier,nodiscard,,errors=continue
[  232.006807][  T618] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  232.025856][  T396] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  232.049259][ T5223] EXT4-fs error (device loop2): ext4_map_blocks:600: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1)
[  232.063532][ T5223] EXT4-fs (loop2): Remounting filesystem read-only
[  232.069934][ T5223] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  232.078135][ T5223] EXT4-fs (loop2): mounted filesystem without journal. Opts: abort,auto_da_alloc=0x0000000000000000,errors=continue,init_itable,grpquota,grpjquota=.nomblk_io_submit,errors=remount-ro,jqfmt=vfsv0,delalloc,,
[  232.727310][  T618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  232.738426][  T396] usb 1-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  232.747301][  T396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.755395][  T618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  232.766540][  T396] usb 1-1: config 0 descriptor??
[  232.771396][  T618] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  232.784250][  T618] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  232.793452][  T618] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.802638][  T618] usb 4-1: config 0 descriptor??
[  232.808115][  T396] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  232.827092][ T5210] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  233.008056][ T5251] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.1'.
[  233.017773][ T5251] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  233.027593][ T5251] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  233.040005][ T3503] usb 1-1: USB disconnect, device number 15
[  233.447919][  T618] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xd
[  233.456359][  T618] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  233.465310][  T618] plantronics 0003:047F:FFFF.0012: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  233.727660][   T25] usb 4-1: USB disconnect, device number 26
[  233.747014][ T5279] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.0'.
[  233.756249][ T5279] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  233.765341][ T5279] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  233.784938][   T24] audit: type=1326 audit(1718526610.960:3218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5280 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce2cee8ea9 code=0x0
[  233.975093][ T5277] F2FS-fs (loop2): Found nat_bits in checkpoint
[  234.014633][ T5292] overlayfs: bad index found (index=index/00fb1d00015941fea2f5fa4b4eb5ef9af118b27b95d5070000d51cb27b, ftype=2000, origin ftype=a000).
[  234.020603][ T5277] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  234.134961][ T5295] incfs: Can't find or create .index dir in ./file0
[  234.141632][ T5295] incfs: mount failed -14
[  234.221113][ T5303] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  234.240495][ T5305] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  234.337722][ T5312] erofs: (device loop3): mounted with root inode @ nid 36.
[  234.547049][   T24] audit: type=1400 audit(1718526611.710:3219): avc:  denied  { ioctl } for  pid=5296 comm="syz-executor.1" path="socket:[37746]" dev="sockfs" ino=37746 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  234.892072][ T5328] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  235.049122][ T5341] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  235.229557][ T5353] erofs: (device loop2): mounted with root inode @ nid 36.
[  235.294993][   T24] audit: type=1326 audit(1718526612.470:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5360 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f68dc491ea9 code=0x0
[  235.410287][ T5375] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  235.518172][   T24] audit: type=1326 audit(1718526612.700:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  235.551789][   T24] audit: type=1326 audit(1718526612.700:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  235.575979][   T24] audit: type=1326 audit(1718526612.700:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5382 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  235.824717][ T5398] device syz_tun entered promiscuous mode
[  235.830529][ T5398] device batadv_slave_1 entered promiscuous mode
[  235.836857][ T5397] device batadv_slave_1 left promiscuous mode
[  235.842885][ T5397] device syz_tun left promiscuous mode
[  236.060823][ T5389] F2FS-fs (loop2): Found nat_bits in checkpoint
[  236.096775][ T5389] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  236.224907][ T5421] device syzkaller0 entered promiscuous mode
[  236.371891][ T5430] incfs: Error accessing: ./file0/file0.
[  236.387069][ T5430] incfs: mount failed -20
[  237.410360][ T5441] F2FS-fs (loop2): Found nat_bits in checkpoint
[  237.444166][ T5461] device syzkaller0 entered promiscuous mode
[  237.458782][ T5441] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  237.727111][ T5476] input: syz0 as /devices/virtual/input/input28
[  237.839070][ T5479] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  237.846089][ T5479] IPv6: NLM_F_CREATE should be set when creating new route
[  237.853165][ T5479] IPv6: NLM_F_CREATE should be set when creating new route
[  238.017175][ T3503] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  238.262327][ T5482] FAT-fs (loop0): Directory bread(block 64) failed
[  238.268725][ T5482] FAT-fs (loop0): Directory bread(block 65) failed
[  238.275051][ T5482] FAT-fs (loop0): Directory bread(block 66) failed
[  238.281434][ T5482] FAT-fs (loop0): Directory bread(block 67) failed
[  238.287768][ T5482] FAT-fs (loop0): Directory bread(block 68) failed
[  238.294040][ T5482] FAT-fs (loop0): Directory bread(block 69) failed
[  238.300482][ T5482] FAT-fs (loop0): Directory bread(block 70) failed
[  238.306819][ T5482] FAT-fs (loop0): Directory bread(block 71) failed
[  238.313201][ T5482] FAT-fs (loop0): Directory bread(block 72) failed
[  238.319657][ T5482] FAT-fs (loop0): Directory bread(block 73) failed
[  238.397075][ T3503] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.415111][ T3503] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.425304][ T3503] usb 3-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  238.434255][ T3503] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.492928][ T3503] usb 3-1: config 0 descriptor??
[  238.514493][ T5493] FAT-fs (loop0): Directory bread(block 64) failed
[  238.521239][ T5493] FAT-fs (loop0): Directory bread(block 65) failed
[  238.527666][ T5493] FAT-fs (loop0): Directory bread(block 66) failed
[  238.533956][ T5493] FAT-fs (loop0): Directory bread(block 67) failed
[  238.540303][ T5493] FAT-fs (loop0): Directory bread(block 68) failed
[  238.546799][ T5493] FAT-fs (loop0): Directory bread(block 69) failed
[  238.553320][ T5493] FAT-fs (loop0): Directory bread(block 70) failed
[  238.559710][ T5493] FAT-fs (loop0): Directory bread(block 71) failed
[  238.566076][ T5493] FAT-fs (loop0): Directory bread(block 72) failed
[  238.573391][ T5493] FAT-fs (loop0): Directory bread(block 73) failed
[  238.592265][   T24] kauditd_printk_skb: 6 callbacks suppressed
[  238.592278][   T24] audit: type=1400 audit(1718526615.770:3230): avc:  denied  { getopt } for  pid=5492 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  239.018334][ T3503] itetech 0003:258A:6A88.0013: unknown main item tag 0x0
[  239.026050][ T3503] itetech 0003:258A:6A88.0013: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.2-1/input0
[  239.221485][   T54] usb 3-1: USB disconnect, device number 16
[  239.327964][ T5497] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name
[  239.336299][ T5497] F2FS-fs (loop3): invalid crc value
[  239.343155][ T5497] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  239.372656][ T5497] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[  239.639936][ T5522] overlayfs: failed to resolve './file1': -2
[  240.247443][ T5532] input: syz0 as /devices/virtual/input/input29
[  240.427864][ T5529] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  240.435411][ T5529] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  240.458157][ T5529] F2FS-fs (loop0): invalid crc value
[  240.465058][ T5529] F2FS-fs (loop0): Found nat_bits in checkpoint
[  240.509588][ T5529] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  240.516554][ T5529] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  240.727107][ T3503] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  241.048197][ T5556] FAT-fs (loop3): Directory bread(block 64) failed
[  241.054673][ T5556] FAT-fs (loop3): Directory bread(block 65) failed
[  241.061667][ T5556] FAT-fs (loop3): Directory bread(block 66) failed
[  241.068154][ T5556] FAT-fs (loop3): Directory bread(block 67) failed
[  241.074600][ T5556] FAT-fs (loop3): Directory bread(block 68) failed
[  241.081205][ T5556] FAT-fs (loop3): Directory bread(block 69) failed
[  241.087687][ T5556] FAT-fs (loop3): Directory bread(block 70) failed
[  241.094001][ T5556] FAT-fs (loop3): Directory bread(block 71) failed
[  241.100488][ T5556] FAT-fs (loop3): Directory bread(block 72) failed
[  241.106890][ T5556] FAT-fs (loop3): Directory bread(block 73) failed
[  241.171963][ T3503] usb 2-1: Using ep0 maxpacket: 32
[  241.434684][    T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  241.443646][    T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  241.497593][ T5562] erofs: (device loop3): mounted with root inode @ nid 36.
[  241.557082][ T3503] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  241.566174][ T3503] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.574189][ T3503] usb 2-1: Product: syz
[  241.579090][ T3503] usb 2-1: Manufacturer: syz
[  241.583506][ T3503] usb 2-1: SerialNumber: syz
[  241.615852][ T5571] 9pnet: Insufficient options for proto=fd
[  241.627545][ T3503] usb 2-1: config 0 descriptor??
[  241.739631][   T24] audit: type=1400 audit(1718526618.920:3231): avc:  denied  { accept } for  pid=5590 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  241.764113][ T5579] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  241.774444][ T5579] ext4 filesystem being mounted at /root/syzkaller-testdir2191538501/syzkaller.5GDGQO/40/file0 supports timestamps until 2038 (0x7fffffff)
[  242.041497][ T5599] erofs: (device loop0): mounted with root inode @ nid 36.
[  242.417392][ T3503] (unnamed net_device) (uninitialized): Assigned a random MAC address: ba:1d:89:2c:8f:d2
[  242.439489][ T3503] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[  242.448500][ T3503] usb 2-1: USB disconnect, device number 18
[  242.588553][ T5606] 9pnet: Insufficient options for proto=fd
[  242.647805][ T5617] input: syz1 as /devices/virtual/input/input30
[  243.425479][    T9] tipc: Disabling bearer <udp:syz1>
[  243.430915][    T9] tipc: Left network mode
[  243.565417][ T5636] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.568575][   T24] audit: type=1400 audit(1718526620.750:3232): avc:  denied  { setopt } for  pid=5643 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  243.592991][ T5636] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.600572][ T5636] device bridge_slave_0 entered promiscuous mode
[  243.633681][ T5636] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.647071][ T5636] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.655119][ T5636] device bridge_slave_1 entered promiscuous mode
[  243.776182][ T5636] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.783084][ T5636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.790195][ T5636] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.797050][ T5636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.827691][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  243.835357][ T4717] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.843076][ T4717] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.875226][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.890176][  T395] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.897038][  T395] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.905797][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.913848][  T395] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.920944][  T395] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.931418][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  243.939309][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  243.983340][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  243.996257][ T5636] device veth0_vlan entered promiscuous mode
[  244.002736][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  244.010863][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  244.018513][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  244.032209][ T5636] device veth1_macvtap entered promiscuous mode
[  244.040127][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  244.072508][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  244.348578][ T5664] device pim6reg1 entered promiscuous mode
[  244.362415][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  244.433769][ T5673] FAT-fs (loop0): Directory bread(block 64) failed
[  244.440458][ T5673] FAT-fs (loop0): Directory bread(block 65) failed
[  244.446904][ T5673] FAT-fs (loop0): Directory bread(block 66) failed
[  244.453532][ T5673] FAT-fs (loop0): Directory bread(block 67) failed
[  244.459992][ T5673] FAT-fs (loop0): Directory bread(block 68) failed
[  244.466367][ T5673] FAT-fs (loop0): Directory bread(block 69) failed
[  244.472761][ T5673] FAT-fs (loop0): Directory bread(block 70) failed
[  244.479150][ T5673] FAT-fs (loop0): Directory bread(block 71) failed
[  244.486132][ T5673] FAT-fs (loop0): Directory bread(block 72) failed
[  244.492533][ T5673] FAT-fs (loop0): Directory bread(block 73) failed
[  244.527616][    T9] device bridge_slave_1 left promiscuous mode
[  244.533597][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.540997][    T9] device bridge_slave_0 left promiscuous mode
[  244.547204][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.555537][    T9] device veth1_macvtap left promiscuous mode
[  244.561513][    T9] device veth0_vlan left promiscuous mode
[  244.877438][ T4717] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  245.206077][ T5690] input: syz1 as /devices/virtual/input/input31
[  245.224154][ T5692] SELinux: security_context_str_to_sid(r) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  245.249195][ T5694] syz-executor.2[5694] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  245.249246][ T5694] syz-executor.2[5694] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  245.297124][ T4717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.319610][ T4717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.329186][ T4717] usb 1-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  245.338031][ T4717] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.348310][ T4717] usb 1-1: config 0 descriptor??
[  245.567079][  T396] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  246.039713][  T396] usb 5-1: Using ep0 maxpacket: 16
[  246.044767][ T4717] itetech 0003:258A:6A88.0014: unknown main item tag 0x0
[  246.055284][ T4717] itetech 0003:258A:6A88.0014: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.0-1/input0
[  246.121100][ T4717] usb 1-1: USB disconnect, device number 16
[  246.207264][  T396] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  246.215429][  T396] usb 5-1: config 0 has no interface number 0
[  246.221490][  T396] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  246.717381][ T5721] input: syz1 as /devices/virtual/input/input32
[  246.747083][  T396] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= f.88
[  246.756054][  T396] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.764014][  T396] usb 5-1: Product: syz
[  246.768055][  T396] usb 5-1: Manufacturer: syz
[  246.772456][  T396] usb 5-1: SerialNumber: syz
[  246.777983][  T396] usb 5-1: config 0 descriptor??
[  246.809489][ T5698] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  247.347620][  T396] usb 5-1: invalid MIDI in EP 0
[  247.352728][  T396] snd-usb-audio: probe of 5-1:0.2 failed with error -22
[  247.360238][  T396] usb 5-1: USB disconnect, device number 16
[  247.968791][ T5743] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  248.029266][ T5743] futex_wake_op: syz-executor.4 tries to shift op by 32; fix this program
[  248.875376][   T24] audit: type=1400 audit(1718526626.050:3233): avc:  denied  { getopt } for  pid=5748 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  249.301895][ T5782] incfs: Options parsing error. -22
[  249.327095][ T5782] incfs: mount failed -22
[  249.647333][    T5] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  249.657013][  T396] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  249.897035][  T396] usb 3-1: Using ep0 maxpacket: 32
[  250.277170][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.287986][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.297541][    T5] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  250.306381][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.314747][    T5] usb 4-1: config 0 descriptor??
[  250.367110][  T396] usb 3-1: config 4 has an invalid interface number: 61 but max is 0
[  250.375029][  T396] usb 3-1: config 4 has no interface number 0
[  250.380952][  T396] usb 3-1: config 4 interface 61 altsetting 4 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  250.391608][  T396] usb 3-1: config 4 interface 61 altsetting 4 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  250.402290][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0x9, skipping
[  250.412771][  T396] usb 3-1: config 4 interface 61 altsetting 4 endpoint 0xC has invalid maxpacket 512, setting to 64
[  250.423408][  T396] usb 3-1: config 4 interface 61 altsetting 4 endpoint 0x8 has invalid wMaxPacketSize 0
[  250.433195][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0xF, skipping
[  250.444250][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0xF, skipping
[  250.454818][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0xC, skipping
[  250.512457][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0xC, skipping
[  250.522884][  T396] usb 3-1: config 4 interface 61 altsetting 4 has a duplicate endpoint with address 0xA, skipping
[  250.533290][  T396] usb 3-1: config 4 interface 61 altsetting 4 has an invalid endpoint with address 0x0, skipping
[  250.543629][  T396] usb 3-1: config 4 interface 61 altsetting 4 bulk endpoint 0x3 has invalid maxpacket 1024
[  250.553436][  T396] usb 3-1: config 4 interface 61 altsetting 4 has 14 endpoint descriptors, different from the interface descriptor's value: 15
[  250.566432][  T396] usb 3-1: config 4 interface 61 has no altsetting 0
[  250.792913][    T5] logitech-hidpp-device 0003:046D:C086.0015: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0
[  250.807092][  T396] usb 3-1: Dual-Role OTG device on HNP port
[  250.827074][  T396] usb 3-1: New USB device found, idVendor=0506, idProduct=0a11, bcdDevice=ce.02
[  250.835975][  T396] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.844041][  T396] usb 3-1: Product: 沟
[  250.923633][ T5821] netlink: 'syz-executor.0': attribute type 6 has an invalid length.
[  251.079735][   T54] usb 4-1: USB disconnect, device number 27
[  251.107012][  T396] usb 3-1: Manufacturer: 砹橻��ꠥ�ኊﭓ��칂砷殠⡶ㆶ纨�塼�݅겍복㜚笀諧踄맻ℤ쾬䋅栟ϛ畢啅껡怛ᒱ㗿��ᇙ㚭퉢뇾
[  251.127350][  T396] usb 3-1: SerialNumber: ⬆ܝ┞늬���ꊱ۞躹골힞둯ힳꞱ�旒앎庱酬迕꙱
[  251.167297][ T5790] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  251.174257][ T5790] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  251.468590][  T396] usb 3-1: USB disconnect, device number 17
[  251.557041][ T3503] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  251.877006][  T722] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  251.998737][ T3503] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  252.009708][ T3503] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  252.020496][ T3503] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  252.033235][ T3503] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  252.042194][ T3503] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.050415][ T3503] usb 5-1: config 0 descriptor??
[  252.067112][ T5829] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  252.257443][  T722] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.276844][  T722] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.302895][  T722] usb 1-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00
[  252.324815][  T722] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.333460][  T722] usb 1-1: config 0 descriptor??
[  252.527830][ T3503] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  252.535264][ T3503] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  252.542722][ T3503] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  252.551567][ T3503] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  252.617787][ T5847] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  252.625341][ T5847] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  252.636429][ T5847] F2FS-fs (loop3): Found nat_bits in checkpoint
[  252.668333][ T5847] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  252.675206][ T5847] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  252.808462][  T722] hid (null): report_id 0 is invalid
[  252.819637][  T722] waltop 0003:172F:0034.0017: report_id 0 is invalid
[  252.834724][  T722] waltop 0003:172F:0034.0017: item 0 0 1 8 parsing failed
[  252.907308][  T722] waltop: probe of 0003:172F:0034.0017 failed with error -22
[  253.067339][   T15] usb 1-1: USB disconnect, device number 17
[  253.330644][  T396] usb 5-1: USB disconnect, device number 17
[  253.442384][ T5873] netlink: 'syz-executor.2': attribute type 6 has an invalid length.
[  253.549417][ T5870] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  253.590835][ T5870] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  253.598745][ T5870] System zones: 1-12
[  253.602974][ T5870] EXT4-fs (loop4): orphan cleanup on readonly fs
[  253.609248][ T5870] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz-executor.4: Inode bitmap for bg 0 marked uninitialized
[  253.629634][ T5870] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  253.656684][ T5870] EXT4-fs error (device loop4): ext4_remount:5878: Abort forced by user
[  253.664969][ T5870] EXT4-fs (loop4): re-mounted. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,
[  253.720751][ T5878] EXT4-fs (loop3): orphan cleanup on readonly fs
[  253.726984][ T5878] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz-executor.3: bad orphan inode 1
[  253.739592][ T5878] EXT4-fs (loop3): Remounting filesystem read-only
[  253.746299][ T5878] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,i_version,usrquota,min_batch_time=0x0000000000000005,nobarrier,errors=remount-ro,jqfmt=vfsold,
[  253.772347][ T5884] syz-executor.0[5884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.772405][ T5884] syz-executor.0[5884] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.803988][ T5878] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  253.822578][   T24] audit: type=1400 audit(1718526630.980:3234): avc:  denied  { mounton } for  pid=5877 comm="syz-executor.3" path="/root/syzkaller-testdir2986177810/syzkaller.IUXF75/59/file0/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  253.850402][ T5878] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  253.850502][ T5878] EXT4-fs (loop3): Remounting file system with no journal so ignoring journalled data option
[  253.867772][ T5878] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  253.891928][ T5878] EXT4-fs error (device loop3): ext4_remount:5878: Abort forced by user
[  254.293908][ T5081] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 21: comm syz-executor.3: path /root/syzkaller-testdir2986177810/syzkaller.IUXF75/59/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=64815104, rec_len=1024, size=1024 fake=0
[  254.336887][ T5081] EXT4-fs error (device loop3): ext4_lookup:1827: inode #16: comm syz-executor.3: iget: bad extra_isize 2080 (inode size 256)
[  254.350321][ T5081] EXT4-fs error (device loop3): ext4_lookup:1827: inode #16: comm syz-executor.3: iget: bad extra_isize 2080 (inode size 256)
[  254.568422][ T5905] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.575412][ T5905] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.583884][ T5905] device bridge_slave_0 entered promiscuous mode
[  254.593774][ T5905] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.600811][ T5905] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.623079][ T5905] device bridge_slave_1 entered promiscuous mode
[  254.767004][    T5] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  254.867352][ T5905] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.874217][ T5905] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.881329][ T5905] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.888086][ T5905] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.920420][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  254.928722][  T396] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.935790][  T396] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.954618][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  254.962836][ T4717] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.969701][ T4717] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.994360][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  255.002432][ T4717] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.009299][ T4717] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.016489][    T5] usb 3-1: Using ep0 maxpacket: 8
[  255.021487][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  255.029363][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  255.037782][    T9] device bridge_slave_1 left promiscuous mode
[  255.043727][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.052691][    T9] device bridge_slave_0 left promiscuous mode
[  255.059093][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.069292][    T9] device veth1_macvtap left promiscuous mode
[  255.075159][    T9] device veth0_vlan left promiscuous mode
[  255.258788][ T5917]  loop0: p3 < > p4 < >
[  255.262869][ T5917] loop0: partition table partially beyond EOD, truncated
[  255.269781][ T5914] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  255.274712][ T5917] loop0: p3 start 4284289 is beyond EOD, 
[  255.276733][ T5914] IPv6: NLM_F_CREATE should be set when creating new route
[  255.276746][ T5917] truncated
[  255.282317][ T5914] IPv6: NLM_F_CREATE should be set when creating new route
[  255.310891][ T5905] device veth0_vlan entered promiscuous mode
[  255.317671][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  255.325927][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  255.336560][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  255.343747][    T5] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  255.362391][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  255.369475][    T5] usb 3-1: config 179 has no interface number 0
[  255.375499][    T5] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  255.395013][    T5] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  255.398736][ T5905] device veth1_macvtap entered promiscuous mode
[  255.406154][    T5] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11
[  255.423570][    T5] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[  255.441640][    T5] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  255.454993][    T5] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  255.463909][    T5] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.490000][ T5899] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  255.497084][ T5899] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  255.503185][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  255.514081][    T5] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input33
[  255.525671][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  255.534717][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  255.752095][ T5931] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  255.762089][ T5938] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,barrier=0x0000000000000005,grpjquota=,norecovery,noauto_da_alloc,,errors=continue
[  255.779194][ T5938] ext4 filesystem being mounted at /root/syzkaller-testdir3330276344/syzkaller.Qmtna1/3/bus supports timestamps until 2038 (0x7fffffff)
[  255.805781][ T5899] EXT4-fs (loop2): Ignoring removed nobh option
[  255.828765][ T5899] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,bsddf,sysvgroups,block_validity,debug_want_extra_isize=0x000000000000007e,sb=0x0000000000000001,nogrpid,noauto_da_alloc,nojournal_checksum,noload,,errors=continue
[  256.061152][ T5955] incfs: ino conflict with backing FS 1
[  256.074133][   T24] audit: type=1400 audit(1718526633.250:3235): avc:  denied  { rename } for  pid=5946 comm="syz-executor.0" name="file0" dev="incremental-fs" ino=1048668 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  256.145077][   T24] audit: type=1400 audit(1718526633.260:3236): avc:  denied  { write } for  pid=5946 comm="syz-executor.0" name="file0" dev="incremental-fs" ino=1048669 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  256.180506][   T24] audit: type=1400 audit(1718526633.260:3237): avc:  denied  { append } for  pid=5946 comm="syz-executor.0" name="ashmem" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  256.318008][    T5] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  256.330099][   T15] usb 3-1: USB disconnect, device number 18
[  256.337039][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  256.345481][   T15] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  256.687215][    T5] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.698013][    T5] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  256.711124][    T5] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  256.720354][    T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.729119][    T5] usb 5-1: config 0 descriptor??
[  256.862616][ T5967] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  256.879055][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.885895][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.898525][ T5963] device bridge_slave_0 entered promiscuous mode
[  256.905934][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.912874][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.920579][ T5963] device bridge_slave_1 entered promiscuous mode
[  256.974251][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.981120][ T5963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.988217][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.994987][ T5963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.017877][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  257.025363][   T15] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.033288][   T15] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.048352][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  257.056866][  T722] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.063739][  T722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.071323][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  257.079872][  T722] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.086701][  T722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.234067][ T5979] device pim6reg1 entered promiscuous mode
[  257.282176][ T5980] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  257.297673][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  257.305406][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  257.324908][ T5963] device veth0_vlan entered promiscuous mode
[  257.332539][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  257.341319][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  257.349504][    T5] usbhid 5-1:0.0: can't add hid device: -71
[  257.355959][    T5] usbhid: probe of 5-1:0.0 failed with error -71
[  257.363073][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  257.371721][    T5] usb 5-1: USB disconnect, device number 18
[  257.378524][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  257.393541][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  257.402647][ T5963] device veth1_macvtap entered promiscuous mode
[  257.413815][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  257.430657][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  257.497631][    T9] device bridge_slave_1 left promiscuous mode
[  257.503581][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.510905][    T9] device bridge_slave_0 left promiscuous mode
[  257.516836][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.524823][    T9] device veth1_macvtap left promiscuous mode
[  257.530685][    T9] device veth0_vlan left promiscuous mode
[  258.214987][ T6003] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.221951][ T6003] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.231181][ T6003] device bridge_slave_0 entered promiscuous mode
[  258.423576][ T6003] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.430744][ T6003] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.443387][ T6003] device bridge_slave_1 entered promiscuous mode
[  258.496051][ T6003] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.502922][ T6003] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.510005][ T6003] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.516777][ T6003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.540628][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  258.548076][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.555106][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.562288][  T395] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  258.573529][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  258.582119][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.583369][ T6016] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,barrier=0x0000000000000005,grpjquota=,norecovery,noauto_da_alloc,,errors=continue
[  258.589061][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.613006][ T6016] ext4 filesystem being mounted at /root/syzkaller-testdir3080445887/syzkaller.M8lzo6/81/bus supports timestamps until 2038 (0x7fffffff)
[  258.628317][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  258.636891][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.643748][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.659642][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  258.667469][  T722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  258.678861][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  258.690546][ T6003] device veth0_vlan entered promiscuous mode
[  258.704322][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  258.714896][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  258.722436][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  258.730387][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  258.739158][ T6003] device veth1_macvtap entered promiscuous mode
[  258.755692][ T6024] incfs: Can't find or create .index dir in ./file0
[  258.756352][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  258.763623][ T6024] incfs: mount failed -14
[  258.771019][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  258.817100][  T395] usb 5-1: Using ep0 maxpacket: 32
[  258.885180][ T6030] overlayfs: invalid origin (00000079004c000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  258.929972][ T6038] __nla_validate_parse: 1 callbacks suppressed
[  258.929979][ T6038] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  258.945379][ T6038] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  259.397222][  T395] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  259.406281][  T395] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.414138][  T395] usb 5-1: Product: syz
[  259.418214][  T395] usb 5-1: Manufacturer: syz
[  259.422615][  T395] usb 5-1: SerialNumber: syz
[  259.427709][  T395] usb 5-1: config 0 descriptor??
[  259.463250][ T6054] device pim6reg1 entered promiscuous mode
[  259.510113][ T6063] overlayfs: invalid origin (00000079004c000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  259.536153][    T9] device bridge_slave_1 left promiscuous mode
[  259.542514][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.549885][    T9] device bridge_slave_0 left promiscuous mode
[  259.555874][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.563802][    T9] device veth1_macvtap left promiscuous mode
[  259.569709][    T9] device veth0_vlan left promiscuous mode
[  260.267055][  T395] (unnamed net_device) (uninitialized): Assigned a random MAC address: 7a:d5:35:8e:41:84
[  260.282701][  T395] rtl8150 5-1:0.0: eth1: rtl8150 is detected
[  260.297005][ T4717] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[  260.470116][  T395] usb 5-1: USB disconnect, device number 19
[  260.915058][ T4717] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  260.923290][ T4717] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  260.931199][ T4717] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  260.940280][ T4717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  261.069766][ T6097] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  261.095548][ T6100] overlayfs: invalid origin (00000079004c000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  261.187524][ T4717] usb 3-1: string descriptor 0 read error: -22
[  261.193744][ T4717] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  261.202814][ T4717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.211605][ T4717] usb 3-1: config 0 descriptor??
[  261.227238][ T6073] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  261.247454][ T4717] hub 3-1:0.0: bad descriptor, ignoring hub
[  261.253240][ T4717] hub: probe of 3-1:0.0 failed with error -5
[  261.260072][ T4717] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input34
[  261.732977][ T3503] usb 3-1: USB disconnect, device number 19
[  262.127042][ T1020] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  262.269913][   T24] audit: type=1326 audit(1718526639.448:3238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6132 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x0
[  262.348478][ T6139] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue
[  262.367022][ T1020] usb 1-1: Using ep0 maxpacket: 32
[  262.437086][ T3503] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  262.565041][ T6144] overlayfs: './file2' not a directory
[  262.877269][ T3503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  262.888354][ T3503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  262.899271][ T3503] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  262.907102][ T1020] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  262.911988][ T3503] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  262.920909][ T1020] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.929642][ T3503] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.937534][ T1020] usb 1-1: Product: syz
[  262.946040][ T3503] usb 4-1: config 0 descriptor??
[  262.949326][ T1020] usb 1-1: Manufacturer: syz
[  262.958695][ T1020] usb 1-1: SerialNumber: syz
[  262.963756][ T1020] usb 1-1: config 0 descriptor??
[  262.977074][ T6131] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  263.107675][   T24] audit: type=1400 audit(1718526640.288:3239): avc:  denied  { append } for  pid=6145 comm="syz-executor.2" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  263.224796][ T6154] syz-executor.4[6154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  263.224841][ T6154] syz-executor.4[6154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  263.417048][ T4717] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  263.437818][ T3503] plantronics 0003:047F:FFFF.0018: unknown main item tag 0xd
[  263.451163][ T3503] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  263.464612][ T3503] plantronics 0003:047F:FFFF.0018: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  263.667048][ T1020] (unnamed net_device) (uninitialized): Assigned a random MAC address: b2:c9:aa:b0:41:57
[  263.678813][ T1020] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  263.737818][ T1020] usb 4-1: USB disconnect, device number 28
[  263.797106][ T4717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.808010][ T4717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.817567][ T4717] usb 3-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  263.826410][ T4717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.834841][ T4717] usb 3-1: config 0 descriptor??
[  263.872609][    T5] usb 1-1: USB disconnect, device number 18
[  264.339126][ T4717] itetech 0003:258A:6A88.0019: unknown main item tag 0x0
[  264.354736][ T4717] itetech 0003:258A:6A88.0019: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.2-1/input0
[  264.415578][ T6177] syz-executor.0[6177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.415679][ T6177] syz-executor.0[6177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.444909][ T6184] syz-executor.3[6184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.463675][ T6184] syz-executor.3[6184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.486700][ T6188] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  264.532021][   T25] usb 3-1: USB disconnect, device number 20
[  264.776999][ T4717] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  264.787022][    T5] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  265.063937][ T6207] syz-executor.2[6207] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  265.064005][ T6207] syz-executor.2[6207] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  265.137362][ T4717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  265.158557][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  265.169551][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  265.180440][ T4717] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  265.190296][    T5] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  265.203092][    T5] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  265.212024][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.220510][    T5] usb 4-1: config 0 descriptor??
[  265.237072][ T6192] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  265.347062][ T3503] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  265.357112][ T4717] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  265.366186][ T4717] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.373936][ T4717] usb 1-1: Product: syz
[  265.378037][ T4717] usb 1-1: Manufacturer: syz
[  265.382420][ T4717] usb 1-1: SerialNumber: syz
[  265.387529][ T4717] usb 1-1: config 0 descriptor??
[  265.647228][ T4717] snd-usb-audio: probe of 1-1:0.0 failed with error -12
[  265.654722][ T4717] usb 1-1: USB disconnect, device number 19
[  265.666747][ T6217] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  265.682059][ T6217] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  265.697673][    T5] plantronics 0003:047F:FFFF.001A: unknown main item tag 0xd
[  265.706185][    T5] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[  265.727065][    T5] plantronics 0003:047F:FFFF.001A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  265.747077][ T3503] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.757897][ T3503] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  265.770814][ T3503] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  265.779718][ T3503] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.789438][ T3503] usb 3-1: config 0 descriptor??
[  265.967932][  T730] usb 4-1: USB disconnect, device number 29
[  266.154830][ T6221] device pim6reg1 entered promiscuous mode
[  266.197296][ T6223] syz-executor.0[6223] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  266.197341][ T6223] syz-executor.0[6223] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  266.267976][ T3503] plantronics 0003:047F:FFFF.001B: unexpected long global item
[  266.287188][ T3503] plantronics 0003:047F:FFFF.001B: parse failed
[  266.293389][ T3503] plantronics: probe of 0003:047F:FFFF.001B failed with error -22
[  266.471240][ T1020] usb 3-1: USB disconnect, device number 21
[  267.646196][ T6293] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  267.655739][ T6293] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  267.786998][  T730] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  268.084717][ T6299] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.091982][ T6299] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.099767][ T6299] device bridge_slave_0 entered promiscuous mode
[  268.109653][ T6299] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.116766][ T6299] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.124693][ T6299] device bridge_slave_1 entered promiscuous mode
[  268.166512][ T6299] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.173400][ T6299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.180460][ T6299] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.187255][ T6299] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.197510][  T730] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.209045][  T730] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  268.222113][  T730] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  268.231153][  T730] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.243458][  T730] usb 1-1: config 0 descriptor??
[  268.431135][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.440125][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.450493][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.464549][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.474101][ T1020] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.480976][ T1020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.496608][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.504859][ T1020] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.511735][ T1020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.519330][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.542664][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.566251][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  268.579155][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  268.588788][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  268.596289][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  268.604022][ T6299] device veth0_vlan entered promiscuous mode
[  268.616808][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  268.629803][ T6299] device veth1_macvtap entered promiscuous mode
[  268.657527][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  268.670034][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  268.837050][  T730] usbhid 1-1:0.0: can't add hid device: -71
[  268.843371][  T730] usbhid: probe of 1-1:0.0 failed with error -71
[  268.851300][    T7] device bridge_slave_1 left promiscuous mode
[  268.854076][  T730] usb 1-1: USB disconnect, device number 20
[  268.859624][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.880649][    T7] device bridge_slave_0 left promiscuous mode
[  268.908746][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.921503][    T7] device veth1_macvtap left promiscuous mode
[  268.927586][    T7] device veth0_vlan left promiscuous mode
[  268.960319][ T6331] syz-executor.3[6331] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.960383][ T6331] syz-executor.3[6331] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.363497][ T6337] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[  269.389082][ T6337] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[  269.402331][ T6337] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[  269.416382][ T6337] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[  269.429322][ T6337] EXT4-fs (loop1): 1 orphan inode deleted
[  269.434889][ T6337] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue
[  269.464881][   T24] audit: type=1326 audit(1718526646.638:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.519167][   T24] audit: type=1326 audit(1718526646.638:3241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.543201][   T24] audit: type=1326 audit(1718526646.638:3242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.568425][   T24] audit: type=1326 audit(1718526646.638:3243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.592182][   T24] audit: type=1326 audit(1718526646.638:3244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.621407][   T24] audit: type=1326 audit(1718526646.638:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.682857][   T24] audit: type=1326 audit(1718526646.638:3246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  269.997615][    T5] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  270.047895][ T6367] xt_policy: neither incoming nor outgoing policy selected
[  270.067533][   T24] audit: type=1400 audit(1718526647.248:3247): avc:  denied  { mounton } for  pid=6366 comm="syz-executor.1" path="/root/syzkaller-testdir1542571879/syzkaller.1hZDzl/8/file0" dev="sda1" ino=1999 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=fifo_file permissive=1
[  270.108171][ T6376] syz-executor.1[6376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.108230][ T6376] syz-executor.1[6376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.537623][ T6388] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[  270.563412][ T6388] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[  270.576999][ T6388] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[  270.591585][ T6388] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[  270.605126][ T6388] EXT4-fs (loop1): 1 orphan inode deleted
[  270.610735][ T6388] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_ioprio=0x0000000000000007,debug_want_extra_isize=0x000000000000005c,minixdf,nodelalloc,grpquota,usrjquota=,,errors=continue
[  270.807074][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  270.823051][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.845227][    T5] usb 4-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  270.860393][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.870109][    T5] usb 4-1: config 0 descriptor??
[  271.504960][    T5] itetech 0003:258A:6A88.001C: unknown main item tag 0x0
[  271.520858][    T5] itetech 0003:258A:6A88.001C: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.3-1/input0
[  271.560873][   T25] usb 4-1: USB disconnect, device number 30
[  271.652897][  T730] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  272.069682][ T6422] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  272.073993][   T24] audit: type=1400 audit(1718526649.248:3248): avc:  denied  { accept } for  pid=6425 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  272.082981][ T6422] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.2: missing EA_INODE flag
[  272.114717][ T6422] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 2 err=-117
[  272.127541][ T6422] EXT4-fs (loop2): 1 orphan inode deleted
[  272.133158][ T6422] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  272.147068][  T730] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.162039][  T730] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.172603][  T730] usb 2-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  272.181568][  T730] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.191028][  T730] usb 2-1: config 0 descriptor??
[  272.718466][  T730] hid-multitouch 0003:0EEF:72D0.001D: unbalanced delimiter at end of report description
[  272.737352][  T730] hid-multitouch: probe of 0003:0EEF:72D0.001D failed with error -22
[  272.833736][ T6431] F2FS-fs (loop4): Found nat_bits in checkpoint
[  272.911704][ T6431] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  272.929722][  T730] usb 2-1: USB disconnect, device number 19
[  272.947328][ T6431] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  272.975341][   T24] audit: type=1326 audit(1718526650.148:3249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8c27733ea9 code=0x0
[  273.957065][  T730] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  274.337426][  T730] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.367160][  T730] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.389864][  T730] usb 4-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  274.399136][  T730] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.407650][  T730] usb 4-1: config 0 descriptor??
[  274.855000][   T54] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  274.888188][  T730] itetech 0003:258A:6A88.001E: unknown main item tag 0x0
[  274.895781][  T730] itetech 0003:258A:6A88.001E: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.3-1/input0
[  275.157810][  T730] usb 4-1: USB disconnect, device number 31
[  275.287046][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.301418][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.311054][   T54] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  275.365567][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.374245][   T54] usb 5-1: config 0 descriptor??
[  275.906545][   T24] kauditd_printk_skb: 2 callbacks suppressed
[  275.906560][   T24] audit: type=1326 audit(1718526653.078:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  275.936250][   T24] audit: type=1326 audit(1718526653.078:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  275.960189][   T24] audit: type=1326 audit(1718526653.078:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  275.987063][   T24] audit: type=1326 audit(1718526653.088:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.010950][   T24] audit: type=1326 audit(1718526653.088:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.034822][   T24] audit: type=1326 audit(1718526653.158:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.059042][   T24] audit: type=1326 audit(1718526653.158:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.083563][   T24] audit: type=1326 audit(1718526653.168:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.107492][   T24] audit: type=1326 audit(1718526653.168:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.131487][   T24] audit: type=1326 audit(1718526653.168:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  276.132570][ T6510] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  276.165160][ T6510] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  276.206037][ T6510] EXT4-fs (loop3): failed to initialize system zone (-117)
[  276.213537][ T6510] EXT4-fs (loop3): mount failed
[  276.409671][   T54] uclogic 0003:256C:006D.001F: failed retrieving Huion firmware version: -71
[  276.418336][   T54] uclogic 0003:256C:006D.001F: failed probing parameters: -71
[  276.425611][   T54] uclogic: probe of 0003:256C:006D.001F failed with error -71
[  276.433921][   T54] usb 5-1: USB disconnect, device number 20
[  276.557323][ T6539] netlink: 'syz-executor.2': attribute type 6 has an invalid length.
[  276.848801][ T6541] F2FS-fs (loop3): invalid crc value
[  276.855247][ T6541] F2FS-fs (loop3): Found nat_bits in checkpoint
[  276.887033][ T6541] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  277.074364][ T6551] attempt to access beyond end of device
[  277.074364][ T6551] loop3: rw=10241, want=45104, limit=40427
[  277.094704][ T6551] attempt to access beyond end of device
[  277.094704][ T6551] loop3: rw=2049, want=45112, limit=40427
[  277.365153][ T6550] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  277.373735][ T6550] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  277.381759][ T6550] overlayfs: missing 'lowerdir'
[  277.403719][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  277.593448][ T6003] attempt to access beyond end of device
[  277.593448][ T6003] loop3: rw=2049, want=45120, limit=40427
[  277.997038][ T4717] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  278.107027][    T5] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  278.237008][ T4717] usb 4-1: Using ep0 maxpacket: 32
[  278.347013][    T5] usb 5-1: Using ep0 maxpacket: 32
[  278.357068][ T4717] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  278.365306][ T4717] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  278.373862][ T4717] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  278.382590][ T4717] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  278.392245][ T4717] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  278.401789][ T4717] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  278.414500][ T4717] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  278.423302][ T4717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.431830][ T4717] usb 4-1: config 0 descriptor??
[  278.467124][    T5] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  278.478161][    T5] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  278.487714][    T5] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  278.496542][    T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.537426][    T5] hub 5-1:4.0: USB hub found
[  278.687742][ T4717] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  278.757072][    T5] hub 5-1:4.0: 2 ports detected
[  278.889604][  T727] usb 4-1: USB disconnect, device number 32
[  278.896169][  T727] usblp0: removed
[  279.357077][    T5] hub 5-1:4.0: set hub depth failed
[  279.398064][    T5] usb 5-1: USB disconnect, device number 21
[  279.437452][ T4717] Bluetooth: hci0: command 0x1003 tx timeout
[  279.443519][   T40] Bluetooth: hci0: sending frame failed (-49)
[  279.608625][ T6577] tipc: Failed to remove local publication {66,1,1}/3798372279
[  279.616167][ T6577] tipc: Failed to remove local publication {66,1,1}/3798372279
[  279.677780][ T6583] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  279.689046][ T6583] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000003,resuid=0x0000000000000000,max_batch_time=0x0000000000000efe,data=ordered,jqfmt=vfsold,barrier=0x0000000000000648,barrier=0x0000000000000007,,errors=continue
[  279.942979][  T727] kernel write not supported for file bpf-prog (pid: 727 comm: kworker/1:5)
[  280.067095][    T5] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  280.306995][    T5] usb 4-1: Using ep0 maxpacket: 32
[  280.437143][    T5] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  280.445388][    T5] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  280.453820][    T5] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  280.462852][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  280.472301][    T5] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  280.481823][    T5] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  280.494532][    T5] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  280.503373][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.511792][    T5] usb 4-1: config 0 descriptor??
[  280.767870][    T5] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 33 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  281.011610][ T6610] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  281.027805][  T727] usb 4-1: USB disconnect, device number 33
[  281.046098][  T727] usblp0: removed
[  281.517563][   T25] Bluetooth: hci0: command 0x1001 tx timeout
[  281.523644][   T40] Bluetooth: hci0: sending frame failed (-49)
[  281.562907][ T6612] syz-executor.3[6612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.562959][ T6612] syz-executor.3[6612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.117003][  T395] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  282.527295][  T395] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.538052][  T395] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.547561][  T395] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  282.556480][  T395] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.565160][  T395] usb 5-1: config 0 descriptor??
[  283.027946][  T395] hid-multitouch 0003:0EEF:72D0.0020: unbalanced delimiter at end of report description
[  283.037793][  T395] hid-multitouch: probe of 0003:0EEF:72D0.0020 failed with error -22
[  283.230090][  T395] usb 5-1: USB disconnect, device number 22
[  283.597108][    T5] Bluetooth: hci0: command 0x1009 tx timeout
[  283.888728][ T6639] F2FS-fs (loop4): invalid crc value
[  283.894988][ T6639] F2FS-fs (loop4): Found nat_bits in checkpoint
[  283.926246][ T6639] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  284.106417][ T6644] attempt to access beyond end of device
[  284.106417][ T6644] loop4: rw=10241, want=45104, limit=40427
[  284.125567][ T6644] attempt to access beyond end of device
[  284.125567][ T6644] loop4: rw=2049, want=45112, limit=40427
[  284.636383][ T5636] attempt to access beyond end of device
[  284.636383][ T5636] loop4: rw=2049, want=45120, limit=40427
[  284.954795][ T6648] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  284.967999][ T6648] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  285.838604][ T6650] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue
[  286.786997][    T5] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  287.187032][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.197736][    T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.207251][    T5] usb 4-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  287.216100][    T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.224522][    T5] usb 4-1: config 0 descriptor??
[  287.597034][ T1020] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  287.707984][    T5] hid-multitouch 0003:0EEF:72D0.0021: unbalanced delimiter at end of report description
[  287.717995][    T5] hid-multitouch: probe of 0003:0EEF:72D0.0021 failed with error -22
[  287.916421][    T5] usb 4-1: USB disconnect, device number 34
[  287.957241][ T1020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.967951][ T1020] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  287.980659][ T1020] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  287.989455][ T1020] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.997836][ T1020] usb 5-1: config 0 descriptor??
[  288.197027][  T395] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  288.441453][ T6683] syz-executor.3[6683] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  288.441496][ T6683] syz-executor.3[6683] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  288.458645][ T6683] SELinux: security_context_str_to_sid(root) failed for (dev 9p, type 9p) errno=-22
[  288.477016][  T395] usb 3-1: Using ep0 maxpacket: 16
[  288.557694][ T1020] usbhid 5-1:0.0: can't add hid device: -71
[  288.563481][ T1020] usbhid: probe of 5-1:0.0 failed with error -71
[  288.570351][ T1020] usb 5-1: USB disconnect, device number 23
[  288.607274][  T395] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  288.616865][  T395] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  288.807431][  T395] usb 3-1: New USB device found, idVendor=1608, idProduct=000f, bcdDevice=c8.c5
[  288.816333][  T395] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.824189][  T395] usb 3-1: Product: syz
[  288.828285][  T395] usb 3-1: Manufacturer: syz
[  288.832660][  T395] usb 3-1: SerialNumber: syz
[  288.837727][  T395] usb 3-1: config 0 descriptor??
[  289.020417][ T6692] incfs: Can't find or create .incomplete dir in ./file0
[  289.027730][ T6692] incfs: mount failed -28
[  289.080792][  T730] usb 3-1: USB disconnect, device number 22
[  289.148733][ T6697] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  289.677564][ T6718]  loop3: p1 < > p4 < >
[  289.731461][ T6718] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  289.740997][ T6718] kvm: pic: single mode not supported
[  289.741053][ T6718] kvm: pic: non byte read
[  289.750796][ T6718] kvm: pic: level sensitive irq not supported
[  289.750834][ T6718] kvm: pic: non byte read
[  289.848756][   T24] kauditd_printk_skb: 7 callbacks suppressed
[  289.848769][   T24] audit: type=1326 audit(1718526667.028:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6724 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  289.878450][   T24] audit: type=1326 audit(1718526667.028:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6724 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  289.903261][   T24] audit: type=1326 audit(1718526667.028:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6724 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  289.927302][   T24] audit: type=1326 audit(1718526667.028:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6724 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  289.951426][   T24] audit: type=1326 audit(1718526667.028:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6724 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  290.100094][   T24] audit: type=1326 audit(1718526667.278:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6744 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27733ea9 code=0x7ffc0000
[  290.129623][   T24] audit: type=1326 audit(1718526667.278:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6744 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27733ea9 code=0x7ffc0000
[  290.184003][   T24] audit: type=1326 audit(1718526667.308:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6744 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c27733ea9 code=0x7ffc0000
[  290.238911][   T24] audit: type=1326 audit(1718526667.308:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6744 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27733ea9 code=0x7ffc0000
[  290.278376][   T24] audit: type=1326 audit(1718526667.308:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6744 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27733ea9 code=0x7ffc0000
[  290.541926][ T6773] syz-executor.4[6773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.541989][ T6773] syz-executor.4[6773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.556284][ T6773] SELinux: security_context_str_to_sid(root) failed for (dev 9p, type 9p) errno=-22
[  290.681352][ T6788] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  290.689147][ T6788] FAT-fs (loop4): Filesystem has been set read-only
[  290.695489][ T6788] attempt to access beyond end of device
[  290.695489][ T6788] loop4: rw=0, want=2073, limit=128
[  291.331001][ T6829] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  291.338781][ T6829] FAT-fs (loop3): Filesystem has been set read-only
[  291.345324][ T6829] attempt to access beyond end of device
[  291.345324][ T6829] loop3: rw=0, want=2073, limit=128
[  291.598805][ T6842] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  291.607700][ T6842] ext4 filesystem being mounted at /root/syzkaller-testdir430026690/syzkaller.aIITRV/111/bus supports timestamps until 2038 (0x7fffffff)
[  292.060343][ T6852] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d)
[  292.074435][ T6852] proc: Unknown parameter 'keyring'
[  292.080421][ T6852] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  292.607868][ T6861] netem: change failed
[  292.747680][ T6863] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  292.755267][ T6863] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  292.764405][ T6863] F2FS-fs (loop3): invalid crc value
[  292.771363][ T6863] F2FS-fs (loop3): Found nat_bits in checkpoint
[  292.806018][ T6863] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  292.813074][ T6863] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  292.958307][ T6876] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  292.967123][ T6876] ext4 filesystem being mounted at /root/syzkaller-testdir2321671921/syzkaller.eVNA3Z/114/bus supports timestamps until 2038 (0x7fffffff)
[  293.555959][ T6003] attempt to access beyond end of device
[  293.555959][ T6003] loop3: rw=2051, want=53248, limit=40427
[  293.572692][ T6003] attempt to access beyond end of device
[  293.572692][ T6003] loop3: rw=2051, want=77824, limit=40427
[  293.586922][ T6003] attempt to access beyond end of device
[  293.586922][ T6003] loop3: rw=2051, want=86016, limit=40427
[  293.607224][ T6003] F2FS-fs (loop3): Issue discard(6144, 6144, 512) failed, ret: -5
[  293.607250][ T6003] F2FS-fs (loop3): Issue discard(7168, 7168, 2560) failed, ret: -5
[  293.614875][ T6003] F2FS-fs (loop3): Issue discard(10240, 10240, 512) failed, ret: -5
[  294.911067][ T6924] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  295.009290][   T24] kauditd_printk_skb: 54 callbacks suppressed
[  295.009301][   T24] audit: type=1107 audit(1718526672.188:3333): pid=6931 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  295.124586][   T24] audit: type=1400 audit(1718526672.298:3334): avc:  denied  { module_load } for  pid=6936 comm="syz-executor.2" path="/sys/kernel/notes" dev="sysfs" ino=1416 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  295.124641][ T6937] Module has invalid ELF structures
[  295.597319][  T730] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  295.754401][   T24] audit: type=1400 audit(1718526672.928:3335): avc:  denied  { nlmsg_read } for  pid=6945 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  295.957047][  T730] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.967827][  T730] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.977358][  T730] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  295.986192][  T730] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.994647][  T730] usb 3-1: config 0 descriptor??
[  296.319678][ T6958] tmpfs: Unknown parameter 'nolazytime˙˙'
[  296.804377][ T6964] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.811419][ T6964] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.818660][ T6964] device bridge_slave_0 entered promiscuous mode
[  296.825393][ T6964] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.832531][ T6964] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.840157][ T6964] device bridge_slave_1 entered promiscuous mode
[  296.884271][ T6964] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.891179][ T6964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.898217][ T6964] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.904997][ T6964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.926871][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.934306][  T395] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.941491][  T395] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.950801][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.958761][  T395] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.965589][  T395] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.976029][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.984203][  T395] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.991065][  T395] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.004087][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.007116][  T730] uclogic 0003:256C:006D.0022: failed retrieving Huion firmware version: -71
[  297.013896][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  297.027896][  T730] uclogic 0003:256C:006D.0022: failed probing parameters: -71
[  297.027958][  T730] uclogic: probe of 0003:256C:006D.0022 failed with error -71
[  297.029082][  T730] usb 3-1: USB disconnect, device number 23
[  297.045177][  T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  297.062257][ T6964] device veth0_vlan entered promiscuous mode
[  297.068862][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  297.076808][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  297.084850][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  297.098731][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  297.107843][ T6964] device veth1_macvtap entered promiscuous mode
[  297.117338][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  297.127352][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.149930][ T6969] tipc: Started in network mode
[  297.154701][ T6969] tipc: Own node identity f0, cluster identity 4711
[  297.161506][ T6969] tipc: 32-bit node address hash set to f0
[  297.248232][    T7] device bridge_slave_1 left promiscuous mode
[  297.254354][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.262036][    T7] device bridge_slave_0 left promiscuous mode
[  297.268027][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.275641][    T7] device veth1_macvtap left promiscuous mode
[  297.281552][    T7] device veth0_vlan left promiscuous mode
[  297.496049][  T727] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  298.107182][  T727] usb 1-1: Using ep0 maxpacket: 8
[  298.236489][  T727] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  298.245565][  T727] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.259976][  T727] usb 1-1: config 0 descriptor??
[  298.517107][  T727] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  298.747097][ T7013] fuse: Unknown parameter '017777777777777777777770000000000000000000000000000000000000000'
[  299.517096][  T730] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  299.607047][ T3503] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  299.757030][  T730] usb 4-1: Using ep0 maxpacket: 32
[  299.877089][  T730] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.887922][  T730] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.897472][  T730] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  299.906292][  T730] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.947450][  T730] hub 4-1:4.0: USB hub found
[  299.967103][ T3503] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.977892][ T3503] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.987450][ T3503] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  299.996272][ T3503] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.006804][ T3503] usb 3-1: config 0 descriptor??
[  300.087150][  T727] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  300.097205][  T727] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  300.107217][  T727] asix: probe of 1-1:0.0 failed with error -71
[  300.113820][  T727] usb 1-1: USB disconnect, device number 21
[  300.167092][  T730] hub 4-1:4.0: 2 ports detected
[  300.307014][  T395] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  300.667289][  T395] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.677982][  T395] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.687770][  T395] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  300.697062][  T395] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.705973][  T395] usb 5-1: config 0 descriptor??
[  300.832940][   T24] audit: type=1326 audit(1718526678.008:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  300.856817][   T24] audit: type=1326 audit(1718526678.008:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4aba378c0b code=0x7ffc0000
[  300.880743][   T24] audit: type=1326 audit(1718526678.008:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4aba378c0b code=0x7ffc0000
[  300.904700][   T24] audit: type=1326 audit(1718526678.058:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4aba3a42b5 code=0x7ffc0000
[  300.967156][ T3503] uclogic 0003:256C:006D.0023: failed retrieving Huion firmware version: -71
[  300.975794][ T3503] uclogic 0003:256C:006D.0023: failed probing parameters: -71
[  300.983660][ T3503] uclogic: probe of 0003:256C:006D.0023 failed with error -71
[  300.992041][ T3503] usb 3-1: USB disconnect, device number 24
[  301.000562][ T7035] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.008217][ T7035] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.015361][ T7035] device bridge_slave_0 entered promiscuous mode
[  301.022165][ T7035] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.029181][ T7035] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.036364][ T7035] device bridge_slave_1 entered promiscuous mode
[  301.081035][   T24] audit: type=1326 audit(1718526678.258:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  301.081910][ T7035] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.104957][   T24] audit: type=1326 audit(1718526678.258:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4aba378c0b code=0x7ffc0000
[  301.111682][ T7035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.111787][ T7035] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.149351][ T7035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.156431][   T24] audit: type=1326 audit(1718526678.258:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4aba378c0b code=0x7ffc0000
[  301.177204][ T1020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  301.188604][ T1020] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.195770][ T1020] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.196327][   T24] audit: type=1326 audit(1718526678.328:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4aba3a42b5 code=0x7ffc0000
[  301.209369][  T395] logitech-hidpp-device 0003:046D:C086.0024: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.4-1/input0
[  301.246985][  T730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  301.254954][  T730] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.261803][  T730] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.269112][  T730] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  301.277104][  T730] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.283929][  T730] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.299007][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  301.308072][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  301.326669][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  301.335463][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.343528][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.350821][   T24] audit: type=1326 audit(1718526678.528:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  301.374607][   T24] audit: type=1326 audit(1718526678.528:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aba378ea9 code=0x7ffc0000
[  301.374664][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.406387][ T7035] device veth0_vlan entered promiscuous mode
[  301.417277][ T1020] usb 5-1: USB disconnect, device number 24
[  301.451442][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.465118][ T7035] device veth1_macvtap entered promiscuous mode
[  301.477742][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  301.486024][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  301.496868][ T7040] tmpfs: Unknown parameter 'nolazytime˙˙'
[  301.572067][ T7051] overlayfs: failed to resolve './file1': -2
[  302.029884][   T54] usb 4-1: USB disconnect, device number 35
[  302.047427][  T730] hub 4-1:4.0: hub_ext_port_status failed (err = -71)
[  302.218504][    T7] device bridge_slave_1 left promiscuous mode
[  302.226085][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.253157][    T7] device bridge_slave_0 left promiscuous mode
[  302.280607][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.312591][    T7] device veth1_macvtap left promiscuous mode
[  302.312622][    T7] device veth0_vlan left promiscuous mode
[  302.677049][  T396] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  302.718122][  T730] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  302.956968][  T730] usb 3-1: Using ep0 maxpacket: 32
[  303.037065][  T396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.057907][  T396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.067816][  T396] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  303.077055][  T396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.077197][  T730] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.095759][  T730] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.095995][  T396] usb 1-1: config 0 descriptor??
[  303.105369][  T730] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  303.119531][  T730] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.167507][  T730] hub 3-1:4.0: USB hub found
[  303.437671][  T730] hub 3-1:4.0: 2 ports detected
[  304.019592][  T396] logitech-hidpp-device 0003:046D:C086.0025: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0
[  304.223055][  T396] usb 1-1: USB disconnect, device number 22
[  304.407152][ T3503] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  304.777148][ T3503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  304.805905][ T3503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  304.822423][ T3503] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  304.832606][ T3503] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.845111][ T3503] usb 4-1: config 0 descriptor??
[  305.021227][ T7156] 9pnet: p9_errstr2errno: server reported unknown error elf_freezi
[  305.240718][   T25] usb 3-1: USB disconnect, device number 25
[  305.247162][  T730] hub 3-1:4.0: hub_ext_port_status failed (err = -71)
[  305.329747][ T3503] hid (null): bogus close delimiter
[  305.537363][ T3503] usb 4-1: language id specifier not provided by device, defaulting to English
[  305.748503][ T7190] EXT4-fs (loop2): Invalid want_extra_isize 43
[  305.938638][ T7198] 9pnet: p9_errstr2errno: server reported unknown error elf_freezi
[  305.968411][ T3503] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0026/input/input37
[  305.988107][ T3503] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0026/input/input38
[  306.022132][ T3503] uclogic 0003:256C:006D.0026: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  306.179893][   T24] kauditd_printk_skb: 104 callbacks suppressed
[  306.179909][   T24] audit: type=1326 audit(1718526683.358:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.225056][   T25] usb 4-1: USB disconnect, device number 36
[  306.267285][   T24] audit: type=1326 audit(1718526683.358:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.293318][   T24] audit: type=1326 audit(1718526683.388:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.317108][   T24] audit: type=1326 audit(1718526683.388:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.340791][  T396] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  306.354961][   T24] audit: type=1326 audit(1718526683.388:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.387121][   T24] audit: type=1326 audit(1718526683.398:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  306.411477][   T24] audit: type=1326 audit(1718526683.398:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  307.295356][   T24] audit: type=1326 audit(1718526683.398:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3d2a2a2627 code=0x7ffc0000
[  307.327000][   T24] audit: type=1326 audit(1718526683.398:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3d2a268309 code=0x7ffc0000
[  307.362111][   T24] audit: type=1326 audit(1718526683.398:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  307.417002][  T396] usb 2-1: Using ep0 maxpacket: 32
[  307.510627][ T7230] futex_wake_op: syz-executor.4 tries to shift op by 32; fix this program
[  307.594229][ T7241] syz-executor.3[7241] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  307.594283][ T7241] syz-executor.3[7241] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  307.617121][  T396] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.639543][  T396] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.649137][  T396] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  307.658251][  T396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.707502][  T396] hub 2-1:4.0: USB hub found
[  307.817028][    T5] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  307.937084][  T396] hub 2-1:4.0: 2 ports detected
[  307.996992][   T25] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  308.177080][    T5] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.193316][    T5] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.213513][    T5] usb 3-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00
[  308.232069][    T5] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.246737][    T5] usb 3-1: config 0 descriptor??
[  308.297940][ T7266] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  308.306795][ T7266] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  308.316034][ T7266] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  308.323899][ T7266] System zones: 0-2, 18-18, 34-34
[  308.329503][ T7266] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1047: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  308.344156][ T7266] EXT4-fs (loop4): 1 truncate cleaned up
[  308.349657][ T7266] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  308.437180][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.450819][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.466284][   T25] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  308.475714][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.484743][   T25] usb 4-1: config 0 descriptor??
[  308.497634][ T7233] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[  308.511915][ T7233] EXT4-fs (sda1): re-mounted. Opts: (null)
[  308.569559][ T7275] syz-executor.0[7275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.569615][ T7275] syz-executor.0[7275] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  308.748408][    T5] kye 0003:0458:501A.0027: unknown main item tag 0x0
[  308.766534][    T5] kye 0003:0458:501A.0027: unknown main item tag 0x0
[  308.776727][    T5] kye 0003:0458:501A.0027: hidraw0: USB HID v0.00 Device [HID 0458:501a] on usb-dummy_hcd.2-1/input0
[  308.855684][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  309.028523][   T25] hid (null): bogus close delimiter
[  309.237314][   T25] usb 4-1: language id specifier not provided by device, defaulting to English
[  309.498312][    T5] kye 0003:0458:501A.0027: tablet-enabling feature report not found
[  309.506138][    T5] kye 0003:0458:501A.0027: tablet enabling failed
[  309.577277][ T3503] usb 2-1: USB disconnect, device number 20
[  309.577309][    T5] usb 3-1: USB disconnect, device number 26
[  309.718452][   T25] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0028/input/input39
[  309.733073][   T25] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0028/input/input40
[  309.745556][   T25] uclogic 0003:256C:006D.0028: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  309.930746][    T5] usb 4-1: USB disconnect, device number 37
[  310.008687][ T7321] EXT4-fs (loop4): 1 orphan inode deleted
[  310.016643][ T7321] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[  310.062957][ T7321] ext4 filesystem being mounted at /root/syzkaller-testdir2321671921/syzkaller.eVNA3Z/166/file1 supports timestamps until 2038 (0x7fffffff)
[  310.290107][ T7326] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  310.630132][ T7336] futex_wake_op: syz-executor.0 tries to shift op by 32; fix this program
[  310.729309][ T7347] serio: Serial port pts0
[  310.867005][   T25] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  310.880495][ T7360] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x72685a33, utbl_chksum : 0xe619d30d)
[  311.129181][ T7382] EXT4-fs (loop3): 1 orphan inode deleted
[  311.134738][ T7382] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[  311.136979][   T25] usb 3-1: Using ep0 maxpacket: 32
[  311.153400][ T7382] ext4 filesystem being mounted at /root/syzkaller-testdir430026690/syzkaller.aIITRV/158/file1 supports timestamps until 2038 (0x7fffffff)
[  311.828840][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  312.207054][   T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.236991][   T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.269835][   T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  312.284411][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.323138][   T24] kauditd_printk_skb: 4827 callbacks suppressed
[  312.323150][   T24] audit: type=1400 audit(1718526689.498:8287): avc:  denied  { mount } for  pid=7404 comm="syz-executor.0" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  312.352353][   T25] hub 3-1:4.0: USB hub found
[  312.375950][   T24] audit: type=1400 audit(1718526689.548:8288): avc:  denied  { unmount } for  pid=6964 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  312.454722][    T9] tipc: Left network mode
[  312.557157][   T25] hub 3-1:4.0: 2 ports detected
[  312.668008][ T7422] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.674949][ T7422] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.682175][ T7422] device bridge_slave_0 entered promiscuous mode
[  312.689164][ T7422] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.695995][ T7422] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.703395][ T7422] device bridge_slave_1 entered promiscuous mode
[  312.763695][ T7422] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.770563][ T7422] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.777699][ T7422] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.784529][ T7422] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.841223][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.849646][  T727] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.863182][  T727] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.881477][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  312.889832][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.896686][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.904991][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  312.913603][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.920483][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.937864][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  312.945827][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  312.960941][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  312.974148][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  312.982754][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  312.990249][  T727] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  312.998732][ T7422] device veth0_vlan entered promiscuous mode
[  313.013530][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  313.022518][ T7422] device veth1_macvtap entered promiscuous mode
[  313.034678][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  313.042678][   T15] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  313.051312][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  313.061833][ T7430] EXT4-fs (loop1): 1 orphan inode deleted
[  313.067564][ T7430] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[  313.086191][ T7430] ext4 filesystem being mounted at /root/syzkaller-testdir3663088485/syzkaller.rrdAaU/29/file1 supports timestamps until 2038 (0x7fffffff)
[  313.158610][    T9] device bridge_slave_1 left promiscuous mode
[  313.164685][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.172292][    T9] device bridge_slave_0 left promiscuous mode
[  313.178281][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.186133][    T9] device veth1_macvtap left promiscuous mode
[  313.191984][    T9] device veth0_vlan left promiscuous mode
[  313.223532][   T24] audit: type=1326 audit(1718526690.398:8289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  313.249745][   T24] audit: type=1326 audit(1718526690.398:8290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d2a2a4c0b code=0x7ffc0000
[  313.295886][   T24] audit: type=1326 audit(1718526690.398:8291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d2a2a4c0b code=0x7ffc0000
[  313.323700][   T24] audit: type=1326 audit(1718526690.408:8292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3d2a2d02b5 code=0x7ffc0000
[  313.434755][   T24] audit: type=1326 audit(1718526690.608:8293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2a2a4ea9 code=0x7ffc0000
[  313.470678][   T24] audit: type=1326 audit(1718526690.608:8294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d2a2a4c0b code=0x7ffc0000
[  313.542948][   T24] audit: type=1326 audit(1718526690.608:8295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d2a2a4c0b code=0x7ffc0000
[  313.656945][   T24] audit: type=1326 audit(1718526690.638:8296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3d2a2d02b5 code=0x7ffc0000
[  313.831919][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  313.987112][   T15] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  314.002978][   T15] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  314.014139][   T15] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  314.024332][   T15] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  314.037182][   T15] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  314.046039][   T15] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.060471][ T7445] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.067625][ T7445] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.074887][ T7445] device bridge_slave_0 entered promiscuous mode
[  314.088893][ T7445] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.095819][ T7445] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.103355][ T7445] device bridge_slave_1 entered promiscuous mode
[  314.117999][   T15] usb 5-1: invalid MIDI out EP 0
[  314.123350][   T15] snd-usb-audio: probe of 5-1:27.0 failed with error -22
[  314.184310][ T7445] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.191210][ T7445] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.198586][ T7445] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.205424][ T7445] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.235223][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  314.245343][ T3503] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.253013][ T3503] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.273640][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  314.281758][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.288617][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.296015][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  314.309360][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.316221][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.320547][   T15] usb 5-1: USB disconnect, device number 25
[  314.327048][   T25] hub 3-1:4.0: hub_ext_port_status failed (err = -71)
[  314.341322][   T54] usb 3-1: USB disconnect, device number 27
[  314.360910][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  314.369222][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  314.377898][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.395512][ T7445] device veth0_vlan entered promiscuous mode
[  314.402462][ T7455] futex_wake_op: syz-executor.2 tries to shift op by -1; fix this program
[  314.403314][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  314.419457][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  314.426836][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  314.442930][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  314.451896][ T7445] device veth1_macvtap entered promiscuous mode
[  314.471868][ T3503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  314.486488][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  314.536743][ T7463] xt_nat: multiple ranges no longer supported
[  314.600986][ T7469] EXT4-fs (loop2): 1 orphan inode deleted
[  314.606584][ T7469] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[  314.625643][ T7469] ext4 filesystem being mounted at /root/syzkaller-testdir3080445887/syzkaller.M8lzo6/188/file1 supports timestamps until 2038 (0x7fffffff)
[  314.857807][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  315.039246][ T7490] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  315.050903][ T7490] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.0'.
[  315.060828][ T7490] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  315.072120][    T9] device bridge_slave_1 left promiscuous mode
[  315.080098][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.089881][    T9] device bridge_slave_0 left promiscuous mode
[  315.095827][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.103790][    T9] device veth1_macvtap left promiscuous mode
[  315.120106][ T7494] xt_nat: multiple ranges no longer supported
[  315.125268][    T9] device veth0_vlan left promiscuous mode
[  315.462790][ T7517] EXT4-fs (loop1): 1 orphan inode deleted
[  315.468459][ T7517] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[  315.511131][ T7517] ext4 filesystem being mounted at /root/syzkaller-testdir3663088485/syzkaller.rrdAaU/34/file1 supports timestamps until 2038 (0x7fffffff)
[  315.752060][ T7533] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  315.844056][ T7535] xt_nat: multiple ranges no longer supported
[  316.749016][ T7566] EXT4-fs (loop1): Ignoring removed orlov option
[  316.755266][ T7566] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  316.767949][ T7569] sit: non-ECT from 0.0.0.0 with TOS=0x3
[  316.769727][ T7566] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  316.806110][ T7566] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.1: corrupt xattr in inline inode
[  316.819823][ T7566] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2204: inode #12: comm syz-executor.1: corrupted in-inode xattr
[  316.832387][ T7575] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22
[  317.321884][ T7607] EXT4-fs (loop2): Ignoring removed orlov option
[  317.330300][ T7607] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  317.348570][ T7607] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  317.379344][ T7607] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  317.393193][ T7607] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2204: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  317.489009][ T5109] ==================================================================
[  317.496913][ T5109] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc67/0xc80
[  317.504809][ T5109] Read of size 4 at addr ffff888133961000 by task syz-executor.2/5109
[  317.512774][ T5109] 
[  317.514954][ T5109] CPU: 0 PID: 5109 Comm: syz-executor.2 Tainted: G        W         5.10.214-syzkaller-00187-ge6f44899ce5d #0
[  317.526406][ T5109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  317.536308][ T5109] Call Trace:
[  317.539525][ T5109]  dump_stack_lvl+0x1e2/0x24b
[  317.544035][ T5109]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  317.549323][ T5109]  ? panic+0x80b/0x80b
[  317.553228][ T5109]  ? ext4_mark_iloc_dirty+0x2c23/0x3e60
[  317.558616][ T5109]  print_address_description+0x81/0x3b0
[  317.563991][ T5109]  kasan_report+0x179/0x1c0
[  317.568334][ T5109]  ? __ext4_journal_ensure_credits+0x470/0x470
[  317.574319][ T5109]  ? ext4_xattr_delete_inode+0xc67/0xc80
[  317.579789][ T5109]  ? ext4_xattr_delete_inode+0xc67/0xc80
[  317.585258][ T5109]  __asan_report_load4_noabort+0x14/0x20
[  317.590729][ T5109]  ext4_xattr_delete_inode+0xc67/0xc80
[  317.596037][ T5109]  ? sb_end_intwrite+0x110/0x110
[  317.600796][ T5109]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  317.606698][ T5109]  ? __kasan_check_read+0x11/0x20
[  317.611557][ T5109]  ext4_evict_inode+0x1095/0x1730
[  317.616419][ T5109]  ? ext4_inode_is_fast_symlink+0x360/0x360
[  317.622147][ T5109]  ? inode_io_list_del_locked+0x1ad/0x210
[  317.627698][ T5109]  ? _raw_spin_unlock+0x4d/0x70
[  317.632387][ T5109]  ? ext4_inode_is_fast_symlink+0x360/0x360
[  317.638116][ T5109]  evict+0x2a3/0x6c0
[  317.641846][ T5109]  iput+0x632/0x7e0
[  317.645493][ T5109]  vfs_rmdir+0x271/0x3f0
[  317.649570][ T5109]  do_rmdir+0x2cf/0x5c0
[  317.653561][ T5109]  ? d_delete_notify+0xd0/0xd0
[  317.658278][ T5109]  ? strncpy_from_user+0x18e/0x2d0
[  317.663227][ T5109]  ? getname_flags+0x1fd/0x520
[  317.667847][ T5109]  __x64_sys_unlinkat+0xdf/0xf0
[  317.672511][ T5109]  do_syscall_64+0x34/0x70
[  317.676792][ T5109]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  317.682490][ T5109] RIP: 0033:0x7f3d2a2a4687
[  317.686751][ T5109] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  317.706184][ T5109] RSP: 002b:00007ffdb9512bc8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  317.714431][ T5109] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f3d2a2a4687
[  317.722241][ T5109] RDX: 0000000000000200 RSI: 00007ffdb9513d70 RDI: 00000000ffffff9c
[  317.730050][ T5109] RBP: 00007f3d2a301636 R08: 0000000000000000 R09: 0000000000000000
[  317.737859][ T5109] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffdb9513d70
[  317.745759][ T5109] R13: 00007f3d2a301636 R14: 000000000004d743 R15: 0000000000000007
[  317.753581][ T5109] 
[  317.755738][ T5109] The buggy address belongs to the page:
[  317.761228][ T5109] page:ffffea0004ce5840 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x133961
[  317.771277][ T5109] flags: 0x4000000000000000()
[  317.775798][ T5109] raw: 4000000000000000 ffffea0004b7dc08 ffffea0004e58088 0000000000000000
[  317.784213][ T5109] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  317.792708][ T5109] page dumped because: kasan: bad access detected
[  317.798964][ T5109] page_owner tracks the page as freed
[  317.804175][ T5109] page last allocated via order 0, migratetype Movable, gfp_mask 0x8100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x8000000), pid 7606, ts 317370061780, free_ts 317408885683
[  317.820573][ T5109]  prep_new_page+0x166/0x180
[  317.824997][ T5109]  get_page_from_freelist+0x2d8c/0x2f30
[  317.830379][ T5109]  __alloc_pages_nodemask+0x435/0xaf0
[  317.835760][ T5109]  wp_page_copy+0x201/0x1940
[  317.840193][ T5109]  do_wp_page+0x71b/0xca0
[  317.844356][ T5109]  handle_pte_fault+0x1685/0x3e30
[  317.849210][ T5109]  __handle_speculative_fault+0x13a6/0x1ec0
[  317.854939][ T5109]  exc_page_fault+0x234/0x5b0
[  317.859454][ T5109]  asm_exc_page_fault+0x1e/0x30
[  317.864137][ T5109] page last free stack trace:
[  317.868653][ T5109]  free_unref_page_prepare+0x2ae/0x2d0
[  317.873948][ T5109]  free_unref_page_list+0x122/0xb20
[  317.879219][ T5109]  release_pages+0xea0/0xef0
[  317.883646][ T5109]  free_pages_and_swap_cache+0x8a/0xa0
[  317.889149][ T5109]  tlb_finish_mmu+0x177/0x320
[  317.893663][ T5109]  exit_mmap+0x312/0x5c0
[  317.897921][ T5109]  __mmput+0x95/0x2d0
[  317.901710][ T5109]  mmput+0x59/0x170
[  317.905359][ T5109]  do_exit+0xbda/0x2a50
[  317.909439][ T5109]  do_group_exit+0x141/0x310
[  317.913874][ T5109]  get_signal+0x10a0/0x1410
[  317.918206][ T5109]  arch_do_signal_or_restart+0xbd/0x17c0
[  317.923672][ T5109]  exit_to_user_mode_loop+0x9b/0xd0
[  317.928881][ T5109]  syscall_exit_to_user_mode+0xc5/0x1d0
[  317.934260][ T5109]  do_syscall_64+0x40/0x70
[  317.938516][ T5109]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  317.944234][ T5109] 
[  317.946402][ T5109] Memory state around the buggy address:
[  317.951881][ T5109]  ffff888133960f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  317.959983][ T5109]  ffff888133960f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  317.967886][ T5109] >ffff888133961000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  317.975779][ T5109]                    ^
[  317.979686][ T5109]  ffff888133961080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
2024/06/16 08:31:35 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  317.987588][ T5109]  ffff888133961100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  317.995479][ T5109] ==================================================================
[  318.003385][ T5109] Disabling lock debugging due to kernel taint
[  318.076975][ T1020] usb 5-1: new high-speed USB device number 26 using dummy_hcd