last executing test programs:

7.894248376s ago: executing program 3 (id=2946):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x952b, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000880)={0xa, 0x0, 0x0, @empty}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0}])

7.621384419s ago: executing program 4 (id=2947):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpquota}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi")
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0xfffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00', <r3=>0x0})
unshare(0x400)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)={[{@huge_within_size}]})
chdir(&(0x7f0000000140)='./file0\x00')
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fstat(r4, &(0x7f0000000280))
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000840)={@private1, r3}, 0x14)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x7709, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000500, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

7.389786824s ago: executing program 3 (id=2949):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = eventfd(0x0)
fremovexattr(r0, &(0x7f0000000140)=ANY=[@ANYBLOB='o'])

7.10293277s ago: executing program 3 (id=2950):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x9ec9]}, 0x8)
read$char_usb(r0, &(0x7f00000004c0)=""/186, 0xba)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000400), &(0x7f0000000440)=r0}, 0x20)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f0000000900)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0x0, 0x0)
write$selinux_attr(r0, &(0x7f0000000240)='system_u:object_r:modules_object_t:s0\x00', 0x26)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
open(0x0, 0x802, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.711003081s ago: executing program 2 (id=2951):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x40}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x90)

6.664273158s ago: executing program 4 (id=2952):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
bind$inet(r0, &(0x7f0000000440)={0x2, 0x8, @broadcast}, 0x10)

6.300744895s ago: executing program 2 (id=2953):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
r1 = socket(0x0, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(r1, 0x0, 0x0)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(r4, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1400000010000100000000000000000000000a1400000011000100a194481f83d838efee1b207d9a4214bcf0e7fc4e95510ed87c983fb99cd565287d1ad0bc75d55cccb69afedb6b4f6d103910d765263e8b72caf4265226664b3084e45b00000000000000af6325313f72d3862ae5080d44de21eb6011a695879085baa21bd3019d20447e50ddf957bba6682d8edb44d2bf96ce4933cc906ba0d15aeb97bb05d0781a97eb81e9d62431a8ea"], 0x28}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1bebe43a1d80fb78860c805e7dbf51be2ada34567a81c7c05a450fa5644cbe9721562667e58c10c5b6ed6e99b47f20f681362d077d4abc1ec578416efb2f1a259cf2f4302b6494c39bf2453b3259a3b7dc", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007a8af8ff00000000bfa200000000000007020000f1ffffff0000000008000000b780755948b2002105e2034fe76a062bb9096113426315b370ce18077b8a3f6f2c317bedc849edfbd592f605b723f07bc417fa7b4d39e15509a29114b902000000e77b159438d0ee05800f94ead97d70ff11cdb67e963124c4ba6364fcd70b53ad4d428b9c8e46390b7d170f73b79f56da0e5198d9e24f7c888eae0986fe52948b3cc2939344a70edae6cbc5e99009451f4ed12db9f1399fa5420c321c05a202f547f3dc1668648a8d5f"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1a}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r7, &(0x7f00000003c0))
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x7fffffff, 0x8000})
umount2(&(0x7f0000000100)='./file0\x00', 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.281367098s ago: executing program 4 (id=2954):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000300)='tmpfs\x00', &(0x7f0000000340)='\\\x88*t\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000000c0)='(}\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000080)='tmpfs\x00', &(0x7f0000000100)="02", 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='}\x00', &(0x7f00000002c0)='^\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000200)='\x00', &(0x7f0000000240)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000500)='+&,\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@grpquota}]}, 0xfe, 0x45a, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvzLblt62IP0DQKhqJP1pafsjBi0YTDpqY6AHjqbYLqSzU0JoIIVo94NGQeDfe/QOMJ70Y9WTiVe+GhBguoKc1szMDS9ktXbplofv5JLP73syD974z83bezNttAH1rNHtJIrZGxJ8RMZxnby4wmr9du3J++t8r56eTqNff+SdplLt65fx0WbT8d1vyTL1e5De0qPfC+xFTtVr1TJEfXzj10fj82XMvzZ6aOlE9UT09eeTIwQN7hg5PHupKnFlcV3d9Ord759H3Lr41feziB79+l7V3a7G9OY5uGc33bkvPdruyHtvWlE4GetgQOlKJiOxwDTb6/3BUYtP1bcPxxhc9bRywpur1er3V9bmwWAfWsSR63QKgN8oLfXb/Wy53aehxT7j8an4DlMV9rVjyLQOR5oknB5fc33bTaEQcW/zvm2yJNXoOAQDQ7Mds/PNiq/FfGo/kiaHs5YFiDmUkIh6MiO0R8VBE7IiIhyMaZR+NiMc6rH/pDMmt45/00h0HtwLZ+O+VYm7r5vFfWhYZqRS5bY34B5Pjs7Xq/mKf7IvBDcdnk+rEMnX89PofX7Xb1jz+y5as/nIsWLTj0sCSB3QzUwtTq4m52eXPI3YNtIo/iXIaJ4mInRGx6w7rmH2+/YTQ7eNfRhfmmerfRjyXH//FWBJ/KWk7Pznx8uHJQ+Mbo1bdP16eFbf67fcLb7erf1Xxd0F2/De3PP+vxz+SbIyYP3vuZGO+dr7zOi789WXbe5oOz/+j24rzfyh5t7FiqNjwydTCwpmJiKHkzVvXT97438p8WT6Lf9/e1v1/e9zYE49HxO6I2BMRT2Q3hUXbn4qIpyNi7zLx//LaMx92Hv8yT+W7KIt/5nbHP5qPf+eJysmff+g8/lJ2/A82UvuKNSv5/FtpA1ez7wAAAOB+kTa+A5+kY9fTaTo2ln+Hf0dsTmtz8wsvHJ/7+PRM/l35kRhMyyddw03PQyeKZ8NlfnJJ/kDx3PjryqZGfmx6rjbT6+Chz21p0/8zf1d63Tpgzfm9FvQv/R/6l/4P/SnR/6Gv6f/Qv1r1/8/alh77fk0bA9xVrv/Qv1bQ/xfzt/ajAuD+5PoP/Uv/h77U9rfx6ap+8i+x7hOR3hPNWP+JgRX/MYsOEvXhvP9naza0LNPrTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+D8AAP//Yz/jTQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=@newtclass={0x2c, 0x28, 0x400, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xb}, {0xa, 0xfff1}, {0xb, 0xffe0}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x1}}]}, 0x2c}}, 0x4810)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x8ec00}], 0x12, 0x1400, 0x0, 0x3)

5.824751469s ago: executing program 2 (id=2957):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, r4, 0x0, '\x00', 0x0, r4, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18007c001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000187b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e8500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_clone(0x11008011, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
wait4(r7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x6d}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x6, 0x1, 0xc, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2179, 0x77, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xb, {[@global=@item_4={0x3, 0x1, 0xa, "f46f664c"}, @global=@item_4={0x3, 0x1, 0x3, "d30d6fbf"}, @global]}}, 0x0}, 0x0)

5.311346859s ago: executing program 0 (id=2958):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
chdir(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000340)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x9c, &(0x7f0000000140)=""/156, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
unshare(0x400)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400000010000100000000000000000000000001"], 0x7c}}, 0x0)

5.250579929s ago: executing program 1 (id=2959):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x952b, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000880)={0xa, 0x0, 0x0, @empty}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0}])

5.166444192s ago: executing program 4 (id=2960):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2000003, &(0x7f0000000000), 0x1, 0x4e9, &(0x7f0000000240)="$eJzs3VFrHFsdAPD/TLL3pr25bi6K1IJtsZW0aHeTxrZBpFYQfSqo9T3GZBNCNtmQ3dQmFE3xVRBEVPDJJ18EP4Ag/QgiFPRdtCiirT74oB3Z3dm2SXeTlKRZ3fx+cDrnzJmZ/znT7OzMzmEmgBPrQkTcjoihiLgSEcV8fpqnmWZhu73cs6cP5popiSy7+7ckknxeZ1vN8nBEvNdeJUYi4mtfjvhm8nrc+ubW8my1WlnPy+XGylq5vrl1dWlldrGyWFmdmpq8MX1z+vr0RJY7VD/PRsStLz750fd//qVbv/70t/4w85fL324263Mfbbc7IuYOFaCH9rYLrX3R0dxH628jWB8M5f0p9LshAAAcSPMc/2JEfKJ1/l+ModbZHAAAADBIss+Pxr+TiAwAAAAYWGlEjEaSlvKxAKORpqVSewzvR+J0Wq3VG59aqG2szjfrIsaikC4sVSsT+VjhsSgkzfJkK/+yfG1XeSoiPoiIHxZPtcqluVp1vt8/fgAAAMAJ8d75ndf//yymrTwAAAAwYMZ6FgAAAIBB4ZIfAAAABp/rfwAAABhoX7lzp5myznu85+9tbizX7l2dr9SXSysbc6W52vpaabFWW2w9s2+lx2a+18lUa7W1z8Tqxv1yo1JvlOubWzMrtY3VxszSjldgAwAAAMfog/OPfp9ExPZnT7VS5M8BBNjhT/1uAHCUhvrdAKBvhvvdAKBvCvsuMfwGywL/j5J96nsO3vnN0bcFAAB4O8Y/9vr9/3fyOtf7MNiM9QGAk8f9fzi5CkYAwol3qT15t1f94e//Z9kbNwoAADhSo62UpKX8XuBopGmpFPF+67UAhWRhqVqZiIgPRcTvioV3m+XJ1prJvmOGAQAAAAAAAAAAAAAAAAAAAAAAAIC2LEsiAwAAAAZaRPrnpPU0/4jx4qXR3b8PvJP8qxhP8sJP7/74/myjsT7ZnP/3Yqs+Iho/yedfy7wSAAAAAP4HtK/T8+lkv1sDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKB59vTBXCcdZ9y/fiEixrrFH46R1nQkChFx+h9JDL+yXhIRQ0cQf/thRJx5NX72IsLzLMvG8lZ0i3/qrcTv9D9p7pbYFX+ks156BLHhpHvUPP7c7vb5S+NCa9r98z+cp8PqffxLXxz/hnocf94/YIyzj39Z7hn/YcTZ4e7Hn078pEf8iweM/42vb231qst+FjHe9fsn2RGr3FhZK9c3t64urcwuVhYrq1NTkzemb05fn54oLyxVK/m/XWP84OO/er5X/0/3iD+2T/8vHbD//3l8/+mH29lCt/iXL3b//j3TI36af/d9Ms8368c7+e12/lXnfvHbc3v1f75H//f7/798wP5f+ep3/3jARQGAY1Df3FqerVYr63tkRg6wjIzMYTLZd9p/j4fbziFXfy2T9Xu39DHT7yMTAABw1F6e9Pe7JQAAAAAAAAAAAAAAAAAAAHByHcfjxHbH3O5PVwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9vTfAAAA//9Sgd77")
write$P9_RXATTRCREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={0x0}}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r0, 0x4068aea3, &(0x7f0000000140)={0xbc, 0x0, 0x4})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4)
recvmmsg(r3, &(0x7f0000001440)=[{{&(0x7f0000000280)=@un=@abs, 0x0, &(0x7f0000001400)=[{&(0x7f0000001480)=""/1}, {&(0x7f0000000300)=""/102}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/111}]}}], 0x700, 0x40002002, 0x0)
write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x3e)
ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r4, 0x29, 0x3b, &(0x7f0000000180)=ANY=[], 0x18)
sendto$inet6(r4, 0x0, 0x0, 0xc004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f000000bd00)=[{{0x0, 0x0, &(0x7f0000006d00)=[{&(0x7f0000005640)="d1666624bd957ed3fc3e7b35218e5e", 0xf}, {&(0x7f0000005d00)="4074d70a5f7d8528435cfd7d419291dbf67c7645b9c6375297702ff49e70749e1def4859e51b2a894fc0b132e4b2e98236a46a50caca34d67bdaf2390d3513f3aa1ad0dff0f23f42954ffd7c9a62e46f464781318d0304ca2877fd6ab5571f708d8908a3a38d0343935ad5f744ebd0e077428e47f72e9dbcb74d71a30edf2b63649dc9af4ff10e1e1ee11faa895cc3dfb4a202d6c9ba4dd46428167e01a2c5379eab93aae2d4193815d73d534fef2da3929234273ceaeaaf57f9e5e5706447f2fd379523eb2db92551c2278f3167458bec665b5a17b44b570338fc78d47cb044c91eea51073c469f29fe7bae7619f855df9c80d96ebfb4d490f5a0e030404f7a06d6828f57e6dd53559e51270e8033e266c74ce5ae209c26a5e456e6ebef9caa8a6870726e6afb84e691074cb21b2839987074a6e471be0e897ec5b1cc43568e81470b2872cfd4ffe149fc81c129a19ef7502e962f0ab93ff63fe8427869aac4d16cf740cc88c2da0ec37fec997e6fe947920724e914c11dc9c2f2be7ca537ea01954250af284bf7b9d87cfbf21841fffeb52f599486ad8bba4971d1e0437480e0d7fe65068266f3957184a11d85e8a4621972225027ec553ee028a114f4413b996c668e4f1054ec466cd1177bbdd864e363cd9caa143e34f6878105547f1b31e69207d2b7c1159511fb766485057c46efca7fde5afe3a521b68845ef38c587193fa32027796708fe2f520a731c4a459ce7fc37340ce8666e3c0d096984bbe9f805121fa3130e552bfcea0bfbb3ed8499f11d174f0b167814cce83f528117fdab6e66127539d1d452e9d653ec19da9bdb23edc8afc6f0d503502d75a5f7e2ee112cf5b8e13b533fd9bf4bd2ad50a44a14147b2b00604db5a4b3db81e5c0d1d8dd990ecec3f139e11de7bf5d77166276e8e6ce60c1be3fec7d1ab118931050ceb1acf94204cd4c942dbb8c50c34c5b2bac762098b690a4c8f6b92db3af83df5762e6abd16af536a80af13d86c8ce5d4b87e27b35ebdedcd0c3ab810dff7a6203d01ac131d8db8325d1515320a61185fd0d3e968d08d059579be287a77064a3d1bf1827561b274364f2a58bbd34d202feb03c8226fed6245c889c7db910b79b6a29164a2afa1faf3d8290b5001fdded6aa06dcab39ae7c88e98abb46753b6b83a1688962d8b13750917fc87cfa0e21675e7637c0d0e70772ae3bce7e957e1018b09434ce3371d9c263ef872ae5db926094a95fb509aeb0dbd8e1f1daa81a72b4ce09b1ba211b0188c1eb528a6a3a8547b5fd4d36d15efe21278fa42dc11ac7f4a9b59a9458dbefe3df10ce2dd2b2d2a4043c4965c42a0613bf82c3fb3e76de898427bea2d5142be45a52eb7e75b867263d08358ea62a71703443a2d25511c4cfd64dc077628708e487e4b6b402f838a61ff23106a8a43b43eda787e7124ed5993fa7d24e6e52f3f92aea42c998fcefefa03464a4c5889fc9743053f9cfc88e5cc8576a567180414e8c345bdf564ee4dd9a065f004dc3df2ee960aa10a481190fbc3d0eaf63fac31199e50020cc7bb8b1726ce768bdd6eb8a6bf904266f866792fa59a93a3766579754a35c76b059236ae72f57a80e01f740a623bf1ec3309a32e1e5ca59e63a94029aa681b196e6f2bb54e0da26aad28383d5906f48b27cb95ffd9c5e758a6f7b444fc5f5e2ee5fc485a7e7922590c7e94018e2e7298c50e0b4b7d397d779795d03afb43fedd048bb7fcbccd96fa8daef8530980a09db83d5f4ffcdf522ceb9c8824fb0387a43bb39335e4233cc924686cfb633f53fe5080524c1ee8751537c6d7e1fa56d931bd8019060a2b05db7799f8364bdc67dc2d5f2651d0af17a5318f320798808bf86b59c46daef0bc9135e4e4e8844443bd7fd6f21df461a7c8e05f53d44ff93b572bde0e9e3a5a6de3c69903dcfc25f772717b8d3a3f4e1491a310c3bb5c4b4d8738fb65395c37b19279aac20201c7fed812910c5fc4bd2064908f5d069b173c01ca1074539bd910408", 0x594}], 0x2}}, {{0x0, 0x0, &(0x7f0000006f80)=[{&(0x7f0000006f00)="ea", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000007200)="ad", 0x1}], 0x1}}], 0x3, 0x400c804)
sendmmsg$inet6(r4, &(0x7f00000023c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="db3c04be54cfce004e9c3b721c5ffa87eb95e84afb6d8344d2cacbb02b793c5238e4026ce643112a50c679abba6375fc129de796ab0f4114c4bde717d966297a7271e02b34cd26f930db6473d9eb1b5de667c2fb7503d50fa278feaccdad02b010d1f72b8e1f7e4bf64a14c352b729c48bb642", 0x73}, {&(0x7f0000000180)="b01ccc0f983fe35eaab8f64f4067e814c460dea30ea217d303d2ba3026b084ca4634ae49f2e6fbaa1ac57e32692dcdae0a0462cd243eaff405499fe51ed42bf0d4fac5f9104dd36020da0134ab6bf497a45d64c402b5e0e29e32def4fb9985030c7d302e8fd1b64d7859b7a8fd23b1d8f9437a1e626efc7b2a3cf59c257b19b068a72d33f969ca2ec9396efe65b1303e6288312bb3fa71d496f3a3357a3bacf05c08d1902a8daf409ae74a1df677de9703aa6a721f", 0xb5}, {&(0x7f0000000580)="094034a7d344f0facc09cb51953ab551eb7c997dd99f3d8236e7affbda8dd9490396abde4901eba7e7ccc421632ef2d1ccd7d30a35c0f9226cadefd4b565adce94bae006611b713e3b86cdbf663ec11a2d84ebef755645666ce621da97a6fd5919b703ab4cabfe10f99d5df44cb0ea70aa57c3fccc4919d3a4c584d727bc66aa6c7854589893c99b4ca19c820fa3bb7dfb2a3461f0ca039d4a31505a8c51bd7eea8715feff9486aea8b7b8ef72274f109bc0cc9a3f1bc4570c42a4ab7ea4a058032a36430bc0d77438136cd1f4289e7f1059669328a34898641b2f5df79dbf", 0xdf}, {&(0x7f0000000b80)="5b3bc6e488d684422b104d47d4412c771d8a4d3117319d55ed0b96240b08298d3b2eb4dfbad2a1ce5237d1056116692fa11c95623099078d9e9e26d220221b53be3949a5abf4f1915a2c4a247c6ebcdfd2b09d9ed1baa735680094808eec59b86cbb55312e7c673e78ba85e1dee920cd9fe373485e82688b4c466b20a237174022d2852166867a31a308f1700c27d48c29e3d7807925092979c268259c05cd90bf85f7424deee3463e8383f569695b7d494b8326b248e742ebb045615be54286e176ddae7fb3b91740e99a70b06836e0d65665e7a94b0f875ac6918afb52e356f1f34bc3e50a8cbb8b9692794fbb1d815da070d86fe2789be0900fa41ca4c8b03f846754941d922a1540aacafde05de8d206a6ba7c2d34e8062ec62e2972740b6b1824d33524aecd837ddd4c718361e136395266b8b4151becb4a6ce818b535fcbc798af13984035c09707f000e95c895123eb7ae30d7c22bc0d26bbf9136260144cec4a8e2dc379c5938d43c128d3a3d5633333c93127d2b1987634c1e8295474732764432a8c34dde28120728db3b0bdfb72c3a49d6e2a2c7e96cab910be806b73e5c22860f1cd4adcf05af768dda09bf545f164b99cd21bf3e831c3fd233b83ab67f565eeceb50151ee077c886a2d7556cd2214ec9adbf2d78f97c9ca1f398b230264f7a2e86c7ca7777bfaa5a9a653be3c64978ad01092b252f824bc3472daf6333a74bb83141def34cb2117cefd11304f6bf1df4ee284a1916749e76773e7d29b2d6825e4edd77956153ec53341a5aa34e82a4266527901217ea574ae982442f929daf1c781ece0dc444d91e5b9f2f36be04777b47093b835c773e787b8c4170874516850a8330954fafd258a7fea627e037b2b82b0845cb7994beab60fd28942ee066a007a0a829dd74a2b17cb710ad658fd4bb72bd203b4a1438de072ea07a11db7952ec95677a3123976ef91300911b67dd09659cddf5c7f475020495cf026736eccf8148ca0d5c71be3cac31ef6f3c577ce791bfb6d72913e93c88cfffa7833a98f1e3de3e3489bbf9d56491d63a47b8901cb612ee4cd1381c836692b4a0089527ad10e9416a8bc617f397dbd5d1ce5825cfd6ec563508fb1639eaf73efdece1fabf68ecb1e1241d07fc83ec94dba447877ad3fb469045167211b2534f16e1af3b6fdf1e90b7b703ac2f60c38941b680c528ca712fc85f9e81642253e5a48fffed9a2cab03d8332a7d0d05abe6bd285a1865056d6f9377e6c7130f6980f35b4272af9062d62a9281dadcbed4825effba2", 0x395}], 0x4}}], 0x1, 0x0)

4.344092891s ago: executing program 1 (id=2961):
r0 = syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setgroups(0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000e00)={0x484, 0xb, 0x2, 0x101, 0x70bd2b, 0x25dfdbfe, {0xa, 0x0, 0x9}, [@typed={0x8, 0xfb, 0x0, 0x0, @uid}, @nested={0x34b, 0x55, 0x0, 0x1, [@generic="ac2de00453f2366f76a020a00f08aaf37f83a748e48eb437992586c44c331b39bf008827672d63893bd21fc5cc80f6ea6f45df31a1f8f47538576e83442e350b63eb784c020b9a811523579d0b4ba3697e6823a604b424d77a88fd7f9013160051145c3f444867d2ec5382be6b318e0e6286703765ffba0a1be3b5697b6db7f64c1578709df8b0989d07f0ca8927620aa3b320dc885a0a9e90c639702ffa152cdd1b1a12b5bd2f0e0308753416b3059fb1bdb3e01993a8d03af37af47d1402b9fe3866c46f65b8a4499c86d21cef07fa021b19a5", @typed={0xc, 0x0, 0x0, 0x0, @u64=0xd80}, @typed={0x8, 0xf5, 0x0, 0x0, @uid}, @typed={0x8, 0xcb, 0x0, 0x0, @u32=0x1746}, @typed={0x14, 0x89, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0x8, 0x20, 0x0, 0x0, @str='$(-\x00'}, @generic="52a1c7afac6ada031443598747136beaa1b7ffb4bf4d1acc827d80b812b9944a3227916da809095f03c72cb0a20e9579a7f8ed39b57aad10c89fbec92017b9849f10d0a1888317f88d2893ab89", @typed={0x4, 0x100}, @generic="99b9e733871a03671a691fa48d10b4e804d07a07129b759139d53faa63e72ed64a54f451414a03a2f62b22780f398a3c3c1bf3abd5f3aea97668664afb38effd53da86c3ecf756bda668f317b50dcefeab04e07e8ad5ed3d78ff25beb15f4ac138e80a26b256b53cf205428b03ff95701b9196637c01626d2963844d27faa8d97bc484d0d0554dbc4d0cc738d433dfd40290226ebd7e04a787df6468bc951d35742cead0d6d4687fb46d850b5586c38e59eba78d7674dc8d6f2df64ab2cf2868b37bf34cab7f386696fe5a36b41ade987de17e4e60516d3130708d67516782c2d361fa9de25c7f94ac4f09bd15f7218e9afeb3d41c348d00d01a0427a9a9", @generic="de998df07197233d5ca839d32342a67d2accfe34d82f60a65eb186767a6437a6700208157522e5c99fd5fab47fcae33fc5c1ab488e5f7b139324d311ad417b06c54256b578a6cf86fec270e98bfe296d83d49befca1370d05c252225b8154332c2b8e51e3c93a01e9193ce8eec52c4b6b6fd0ddfb18f1c00626bfb304d9b1b4238809d5e7f1d7c125b15a498685bfce7f4d91f9cfc1346441dd6ffae865e6ba022278ee17278afc7008403e13227ff847b4d0891ce76d78008a1ade36d93f78b9d09c92fc60e8344106d657e834f1241e7f1d3eab92334473891c27d84624d9093d838732cd074efcd7746a4"]}, @typed={0x8, 0x67, 0x0, 0x0, @u32=0x100}, @nested={0x109, 0x1f, 0x0, 0x1, [@typed={0xc, 0x149, 0x0, 0x0, @u64=0xfffffffffffffe00}, @generic="b0515e6bdde239bfaa26de361988fab14d68ef42cbefcff5913f93c4d4968468dfd6924dd1127774a0bbb87e9afc14c9f04b3585b60fffc29bfa6b2b918a97e255b75cb6f3312dd9f000b333daa11a14acc9ca8193cdcc755d3bf6b6bcc39d18aa083f58e254854722db7b35ba89d73636e355910c2993e479a510dd8865afd66db8c617f2bab9ae38348c0c7c840a7080a1b263ceaff0afedbe35622bf35fe88fa2005f460a68ddc393a5ac78deaf89210186cb913437e7c95d9460265ccbd6c5b7c229387671400f7066f55d5865deb20195b677d35753533534dcc16d04aca739f7266b958a8c91677e07a9d92dac83", @typed={0x7, 0x78, 0x0, 0x0, @str='$:\x00'}]}, @typed={0x8, 0x40, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x484}, 0x1, 0x0, 0x0, 0x20002004}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000880)=[0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000008c0)=[0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], 0x0, 0xde, &(0x7f0000000940)=[{}], 0x8, 0x10, &(0x7f0000000980), &(0x7f00000009c0), 0x8, 0x81, 0x8, 0x8, &(0x7f0000000a00)}}, 0x10)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000d00)=ANY=[@ANYBLOB="9f0000000000000c0000000c000000461f000007a2ff1a921604f9739483a69954253c90c542be784a5569d9fb72b691e3f1e87037171d962dc0c98ce8846deb347474179f5c7d2983231a1d3b7224887d001e56ef142d280000000000"], &(0x7f0000000bc0)=""/108, 0x2a, 0x6c, 0x1, 0x7}, 0x20)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000c80)={0x3, 0x4, 0x4, 0xa, 0x0, r2, 0x74c, '\x00', r3, r4, 0x4, 0x5, 0x1}, 0x48)
r6 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x5, 0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x0, 0xc}, 0x48)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001080)={0x6, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="180000003d070000000000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff00000000010000000018230000", @ANYRES32=r7, @ANYRESOCT=0x0], &(0x7f0000000b80)='GPL\x00', 0xffffffff, 0xe0, &(0x7f0000000e80)=""/224, 0x41000, 0x49, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000f80)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000fc0)={0xffffffff, 0x3, 0xe1, 0x1}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000001000)=[r7, r5, r6], &(0x7f0000001040)=[{0x1, 0x2, 0x2, 0x6}, {0x0, 0x5, 0x4, 0x4}, {0x5, 0x1, 0x3, 0x5}], 0x10, 0x3}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f0000000200)}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000300)=""/180, 0xb4, <r8=>0x0, &(0x7f00000003c0)=""/10, 0xa}}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0x19, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa3}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9c70}, @printk={@llu}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x1, 0x18, &(0x7f0000000180)=""/24, 0x41000, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x3, 0x5, 0xac8, 0x6}, 0x10, r8, 0xffffffffffffffff, 0x7, &(0x7f0000000540)=[0x1, 0x1, r9], &(0x7f0000000580)=[{0x1, 0x4, 0xd, 0xa}, {0x3, 0x1, 0x9, 0xa}, {0x3, 0x1, 0xc, 0x9}, {0x4, 0x2, 0xf, 0x9}, {0x3, 0x2, 0x2}, {0x2, 0x5, 0x4, 0x2}, {0x5, 0x4, 0xf, 0x4}], 0x10, 0x1}, 0x90)
lchown(&(0x7f00000006c0)='./file0\x00', r1, 0xee01)
setxattr$system_posix_acl(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x10, &(0x7f0000000280)={[{@norecovery}, {@bsdgroups}, {@jqfmt_vfsv0}, {@grpquota}, {@noblock_validity}]}, 0xfd, 0x550, &(0x7f0000000b80)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r10 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r11, &(0x7f00000000c0)='./file2\x00', r10, &(0x7f0000000100)='./file1\x00', 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r12, &(0x7f0000000300)=[{&(0x7f0000000140)="e7", 0x300}], 0x1, 0xa00, 0x0, 0x0)

3.946322383s ago: executing program 1 (id=2962):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpquota}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi")
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0xfffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00', <r3=>0x0})
unshare(0x400)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)={[{@huge_within_size}]})
chdir(&(0x7f0000000140)='./file0\x00')
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fstat(r4, &(0x7f0000000280))
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000840)={@private1, r3}, 0x14)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x7709, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000500, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

3.720613648s ago: executing program 0 (id=2963):
r0 = socket$unix(0x1, 0x5, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x9}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000140)={0x0, 0x7fff, 0x0, 0xfc}, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0xf, &(0x7f0000000580)={&(0x7f0000000780)=@newqdisc={0x1ac, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x174, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x42, 0x0, 0xfa, 0x2, 0x2, 0x0, 0x256, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x2, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x5, 0x3}}, {0xa, 0x2, [0xffff, 0x6, 0x8000]}}, {{0x1c, 0x1, {0x6, 0x4, 0x400, 0x658, 0x2, 0x8, 0x6, 0x4}}, {0xc, 0x2, [0x0, 0x3, 0x0, 0xffff]}}, {{0x1c, 0x1, {0x18, 0x80, 0xf9c, 0x0, 0x0, 0x5, 0x8758, 0x9}}, {0x16, 0x2, [0x9, 0x7966, 0x3, 0x23, 0x4d3, 0x4, 0xff, 0x67e, 0x6]}}, {{0x1c, 0x1, {0x4, 0x89, 0x8001, 0x6, 0x0, 0x80000001, 0x7f, 0x3}}, {0xa, 0x2, [0x9, 0x0, 0x6]}}, {{0x1c, 0x1, {0x6d, 0x3f, 0x7fff, 0x8001, 0x2, 0x9, 0x0, 0x1}}, {0x6, 0x2, [0x8]}}, {{0x1c, 0x1, {0x4, 0xff, 0x0, 0x2, 0x1, 0x5, 0x0, 0x4}}, {0xc, 0x2, [0x1d, 0x9f37, 0x101, 0x5]}}, {{0x1c, 0x1, {0x68, 0x3, 0x0, 0xfff, 0x0, 0x6, 0x4, 0x1}}, {0x6, 0x2, [0x800]}}, {{0x1c, 0x1, {0x6, 0x9, 0x3ff, 0x3, 0x2, 0x29, 0x3, 0x7}}, {0x12, 0x2, [0x7ac1, 0x6, 0x80, 0x400, 0x7ff, 0x401, 0x2]}}]}, @TCA_RATE={0x6, 0x5, {0x7f}}]}, 0x1ac}}, 0x0)
getpid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESOCT=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r6}, 0x10)

3.663921487s ago: executing program 3 (id=2964):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000180)=0xfffffff7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @private2}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2, 0x6}, 0x1c)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
fsync(0xffffffffffffffff)
write$cgroup_int(r1, &(0x7f00000000c0), 0x12)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
syz_emit_ethernet(0x6a, &(0x7f0000000240)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "250389e0369c10bd7e74749b5d0af8b4df9f38314635b470", "4b4d8cfe98459911c3b3e1f78045c9e5a31d7c735f270ec7a76bfe34ebedd3bc"}}}}}}, 0x0)

3.273357358s ago: executing program 4 (id=2965):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) (async)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r1, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0x40305839, &(0x7f0000000000)=ANY=[]) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x10}, 0x18) (async)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000002240), &(0x7f0000000040)=0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040), 0x4)
r4 = socket$packet(0x11, 0x3, 0x300) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x3}) (async)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x2000}, 0x4) (async)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, 0x0, 0x40)
write(0xffffffffffffffff, 0x0, 0x0) (async)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
close(0xffffffffffffffff) (async)
dup2(r0, r6)

3.222770006s ago: executing program 1 (id=2966):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000400000000000000008500000027000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ipv6_route\x00')
getsockopt$netlink(r2, 0x10e, 0x1, &(0x7f00000000c0)=""/25, &(0x7f0000000100)=0x19)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x15, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='cachefiles_mark_active\x00', r3}, 0x10)
symlink(&(0x7f00000003c0)='.\x00', &(0x7f0000000140)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000440)='./bus\x00', 0x0, &(0x7f0000000240)={[{@nobh}, {@stripe={'stripe', 0x3d, 0x10000}}, {@dioread_nolock}]}, 0x1, 0x3f0, &(0x7f00000008c0)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XTWu9PZSQDHVikiXo6IkYg4FxFT+fY0D/F+K2T7bW9tLP29tbGURKPx2p9JJPm24rOS/PVU/gEzaUT6URKP9yh3/dbtG+VarbqWp+fqK2/Nrd+6/ezySvl69Xr15sJz5y9cvPjCpYXnB3asmyvJJ099c/m3zz6ufP7TH99PZ/U9ned1HseglKLU/k52uzTowobsREc8GR1iRQAA2FOaX/uPNq//p2Ikdi7epuLTH4daOQAAAGAgGo3iFQAAADi6Evf+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW0/0zu26/neQSpFxKsnrixkIQ7pOWwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys9ed/ZI74xO/Ps9lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xfwEcvqz/T+7d/s11ctvr9a7vv4zv/rryc7+8e7d/7/P/eHK1WcHxfNs75Xp9bT5iPLncvd2/prbi+yi+r6z9Z57s/ftfXP8l+W//mY71offjlffOXu2Xp/8PV9b+lX31//1H3px8dKZf+ffX/y80K1N8iOu/e7vfBhp2PQEAAAAAAAAYjLQ5ty9JZ9vxNJ2dbc3z/X9MprXV9foz11bfvllpzQGcjrG0mP851TEfdL71GHk7vbArfT4izkbEF1Mnm+nZpdVaZdgHDwAAAMfEqT73/5nfD/KwBwAAAPBwmh52BQAAAIBD5/4fAAAAjrQHWde/Vl0r/kTQAd8uIiLycEaGfGICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOb+CQAA///yfL+b")
r4 = socket(0x11, 0x1, 0x0)
sendmmsg$sock(r4, &(0x7f0000000600)=[{{&(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x2, {{0x40, 0x2}, 0x4}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}, {{&(0x7f0000000080)=@sco={0x1f, @none}, 0x83, 0x0}}], 0x2, 0x0)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
lseek(r5, 0x7f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(r5, &(0x7f0000005fc0)={0x2020}, 0x2020)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000004f000000640000000000000016"], 0x0}, 0x90)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc010905"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020013000000000000000000000000850000f1270000009500000000000000"], 0x0}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x803, 0x0)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000100)='macvtap0\x00', 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000080)={0x1f, 0x1, @fixed}, 0xe)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)

2.700118738s ago: executing program 4 (id=2967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18007c001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000187b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e8500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_clone(0x11008011, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
wait4(r6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x6d}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x6, 0x1, 0xc, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2179, 0x77, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xb, {[@global=@item_4={0x3, 0x1, 0xa, "f46f664c"}, @global=@item_4={0x3, 0x1, 0x3, "d30d6fbf"}, @global]}}, 0x0}, 0x0)

2.153170653s ago: executing program 2 (id=2968):
mkdir(&(0x7f00000000c0)='./control\x00', 0x0)
chmod(&(0x7f0000000940)='./control\x00', 0x9c32f69e6caa24ef)
lchown(0x0, 0x0, 0xee00)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
open(&(0x7f0000000140)='./control\x00', 0x551a01, 0x408)

2.10514983s ago: executing program 0 (id=2969):
mkdir(0x0, 0x0)
chmod(&(0x7f0000000940)='./control\x00', 0x9c32f69e6caa24ef)
open(&(0x7f0000000140)='./control\x00', 0x551a01, 0x408)

1.824336895s ago: executing program 3 (id=2970):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xc, 0x18, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018030000", @ANYRES32, @ANYBLOB="0000000000000d00b70500000800000085000000060000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000180)="cc4a0d8afc03d1541414d0052e76143a1e64a52cb4ea795410413f1f2deff2e7ef6188f293b4de0c6d0513f2bf0d2ba7cc11390921a40bf2485c8c90ba55253bb0557e9ec8fbd6f90f8ef844d02e214348c28c2e6385bdaa3dc13cfae0aa9f73c5090c223b13c9689b0bc1ae", 0x6c}, {&(0x7f0000000200)="6f3922a3b1621ffb4dfdb503c1eea5d4f9262dec5c5b4a2f39f007ed689ae580be729f441fe0e60513a68bd5dcc6dfdbe00baf93bf477f3d2bad2bdfe842d196fdc65af6db3f4cc18105c6ba24e8300f034c075b6fb9ec5774df83b2d128f03fa5e7e65d547b1d1047b0974418d91ce4eafb86dd9e3ab63fa1b4bba8676cdad6cbf56f371b0a0cf0a8fe154324394a5b32", 0x91}, {&(0x7f00000002c0)="6850bb700a10a3aa0e3044cc27d0347389373232dc723dc15ff8c415df75", 0x1e}, {&(0x7f0000000300)="033eb1dabbc9a4890b21e09da21adff7584157e5237969d4ce34e5361a765abcb0d51a1a337a659540ade3978fedb0616c5f3a469d54058e6f42fba09483e6634dce2811e43523654ee8a5c0e764dd660ecbf9cf69bbed17567a6422c713cbb6161d1f714bd061b1b157baefa339b606611456a3d7199c043184e855f9d44dd50686ab66da12bc6e94af55f9dd3082465c2b0b647abb771d6f6193515c0201170b3693bfeed92ef2d9802f14d81eba0d772eaba36ba45a22edeae1a96ba793e0fef349", 0xc3}, {&(0x7f0000000400)="46c49ee07b5ab13f614574f829f16233a37dfd52c547e1a3021f49200c423442613abffcf8521de059648dfb45fcd7bb733afac417c0c650266c47ad50e3cb272fead73d581540c7145dadbd2a4aad266371c0b95478e5ac9dc7148867e4c3b0a83b43a00dee500ebfdb53a8bc8dfc4a3c00f23f1aafe29d78ad653db34f5a6d593305847d190539b09a4ec62239522455505441d095226f57701aecd866d47caeac2581213034001ded5b210f68cdd8611b06d6926b4522d77f02380e6531d05d6c3352c730188602b15ac330e827160c9d1934231b02ea53be5a2694a6703b6a141700d0cc7300b4633706849175f29b1d98ad7a5641c57b1658a6689c", 0xfe}], 0x5, 0x9, 0xbe)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.824179325s ago: executing program 0 (id=2971):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000880)={0xa, 0x0, 0x0, @empty}, 0x1c)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r4, 0x0}])

1.819277216s ago: executing program 2 (id=2972):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0/../file0\x00')
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r0, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffff9c, &(0x7f0000002240)='./file0\x00', 0x0)
r1 = socket$inet(0x2, 0x3, 0x5)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0xc, 0x10003, '\x00', [{0xffffffff}, {0x801}]})
connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000003c0), 0x5}}, {{0x0, 0xff97, &(0x7f0000000440), 0x56}}], 0x2, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$inet6(r3, &(0x7f00000003c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000400)=[@flowinfo={{0x14, 0x29, 0xb, 0xb}}], 0x18}, 0x0)

1.583892732s ago: executing program 3 (id=2973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
set_robust_list(&(0x7f0000000400), 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1c, 0x4, 0x8, 0x8, 0x506f, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0x0, 0xfffffffa}, 0x48)
fadvise64(r2, 0x5, 0xfffffffffffffffe, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xac, 0xba, 0xde, 0x20, 0x4b3, 0x4001, 0x110, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xdf, 0xd0, 0x45}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000600)={'erspan0\x00', &(0x7f0000000500)={'syztnl0\x00', r4, 0x20, 0x7800, 0xb02, 0x80000000, {{0x29, 0x4, 0x1, 0x0, 0xa4, 0x64, 0x0, 0x3, 0x29, 0x0, @rand_addr=0x64010101, @rand_addr=0x64010100, {[@lsrr={0x83, 0x1f, 0x44, [@dev={0xac, 0x14, 0x14, 0x13}, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, @rand_addr=0x64010102, @multicast1, @private=0xa010101]}, @timestamp={0x44, 0xc, 0x79, 0x0, 0x6, [0x9e, 0xdec]}, @cipso={0x86, 0x1c, 0xffffffffffffffff, [{0x7, 0x9, "c4ec606224a34f"}, {0x2, 0x9, "e0786d6e4b0076"}, {0x7, 0x4, "61d4"}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x1c, 0x7e, 0x0, 0x6, [0x3ff, 0x4, 0xfffffff7, 0x6, 0x0, 0x5]}, @timestamp={0x44, 0x28, 0x6a, 0x0, 0x4, [0x5a, 0x2, 0x0, 0x20, 0x8, 0x2, 0x21, 0xfc, 0x2]}]}}}}})
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5}, @IFLA_IPTUN_PMTUDISC={0x5, 0xa, 0x2}]}}}]}, 0x44}}, 0x0)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000006c0)=0xffffffffffffffff, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x9, 0xffff, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000200)={r9, &(0x7f0000000240), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000c80)={r9, &(0x7f00000014c0)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0xaf, 0x3, 0x10, r9, 0x66c, '\x00', r7, r8, 0x3, 0x2, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={0x0}, 0x10)
r10 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r10, 0x4c80, 0xb)

1.400282261s ago: executing program 2 (id=2974):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x9ec9]}, 0x8)
read$char_usb(r0, &(0x7f00000004c0)=""/186, 0xba)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000400), &(0x7f0000000440)=r0}, 0x20)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f0000000900)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0x0, 0x0)
write$selinux_attr(r0, &(0x7f0000000240)='system_u:object_r:modules_object_t:s0\x00', 0x26)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
open(0x0, 0x802, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000500)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0})

1.374956415s ago: executing program 0 (id=2975):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x2)
creat(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x10)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r1, 0x4b49, &(0x7f0000000040)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x1})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0xa, 0x0, &(0x7f0000000200)='syzkaller\x00'}, 0x90)
syz_open_pts(0xffffffffffffffff, 0x0)

950.278171ms ago: executing program 1 (id=2976):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpquota}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi")
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0xfffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00', <r3=>0x0})
unshare(0x400)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000000)={[{@huge_within_size}]})
chdir(&(0x7f0000000140)='./file0\x00')
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fstat(r4, &(0x7f0000000280))
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000840)={@private1, r3}, 0x14)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x7709, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000500, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

880.475892ms ago: executing program 0 (id=2977):
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000000c0), 0x10)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f00000002c0)="8b5181100dc953ffaf8f890a2d0c1e9fa106944ec03b5c156f73af", 0x1b}, {&(0x7f0000000340)="8090875ec06f8848955a8952359a2125dc4d91c6561f0ab0c0c41b614e63", 0x1e}], 0x2}}], 0x2, 0x0)
sendto$packet(r0, &(0x7f0000000240)="3f043608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c64064a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x5}, 0x48)
io_setup(0x3, &(0x7f0000000340))
r3 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4500, &(0x7f0000000300)={[{@init_itable}, {@noquota}, {@nouid32}, {@barrier}, {@resgid}, {@journal_dev={'journal_dev', 0x3d, 0x1ff}}, {@barrier}, {@acl}, {@bh}]}, 0x10, 0x4e0, &(0x7f00000013c0)="$eJzs3cFrHG0ZAPBnNtkvTZvP5FMPnwXbYitp0e4mjW2Dh1pB7EEKar3XmGxCyCYbspu2CUVSvCuIqODJkxfBP0CQ/gkiFPQuVRTRVg8e1JWdna1putuNdLtTkt8PpvO+M5k8z7vNvjvvzMtOAMfWuYi4GREjEXEpIiaz7YVsudWq7LV/7vmzh4utJYlm885fk0iybZ3flWTrU+1D4kREfP1WxLeSV+PWd3bXFqrVylZWLzfWN8v1nd3Lq+sLK5WVysbc3Oy1+evzV+dnBtLOqYi48aU//vB7P/vyjV999v7v7/754rdbaU1k+/e3Y5DaTS+mr0XHaERsvY1gORjJ1sUe+787MsRkAADoq3WO/9GI+FR6/j8ZI+nZKQAAAHCUNL8wEf9KIpoAAADAkVVI58AmhVI2F2AiCoVSqT2H9+NxslCt1RufWa5tbyy158pORbGwvFqtzGRzhaeimLTqs9kc2079yoH6XER8EBE/mBxP66XFWnUp74sfAAAAcEycOjD+/8dkOv4fyzsvAAAAYMCm8k4AAAAAeOuM/wEAAODoM/4HAACAI+2rt2+3lmbn+ddL93a212r3Li9V6mul9e3F0mJta7O0UqutpN/Zt97v91Vrtc3Pxcb2g3KjUm+U6zu7d9dr2xuNu6svPQIbAAAAGKIPzj7+XRIRe58fT5eW9/JOChiKpM/+9CEhT7PKH4aQEDA0I3knAORmNO8EgNwU804AyF2/6wA9J+/8evC5AAAAb8f0J3rf/3dtAI62Qt4JAABD5/4/HF9FMwDh2PtIn/1vfv+/2fy/EgIAAAZuIl2SQim7FzgRhUKpFPF++liAYrK8Wq3MZOOD304Wx1r12fTIpO+cYQAAAAAAAAAAAAAAAAAAAAAAAACgrdlMogkAAAAcaRGFPyXpt/lHTE9emDh4feC95J+T6Toi7v/kzo8eLDQaW7Ot7X97sb3x42z7lTyuYAAAAAAHdcbpnXE8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzS82cPFzvLMOP+5YsRMdU1/tkT6epEFCPi5N+TGN13XBIRIwOIv/coIj7sFj9ppRVT0c6iW/zxHOMXIuLUAOLDcfa41f/c7Pb+K8S5dN39/TeaLW+qd/9XiE7/N7IvfjE7rtX/vD92uBinn/yi3DP+o4jTo937n078pEf/d/6QbfzmN3Z3e+1r/jRiuuvnT/JSrHJjfbNc39m9vLq+sFJZqWzMzc1em78+f3V+pry8Wq1k/3aN8f1P/vI/r2v/yR7xp/q0/8Ih2//vJw+efaxdLHaLf/F898/fD1+N/5X7Wd/f+pv4dFZu7Z/ulPfa5f3O/Pw3Z17X/qUe7e/3/3/xkO2/9LXvPD3kjwIAQ1Df2V1bqFYrW+98IfYi3oE0jn5hPF5sSaL1qkcMJfrYO9B2hReFvHsmAABg0P530p93JgAAAAAAAAAAAAAAAAAAAHB8DePrxA7G3MunqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAr/XfAAAA//9UmtbJ")
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@deltaction={0x28, 0x31, 0xcdf82d82e5df735b, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x4, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)
r5 = fcntl$dupfd(r0, 0x406, r0)
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000400)={0x5, &(0x7f00000003c0)=[{0xf847, 0x4, 0x0, 0x5}, {0x1, 0x9, 0x81, 0x7af8}, {0x0, 0xcc, 0x5, 0x7}, {0x200, 0x9, 0x5, 0x10001}, {0x100, 0x34, 0xff, 0xfffff801}]})
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r7 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
setsockopt$MRT6_TABLE(r6, 0x29, 0xcf, &(0x7f00000001c0)=0xfd, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000a00)='./file1\x00', 0x0, &(0x7f0000000e00)=ANY=[@ANYRESOCT=r3, @ANYRESDEC=r6, @ANYRESHEX=r3, @ANYRES64=r7, @ANYRESHEX=r6, @ANYRES32=r6, @ANYRESDEC=r3, @ANYBLOB="e5896a1ae37d53df65b292f982cf38d0e74cb1fb821f14680645763828326d425059bd4c3c81d1b5155b4a126f82bd5ea411b99943e376cbd09ba70a41b1c5fad71040312b6e31fcd04a95d19c9e5eac7e53f333ed0b81cc08244d905a102b3f2749e8a5df7745941b160023ccf6d600043b26ca5aeecb231e8d27a2c797c18ce5237135d6479431b67d1f492208554424f604616f76b6b3ff991daef85cbbb1c7b8c24a293bfff540f4ba1b541270609051eafb5d39284a4940b333873e0b875f158380135b5984080c6a65b02b51ba56c90cff52655048afb28d3c542300000000000000000000000000005cccd38cf486f1210928ab31d0a8b93186d8680400000007c134832f190c0278e474b7c81282422d07c6d52c74224299c2de12e6612969be764cd413647b220a902701500e465a80e9d5f7e8ca3bdc951e7910e9dc5ab993b53fba476de09cd082a3f1b537a9dc4859657aaf62389260ad988d7855f7a9d085a8e6469a49636e35073c144e1cb235ca53871c9060e2e4b641f30e57620ff67f8b498d13f51660216fb69bf8e21275d2f73a8b52825f700626a3bc6669c54483b0f3f165", @ANYRES64=r6, @ANYRESOCT=r3, @ANYRESOCT=0x0], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==")
r8 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000000000)=0x40000000)
setrlimit(0xc, &(0x7f0000000200)={0x2400000000, 0x40})
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0180c200000008004500005800000000000400000000000000000001248081000000000010000800000086"], 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0)

0s ago: executing program 1 (id=2978):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, r4, 0x0, '\x00', 0x0, r4, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18007c001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000187b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e8500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_clone(0x11008011, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
wait4(r7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x6d}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x6, 0x1, 0xc, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2179, 0x77, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xb, {[@global=@item_4={0x3, 0x1, 0xa, "f46f664c"}, @global=@item_4={0x3, 0x1, 0x3, "d30d6fbf"}, @global]}}, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

[  553.190900][  T580] usb 5-1: Product: syz
[  553.194987][  T580] usb 5-1: Manufacturer: syz
[  553.199442][  T580] usb 5-1: SerialNumber: syz
[  553.205738][  T580] usb 5-1: config 0 descriptor??
[  553.251461][  T580] usb-storage 5-1:0.0: USB Mass Storage device detected
[  553.259080][  T580] usb-storage 5-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  553.645648][ T1866] usb 5-1: USB disconnect, device number 76
[  553.942457][ T9921] 9pnet: Insufficient options for proto=fd
[  554.320178][ T9925] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue
[  554.883946][ T9940] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  555.136141][ T9943] F2FS-fs (loop2): Found nat_bits in checkpoint
[  555.173495][ T9943] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  555.181890][ T9943] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  555.207611][ T9949] FAT-fs (loop0): Unrecognized mount option "shortnaqe=lower" or missing value
[  555.889390][ T9503] attempt to access beyond end of device
[  555.889390][ T9503] loop2: rw=2049, want=45120, limit=40427
[  556.010864][  T378] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  556.068158][ T9968] 9pnet: Insufficient options for proto=fd
[  556.250868][  T378] usb 5-1: Using ep0 maxpacket: 16
[  556.373250][  T378] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  556.386596][  T378] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  556.397573][  T378] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  556.407546][  T378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.428895][  T378] usb 5-1: config 0 descriptor??
[  556.604255][ T9986] 9pnet: Insufficient options for proto=fd
[  556.790810][  T654] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  557.040834][  T654] usb 4-1: Using ep0 maxpacket: 8
[  557.160853][  T654] usb 4-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  557.174535][  T654] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  557.213520][ T9965] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,barrier=0x0000000000000005,grpjquota=,norecovery,noauto_da_alloc,,errors=continue
[  557.231388][ T9965] ext4 filesystem being mounted at /root/syzkaller.l0bbv2/32/file1 supports timestamps until 2038 (0x7fffffff)
[  557.306956][ T9965] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  557.314459][  T654] usb 4-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  557.324367][  T654] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  557.333920][  T654] usb 4-1: SerialNumber: syz
[  557.384239][  T654] hub 4-1:1.0: bad descriptor, ignoring hub
[  557.390732][  T654] hub: probe of 4-1:1.0 failed with error -5
[  557.399136][  T654] usb 4-1: bad CDC descriptors
[  557.590367][ T9984] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  557.600841][  T378] usbhid 5-1:0.0: can't add hid device: -71
[  557.607358][  T378] usbhid: probe of 5-1:0.0 failed with error -71
[  557.618272][  T378] usb 5-1: USB disconnect, device number 77
[  557.632295][ T9985] F2FS-fs (loop0): Unrecognized mount option "test_dummy_encyption" or missing value
[  557.900907][  T372] usb 4-1: USB disconnect, device number 80
[  559.434372][T10022] F2FS-fs (loop4): Found nat_bits in checkpoint
[  559.532990][T10022] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  559.541316][T10022] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  559.551590][T10023] overlayfs: option "workdir=./file2" is useless in a non-upper mount, ignore
[  559.562009][T10023] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  559.995957][ T9322] attempt to access beyond end of device
[  559.995957][ T9322] loop4: rw=2049, want=45120, limit=40427
[  560.383226][T10050] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue
[  560.630833][ T2504] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  560.869992][T10062] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,bsdgroups,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[  560.901765][ T2504] usb 2-1: device descriptor read/64, error 18
[  560.950772][ T1866] hid (null): unknown global tag 0xe
[  560.958607][ T1866] hid-generic 0000:0000:0000.0043: unknown main item tag 0xd
[  560.967031][ T1866] hid-generic 0000:0000:0000.0043: unknown main item tag 0xd
[  560.975289][ T1866] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0
[  560.982968][ T1866] hid-generic 0000:0000:0000.0043: unknown main item tag 0x7
[  560.990437][ T1866] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0
[  560.998341][ T1866] hid-generic 0000:0000:0000.0043: unknown global tag 0xe
[  561.006074][ T1866] hid-generic 0000:0000:0000.0043: item 0 1 1 14 parsing failed
[  561.015130][ T1866] hid-generic: probe of 0000:0000:0000.0043 failed with error -22
[  561.070919][  T580] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  561.300833][ T2504] usb 2-1: device descriptor read/64, error 18
[  561.430966][  T580] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.444855][T10078]  loop4: p1 < > p4
[  561.450906][T10078] loop4: p4 size 8388608 extends beyond EOD, truncated
[  561.451143][  T580] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.467712][  T580] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  561.487838][  T580] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.511579][  T580] usb 1-1: config 0 descriptor??
[  561.570850][ T2504] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  561.609629][T10082] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  561.622613][T10082] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  561.631992][T10082] System zones: 0-1, 4-36, 102-102
[  561.637530][T10082] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  561.680054][T10076] rtc_cmos 00:00: Alarms can be up to one day in the future
[  561.696521][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  561.711056][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  561.722117][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  561.744985][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  561.758639][  T354] rtc rtc0: __rtc_set_alarm: err=-22
[  561.764430][T10066] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  561.861361][ T2504] usb 2-1: device descriptor read/64, error 18
[  561.954921][ T9503] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  561.968028][ T9503] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  562.012510][  T580] logitech-hidpp-device 0003:046D:C086.0044: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0
[  562.236413][T10092] binder: 10088:10092 ioctl c0306201 0 returned -14
[  562.280063][ T1866] usb 1-1: USB disconnect, device number 86
[  562.478090][T10094] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.485166][T10094] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.490894][ T2504] usb 2-1: device descriptor read/64, error 18
[  562.493593][T10094] device bridge_slave_0 entered promiscuous mode
[  562.505973][T10094] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.513413][T10094] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.521349][T10094] device bridge_slave_1 entered promiscuous mode
[  562.595844][T10094] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.602832][T10094] bridge0: port 2(bridge_slave_1) entered forwarding state
[  562.610021][T10094] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.617221][T10094] bridge0: port 1(bridge_slave_0) entered forwarding state
[  562.625192][ T2504] usb usb2-port1: attempt power cycle
[  562.652192][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  562.665372][ T1866] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.673809][ T1866] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.695929][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  562.716995][  T580] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.723987][  T580] bridge0: port 1(bridge_slave_0) entered forwarding state
[  562.740048][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  562.750028][  T580] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.758434][  T580] bridge0: port 2(bridge_slave_1) entered forwarding state
[  562.784482][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  562.797277][  T179] device bridge_slave_1 left promiscuous mode
[  562.804461][  T179] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.812814][  T179] device bridge_slave_0 left promiscuous mode
[  562.819610][  T179] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.893225][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  562.912818][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  562.933609][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  562.950153][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  562.967552][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  562.983144][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  563.031291][ T2504] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  563.140864][ T2504] usb 2-1: device descriptor read/8, error -71
[  563.392265][T10116] erofs: (device loop0): mounted with opts: , root inode @ nid 36.
[  563.580944][ T2504] usb 2-1: device descriptor read/8, error -71
[  563.643618][T10110] F2FS-fs (loop2): Found nat_bits in checkpoint
[  563.656989][   T23] audit: type=1400 audit(1719625680.923:488): avc:  denied  { nlmsg_tty_audit } for  pid=10111 comm="syz.0.2517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  563.708177][T10110] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  563.716111][T10110] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  563.849997][  T372] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  563.981161][T10133] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.131350][T10094] attempt to access beyond end of device
[  564.131350][T10094] loop2: rw=2049, want=45120, limit=40427
[  564.180623][T10123] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.188781][  T372] usb 5-1: Using ep0 maxpacket: 8
[  564.320936][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.340198][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  564.351658][  T372] usb 5-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  564.364719][  T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.380022][  T372] usb 5-1: config 0 descriptor??
[  564.842913][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.846664][   T23] audit: type=1400 audit(1719625682.113:489): avc:  denied  { getopt } for  pid=10138 comm="syz.1.2524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  564.852457][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.885486][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.895110][  T354] rtc_cmos 00:00: Alarms can be up to one day in the future
[  564.907872][  T354] rtc rtc0: __rtc_set_alarm: err=-22
[  564.993203][  T372] uclogic 0003:2179:0077.0045: item fetching failed at offset 5/7
[  565.003120][  T372] uclogic 0003:2179:0077.0045: parse failed
[  565.010295][  T372] uclogic: probe of 0003:2179:0077.0045 failed with error -22
[  565.044104][   T23] audit: type=1400 audit(1719625682.313:490): avc:  denied  { create } for  pid=10142 comm="syz.0.2523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  565.091830][T10143]  loop2: p1 < > p4
[  565.097766][T10143] loop2: p4 size 8388608 extends beyond EOD, truncated
[  565.153078][T10145] EXT4-fs (loop0): Test dummy encryption mode enabled
[  565.161324][T10145] EXT4-fs (loop0): Ignoring removed oldalloc option
[  565.169569][T10145] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  565.262621][   T23] audit: type=1400 audit(1719625682.533:491): avc:  denied  { name_bind } for  pid=10150 comm="syz.1.2525" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  565.349437][T10152] fuse: Unknown parameter 'rootm/de'
[  565.565671][T10154] fuse: Bad value for 'user_id'
[  565.956492][T10161] netlink: 'syz.0.2529': attribute type 37 has an invalid length.
[  565.971602][T10161] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2529'.
[  565.983097][T10161] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=10161 comm=syz.0.2529
[  566.009388][T10162] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10162 comm=syz.3.2528
[  566.256983][  T654] usb 5-1: USB disconnect, device number 78
[  566.561079][T10165] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  566.576103][T10165] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  566.585077][T10165] System zones: 0-1, 4-36, 102-102
[  566.592018][T10165] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  566.671513][T10166] EXT4-fs (loop2): Unsupported blocksize for fs encryption
[  566.965321][ T9428] EXT4-fs error (device loop0): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  567.001575][ T9428] EXT4-fs error (device loop0): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  567.072867][  T383] tipc: Disabling bearer <eth:xfrm0>
[  567.078333][  T383] tipc: Left network mode
[  567.225552][T10178] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  567.240943][T10178] ext4 filesystem being mounted at /root/syzkaller.l0bbv2/41/file0 supports timestamps until 2038 (0x7fffffff)
[  567.458333][T10184] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.469726][T10184] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.480246][T10184] device bridge_slave_0 entered promiscuous mode
[  567.495804][T10184] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.504599][T10184] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.513152][T10184] device bridge_slave_1 entered promiscuous mode
[  567.592801][T10184] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.601534][T10184] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.608930][T10184] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.617672][T10184] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.646583][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  567.655860][ T2504] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.664457][ T2504] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.691745][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  567.701656][ T2504] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.710427][ T2504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  567.718575][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  567.728266][ T2504] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.735178][ T2504] bridge0: port 2(bridge_slave_1) entered forwarding state
[  567.746048][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  567.754823][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  567.765337][  T383] device bridge_slave_1 left promiscuous mode
[  567.772687][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.786962][  T383] device bridge_slave_0 left promiscuous mode
[  567.794604][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.858082][T10192] fuse: Bad value for 'user_id'
[  567.903388][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  567.911820][   T23] audit: type=1400 audit(1719625685.173:492): avc:  denied  { nlmsg_read } for  pid=10191 comm="syz.3.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  567.941384][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  567.959487][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  567.974649][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  567.985803][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  568.232455][   T23] audit: type=1400 audit(1719625685.503:493): avc:  denied  { setopt } for  pid=10197 comm="syz.0.2537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  568.475880][   T23] audit: type=1400 audit(1719625685.743:494): avc:  denied  { mount } for  pid=10202 comm="syz.4.2542" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  568.510916][  T654] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  568.744260][T10213] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  568.763476][T10213] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  568.772549][T10213] System zones: 0-1, 4-36, 102-102
[  568.778859][T10213] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  568.870887][  T654] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  568.893043][  T654] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  568.912756][  T654] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.085011][T10094] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  569.099350][T10094] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  569.100902][  T654] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  569.142008][  T654] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.164935][  T654] usb 2-1: Product: syz
[  569.169933][  T654] usb 2-1: Manufacturer: syz
[  569.182691][  T654] usb 2-1: SerialNumber: syz
[  569.231555][  T654] cdc_ncm 2-1:1.0: bind() failure
[  569.294779][T10221] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  569.322988][T10221] loop_set_status: loop0 () has still dirty pages (nrpages=2)
[  569.377211][   T23] audit: type=1400 audit(1719625686.643:495): avc:  denied  { setattr } for  pid=10220 comm="syz.0.2547" path="/root/syzkaller.76sFMb/1/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  569.470518][   T23] audit: type=1400 audit(1719625686.733:496): avc:  denied  { unmount } for  pid=9322 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  569.687056][T10228] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.694168][T10228] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.702112][T10228] device bridge_slave_0 entered promiscuous mode
[  569.710082][T10228] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.717697][T10228] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.725703][T10228] device bridge_slave_1 entered promiscuous mode
[  569.811529][T10228] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.818862][T10228] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.826530][T10228] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.834158][T10228] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.865662][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  569.867300][   T23] audit: type=1400 audit(1719625687.133:497): avc:  denied  { ioctl } for  pid=10237 comm="syz.0.2553" path="socket:[92876]" dev="sockfs" ino=92876 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  569.902393][ T2504] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.913282][ T2504] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.933202][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  569.942862][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.950224][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.958149][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  569.967046][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.974033][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.982187][  T383] device bridge_slave_1 left promiscuous mode
[  569.988995][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.997016][  T383] device bridge_slave_0 left promiscuous mode
[  570.003322][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.079800][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  570.090338][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  570.117667][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  570.133228][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  570.150191][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  570.158895][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  570.178531][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  570.188801][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  570.201358][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  570.210371][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  570.369157][T10245] fuse: Bad value for 'fd'
[  570.595924][T10247] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2555'.
[  570.609357][T10247] sch_tbf: burst 88 is lower than device sit0 mtu (1480) !
[  570.896193][  T372] usb 2-1: USB disconnect, device number 72
[  571.314975][T10257] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #15: comm syz.2.2558: iget: bad i_size value: -67835469387268086
[  571.328650][T10257] EXT4-fs (loop2): Remounting filesystem read-only
[  571.335367][T10257] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz.2.2558: couldn't read orphan inode 15 (err -117)
[  571.347964][T10257] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nouid32,noload,
[  571.358765][T10257] ext4 filesystem being mounted at /root/syzkaller.KdLupX/1/file0 supports timestamps until 2038 (0x7fffffff)
[  571.818215][T10269] F2FS-fs (loop0): Found nat_bits in checkpoint
[  571.910952][T10269] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  571.919028][T10269] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  572.110704][T10276] overlayfs: "xino" feature enabled using 32 upper inode bits.
[  572.131823][T10285] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  572.150151][T10285] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  572.158292][T10285] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  572.168083][T10285] EXT4-fs (loop2): 1 truncate cleaned up
[  572.174563][T10285] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,user_xattr,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,
[  572.198582][T10285] EXT4-fs error (device loop2): ext4_map_blocks:617: inode #2: block 4: comm syz.2.2562: lblock 0 mapped to illegal pblock 4 (length 1)
[  572.216860][T10285] EXT4-fs (loop2): Remounting filesystem read-only
[  572.228015][T10285] EXT4-fs error (device loop2) in ext4_evict_inode:276: Readonly filesystem
[  572.239738][T10285] EXT4-fs error (device loop2): ext4_map_blocks:617: inode #2: block 4: comm syz.2.2562: lblock 0 mapped to illegal pblock 4 (length 1)
[  572.467216][T10184] attempt to access beyond end of device
[  572.467216][T10184] loop0: rw=2049, want=45120, limit=40427
[  573.331277][  T372] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  573.580859][  T372] usb 5-1: Using ep0 maxpacket: 32
[  573.700868][  T378] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  573.701059][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  573.720858][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  573.732692][  T372] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  573.741922][  T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.751451][  T372] usb 5-1: config 0 descriptor??
[  573.770871][T10304] raw-gadget gadget: fail, usb_ep_enable returned -22
[  573.791475][  T372] hub 5-1:0.0: USB hub found
[  574.000956][  T372] hub 5-1:0.0: 2 ports detected
[  574.007427][T10314] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  574.016189][T10314] EXT4-fs (loop2): orphan cleanup on readonly fs
[  574.023464][T10314] EXT4-fs warning (device loop2): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  574.039084][T10314] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  574.047360][T10314] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz.2.2572: bg 0: block 40: padding at end of block bitmap is not set
[  574.066956][T10314] EXT4-fs error (device loop2) in ext4_free_blocks:5019: Corrupt filesystem
[  574.077606][T10314] EXT4-fs (loop2): 1 truncate cleaned up
[  574.085542][  T378] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.087356][T10314] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  574.099785][  T378] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.114248][T10314] EXT4-fs error (device loop2): ext4_xattr_block_get:544: inode #16: comm syz.2.2572: corrupted xattr block 31
[  574.130442][  T378] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  574.135583][T10314] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  574.144815][  T378] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.154023][T10314] EXT4-fs error (device loop2): ext4_xattr_block_get:544: inode #16: comm syz.2.2572: corrupted xattr block 31
[  574.167959][  T378] usb 2-1: config 0 descriptor??
[  574.175564][T10314] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  574.652503][  T378] hid-generic 0003:044F:B65D.0046: unknown main item tag 0x0
[  574.660514][  T378] hid-generic 0003:044F:B65D.0046: unbalanced collection at end of report description
[  574.673633][  T378] hid-generic: probe of 0003:044F:B65D.0046 failed with error -22
[  574.744515][T10324] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  574.755755][T10324] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  574.764104][T10324] System zones: 0-1, 4-36, 102-102
[  574.769766][T10324] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  575.032812][T10228] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  575.046928][T10228] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  575.226127][T10334] overlayfs: "xino" feature enabled using 32 upper inode bits.
[  575.446129][T10337] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.463942][T10337] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.480691][T10337] device bridge_slave_0 entered promiscuous mode
[  575.494672][T10337] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.507019][T10337] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.515099][T10337] device bridge_slave_1 entered promiscuous mode
[  575.567868][  T372] usb 2-1: USB disconnect, device number 73
[  575.621362][T10337] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.628955][T10337] bridge0: port 2(bridge_slave_1) entered forwarding state
[  575.636173][T10337] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.643028][T10337] bridge0: port 1(bridge_slave_0) entered forwarding state
[  575.688941][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  575.698728][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.707639][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.718999][  T383] device bridge_slave_1 left promiscuous mode
[  575.742111][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.752778][  T383] device bridge_slave_0 left promiscuous mode
[  575.777643][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.939659][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  575.952023][  T378] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.959195][  T378] bridge0: port 1(bridge_slave_0) entered forwarding state
[  575.970456][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  575.979842][  T378] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.987805][  T378] bridge0: port 2(bridge_slave_1) entered forwarding state
[  576.011337][ T1286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  576.032846][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  576.064187][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  576.084700][ T1286] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  576.107548][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  576.121381][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  576.139635][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  576.149064][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  576.180440][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  576.191877][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  576.232712][T10345] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2581'.
[  576.253122][T10345] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=10345 comm=syz.1.2581
[  576.450256][ T1866] usb 5-1: USB disconnect, device number 79
[  576.536546][T10349] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,bsdgroups,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[  577.014124][T10361] fuse: Bad value for 'fd'
[  577.440830][ T1866] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  577.932143][T10385] EXT4-fs (loop4): Ignoring removed orlov option
[  577.953068][T10385] EXT4-fs (loop4): mounted filesystem without journal. Opts: block_validity,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue
[  578.050962][ T1866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  578.064874][ T1866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  578.078176][ T1866] usb 3-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  578.088917][ T1866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.099826][ T1866] usb 3-1: config 0 descriptor??
[  578.686541][T10368] FAT-fs (loop2): Directory bread(block 64) failed
[  578.695288][T10368] FAT-fs (loop2): Directory bread(block 65) failed
[  578.700839][ T1286] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  578.703525][T10368] FAT-fs (loop2): Directory bread(block 66) failed
[  578.720571][T10368] FAT-fs (loop2): Directory bread(block 67) failed
[  578.732375][T10368] FAT-fs (loop2): Directory bread(block 68) failed
[  578.741465][T10368] FAT-fs (loop2): Directory bread(block 69) failed
[  578.748709][T10368] FAT-fs (loop2): Directory bread(block 70) failed
[  578.758429][T10368] FAT-fs (loop2): Directory bread(block 71) failed
[  578.766802][T10368] FAT-fs (loop2): Directory bread(block 72) failed
[  578.775600][T10368] FAT-fs (loop2): Directory bread(block 73) failed
[  578.880806][   T74] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  578.930892][ T1866] usbhid 3-1:0.0: can't add hid device: -71
[  578.938418][ T1866] usbhid: probe of 3-1:0.0 failed with error -71
[  578.950429][ T1866] usb 3-1: USB disconnect, device number 78
[  579.071789][ T1286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.085802][ T1286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.100168][ T1286] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  579.111394][ T1286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.121323][T10400] F2FS-fs (loop0): Found nat_bits in checkpoint
[  579.122269][ T1286] usb 2-1: config 0 descriptor??
[  579.140814][   T74] usb 4-1: Using ep0 maxpacket: 8
[  579.166403][T10400] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  579.177867][T10400] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  579.290986][   T74] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.306011][   T74] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.319244][   T74] usb 4-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  579.330706][   T74] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.341658][   T74] usb 4-1: config 0 descriptor??
[  579.396337][T10408] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2930: inode #16: comm syz.4.2595: corrupted xattr block 8
[  579.412700][T10408] EXT4-fs warning (device loop4): ext4_evict_inode:321: xattr delete (err -117)
[  579.422793][T10408] EXT4-fs (loop4): 1 orphan inode deleted
[  579.429294][T10408] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  579.440025][T10408] ext4 filesystem being mounted at /root/syzkaller.l0bbv2/51/bus supports timestamps until 2038 (0x7fffffff)
[  579.457057][T10337] FAT-fs (loop2): Filesystem has been set read-only
[  579.613177][ T1286] hid-generic 0003:044F:B65D.0047: unbalanced collection at end of report description
[  579.628764][ T1286] hid-generic: probe of 0003:044F:B65D.0047 failed with error -22
[  579.755509][T10184] attempt to access beyond end of device
[  579.755509][T10184] loop0: rw=2049, want=45120, limit=40427
[  579.843101][   T74] uclogic 0003:2179:0077.0048: item fetching failed at offset 5/7
[  579.866711][   T74] uclogic 0003:2179:0077.0048: parse failed
[  579.889077][   T74] uclogic: probe of 0003:2179:0077.0048 failed with error -22
[  579.920780][ T1286] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  580.006457][T10416] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.020943][T10416] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.029864][T10416] device bridge_slave_0 entered promiscuous mode
[  580.072787][T10416] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.080491][T10416] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.089073][T10416] device bridge_slave_1 entered promiscuous mode
[  580.181572][T10416] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.189446][T10416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  580.197838][T10416] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.205797][T10416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  580.237850][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  580.247621][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.255336][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.266343][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  580.276218][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.285097][  T354] bridge0: port 1(bridge_slave_0) entered forwarding state
[  580.298937][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  580.308195][ T1286] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  580.320091][ T1866] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.327398][ T1866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  580.335455][ T1286] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  580.345338][ T1286] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.359282][    T9] device bridge_slave_1 left promiscuous mode
[  580.366367][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.374225][    T9] device bridge_slave_0 left promiscuous mode
[  580.382273][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.494030][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  580.502244][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  580.519431][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  580.528958][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  580.540867][ T1286] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  580.545902][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  580.550886][ T1286] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.559375][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  580.569011][ T1286] usb 5-1: Product: syz
[  580.581305][ T1286] usb 5-1: Manufacturer: syz
[  580.585471][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  580.585893][ T1286] usb 5-1: SerialNumber: syz
[  580.595311][  T580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  580.615778][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  580.626239][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  580.637853][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  580.641574][ T1286] cdc_ncm 5-1:1.0: bind() failure
[  580.648982][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  581.212076][ T1286] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  581.222769][  T580] usb 4-1: USB disconnect, device number 81
[  581.253959][  T378] usb 2-1: USB disconnect, device number 74
[  581.471019][ T1286] usb 3-1: Using ep0 maxpacket: 32
[  581.611016][ T1286] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  581.623923][ T1286] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  581.640589][ T1286] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  581.652378][ T1286] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.698047][ T1286] usb 3-1: config 0 descriptor??
[  581.730116][T10438] 9pnet: Insufficient options for proto=fd
[  581.855604][T10425] raw-gadget gadget: fail, usb_ep_enable returned -22
[  581.882140][ T1286] hub 3-1:0.0: USB hub found
[  582.090859][ T1286] hub 3-1:0.0: 2 ports detected
[  582.122406][  T378] usb 5-1: USB disconnect, device number 80
[  582.342479][T10443] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  582.361152][T10443] EXT4-fs (loop0): Ignoring removed orlov option
[  582.374877][T10443] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  582.403680][T10443] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  583.158322][T10455] F2FS-fs (loop0): Found nat_bits in checkpoint
[  583.216788][T10455] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  583.227107][T10455] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  583.830431][T10184] attempt to access beyond end of device
[  583.830431][T10184] loop0: rw=2049, want=45120, limit=40427
[  583.855720][   T23] audit: type=1400 audit(1719625701.123:498): avc:  denied  { create } for  pid=10467 comm="syz.3.2610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  584.250425][T10479] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2614'.
[  584.261202][T10479] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2614'.
[  584.648770][ T1866] usb 3-1: USB disconnect, device number 79
[  585.010947][ T1286] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  585.102690][  T654] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  585.330824][ T1286] usb 1-1: Using ep0 maxpacket: 8
[  585.451074][ T1286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.463644][ T1286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.476688][  T654] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.487958][ T1286] usb 1-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  585.499450][  T654] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  585.508605][ T1286] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.516540][  T654] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.525489][ T1286] usb 1-1: config 0 descriptor??
[  585.532874][  T654] usb 5-1: config 0 descriptor??
[  585.744678][T10497] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  585.754669][T10497] EXT4-fs (loop2): Ignoring removed orlov option
[  585.762112][T10497] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  585.785961][T10497] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  586.017594][  T654] keytouch 0003:0926:3333.0049: fixing up Keytouch IEC report descriptor
[  586.042453][ T1286] uclogic 0003:2179:0077.004A: item fetching failed at offset 5/7
[  586.100054][ T1286] uclogic 0003:2179:0077.004A: parse failed
[  586.110319][  T654] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0049/input/input31
[  586.123232][ T1286] uclogic: probe of 0003:2179:0077.004A failed with error -22
[  586.214618][  T654] keytouch 0003:0926:3333.0049: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  586.614756][T10511] F2FS-fs (loop2): invalid crc value
[  586.624636][T10511] F2FS-fs (loop2): Found nat_bits in checkpoint
[  586.676216][T10511] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  586.712045][   T23] audit: type=1326 audit(1719625703.983:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10510 comm="syz.2.2621" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f190e54bb99 code=0x0
[  586.885450][T10519] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2616'.
[  586.991607][   T23] audit: type=1400 audit(1719625704.253:500): avc:  denied  { getopt } for  pid=10510 comm="syz.2.2621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  587.302345][  T378] usb 1-1: USB disconnect, device number 87
[  587.445501][T10416] attempt to access beyond end of device
[  587.445501][T10416] loop2: rw=2049, want=45104, limit=40427
[  588.177792][  T654] usb 5-1: USB disconnect, device number 81
[  588.383617][T10544] FAT-fs (loop2): Unrecognized mount option "¡�þS=ƒÑ ¹W’‚é˜Ç" or missing value
[  589.172497][T10561] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  589.180279][T10561] EXT4-fs (loop4): Ignoring removed orlov option
[  589.187291][T10561] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  589.201246][T10561] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  590.439173][T10586] F2FS-fs (loop4): Found nat_bits in checkpoint
[  590.493657][T10586] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  590.501331][T10586] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  591.203551][T10599] FAT-fs (loop2): Unrecognized mount option "¡�þS=ƒÑ ¹W’‚é˜Ç" or missing value
[  591.203792][ T9322] attempt to access beyond end of device
[  591.203792][ T9322] loop4: rw=2049, want=45120, limit=40427
[  591.810922][T10611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2645'.
[  593.402063][T10645] input: syz1 as /devices/virtual/input/input32
[  593.534167][   T23] audit: type=1400 audit(1719625710.803:501): avc:  denied  { write } for  pid=10643 comm="syz.0.2655" name="binder1" dev="binder" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  593.611540][T10647] overlayfs: unrecognized mount option "subj_type=&+" or missing value
[  593.774133][T10652] fuse: Unknown parameter 'f®KÁçy.'׫t�rB³N'
[  593.781249][T10648] F2FS-fs (loop4): Found nat_bits in checkpoint
[  593.789857][   T23] audit: type=1326 audit(1719625711.053:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10650 comm="syz.1.2657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe13be18b99 code=0x0
[  593.832836][T10648] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  593.839764][T10648] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  594.070907][T10664] sock: process `syz.3.2659' is using obsolete getsockopt SO_BSDCOMPAT
[  594.162197][T10665] EXT4-fs (loop0): Ignoring removed orlov option
[  594.171736][T10665] EXT4-fs (loop0): orphan cleanup on readonly fs
[  594.179211][T10665] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.2660: bg 0: block 248: padding at end of block bitmap is not set
[  594.195627][T10665] Quota error (device loop0): write_blk: dquota write failed
[  594.204565][T10665] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  594.217373][T10665] EXT4-fs (loop0): 1 truncate cleaned up
[  594.223861][T10665] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,orlov,noblock_validity,quota,grpjquota=,noquota,noquota,noload,sb=0x0000000000000401,,errors=continue
[  594.252736][T10665] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.260610][T10665] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.293637][T10665] EXT4-fs error (device loop0): ext4_lookup:1818: inode #2: comm syz.0.2660: deleted inode referenced: 12
[  594.328086][T10665] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  594.375421][T10665] EXT4-fs (loop0): re-mounted. Opts: 
[  594.380959][T10665] ext4 filesystem being remounted at /root/syzkaller.76sFMb/26/bus supports timestamps until 2038 (0x7fffffff)
[  594.646784][   T23] audit: type=1400 audit(1719625711.913:503): avc:  denied  { create } for  pid=10669 comm="syz.2.2661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  594.742902][ T9322] attempt to access beyond end of device
[  594.742902][ T9322] loop4: rw=2049, want=45120, limit=40427
[  595.090935][ T1286] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  595.218217][T10678] FAT-fs (loop0): Directory bread(block 64) failed
[  595.234808][T10678] FAT-fs (loop0): Directory bread(block 65) failed
[  595.278331][T10678] FAT-fs (loop0): Directory bread(block 66) failed
[  595.326600][T10678] FAT-fs (loop0): Directory bread(block 67) failed
[  595.354068][T10678] FAT-fs (loop0): Directory bread(block 68) failed
[  595.385421][T10678] FAT-fs (loop0): Directory bread(block 69) failed
[  595.401069][T10678] FAT-fs (loop0): Directory bread(block 70) failed
[  595.420990][T10678] FAT-fs (loop0): Directory bread(block 71) failed
[  595.447840][T10678] FAT-fs (loop0): Directory bread(block 72) failed
[  595.460878][ T1286] usb 3-1: config 255 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  595.480520][T10678] FAT-fs (loop0): Directory bread(block 73) failed
[  595.497454][ T1286] usb 3-1: config 255 has an invalid descriptor of length 43, skipping remainder of the config
[  595.559957][ T1286] usb 3-1: config 255 has no interfaces?
[  595.590943][ T1286] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  595.621483][ T1286] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.649809][T10678] netlink: 'syz.0.2663': attribute type 13 has an invalid length.
[  595.729913][T10678] gretap0: refused to change device tx_queue_len
[  595.940913][ T1286] usb 3-1: string descriptor 0 read error: -71
[  595.948172][ T1286] usb 3-1: USB disconnect, device number 80
[  596.590930][ T1286] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  596.846400][ T1286] usb 1-1: Using ep0 maxpacket: 32
[  596.943816][T10711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2672'.
[  596.956417][T10711] bridge0: port 3(syz_tun) entered blocking state
[  596.966374][T10711] bridge0: port 3(syz_tun) entered disabled state
[  596.975543][T10711] device syz_tun entered promiscuous mode
[  596.986629][T10711] bridge0: port 3(syz_tun) entered blocking state
[  596.997407][T10711] bridge0: port 3(syz_tun) entered forwarding state
[  597.130961][ T1286] usb 1-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[  597.143893][ T1286] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.154831][ T1286] usb 1-1: Product: syz
[  597.160430][ T1286] usb 1-1: Manufacturer: syz
[  597.168282][ T1286] usb 1-1: SerialNumber: syz
[  597.177002][ T1286] usb 1-1: config 0 descriptor??
[  597.221624][ T1286] usb-storage 1-1:0.0: USB Mass Storage device detected
[  597.230347][ T1286] usb-storage 1-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  597.847162][  T378] usb 1-1: USB disconnect, device number 88
[  599.382946][T10768] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  599.670791][ T1866] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  599.910836][ T1866] usb 4-1: Using ep0 maxpacket: 32
[  600.190921][ T1866] usb 4-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[  600.201398][ T1866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.213186][ T1866] usb 4-1: Product: syz
[  600.218154][ T1866] usb 4-1: Manufacturer: syz
[  600.222931][ T1866] usb 4-1: SerialNumber: syz
[  600.229404][ T1866] usb 4-1: config 0 descriptor??
[  600.271696][ T1866] usb-storage 4-1:0.0: USB Mass Storage device detected
[  600.280483][ T1866] usb-storage 4-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  600.595787][ T1866] usb 4-1: USB disconnect, device number 82
[  600.773388][T10798] EXT4-fs (loop4): orphan cleanup on readonly fs
[  600.782101][T10798] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.2693: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  600.809578][T10798] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.2693: Bad quota inode: 4, type: 1
[  600.825844][T10798] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  600.847963][T10798] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  600.855992][T10798] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  601.100820][ T1866] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  601.133649][T10806] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  601.146170][T10806] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  601.156095][T10806] System zones: 0-1, 4-36, 102-102
[  601.163117][T10806] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  601.431010][ T1866] usb 2-1: device descriptor read/64, error 18
[  601.794935][T10818] EXT4-fs (loop4): orphan cleanup on readonly fs
[  601.804468][T10818] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.2698: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  601.832466][T10818] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.2698: Bad quota inode: 4, type: 1
[  601.845823][T10818] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  601.861702][T10818] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  601.869271][T10818] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  601.879053][ T1866] usb 2-1: device descriptor read/64, error 18
[  602.029025][T10416] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  602.047033][T10416] EXT4-fs error (device loop2): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  602.150910][ T1866] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  602.530772][ T1866] usb 2-1: device descriptor read/64, error 18
[  602.595410][T10828] bridge0: port 1(bridge_slave_0) entered blocking state
[  602.603742][T10828] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.612237][T10828] device bridge_slave_0 entered promiscuous mode
[  602.620101][T10828] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.629619][T10828] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.639390][T10828] device bridge_slave_1 entered promiscuous mode
[  602.778400][T10828] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.785670][T10828] bridge0: port 2(bridge_slave_1) entered forwarding state
[  602.793131][T10828] bridge0: port 1(bridge_slave_0) entered blocking state
[  602.801416][T10828] bridge0: port 1(bridge_slave_0) entered forwarding state
[  602.853932][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  602.863118][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.871361][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.901464][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  602.909696][  T654] bridge0: port 1(bridge_slave_0) entered blocking state
[  602.916798][  T654] bridge0: port 1(bridge_slave_0) entered forwarding state
[  602.925822][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  602.934905][  T654] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.942188][  T654] bridge0: port 2(bridge_slave_1) entered forwarding state
[  602.970912][ T1866] usb 2-1: device descriptor read/64, error 18
[  602.978298][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  602.992921][  T383] device bridge_slave_1 left promiscuous mode
[  603.001071][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.009856][  T383] device bridge_slave_0 left promiscuous mode
[  603.017793][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.090889][ T1866] usb usb2-port1: attempt power cycle
[  603.205237][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  603.225220][T10838] overlayfs: unrecognized mount option "subj_type=&+" or missing value
[  603.235931][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  603.257267][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  603.444579][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  603.491795][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  603.521354][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  603.530062][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  603.548525][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  603.559599][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  603.577088][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  603.586580][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  603.680808][  T372] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  603.689487][ T1866] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  603.930869][  T372] usb 5-1: Using ep0 maxpacket: 8
[  604.041463][   T74] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  604.051141][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  604.063300][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.074429][  T372] usb 5-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  604.084325][  T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.093593][  T372] usb 5-1: config 0 descriptor??
[  604.170882][ T1866] usb 2-1: device not accepting address 77, error -71
[  604.280807][   T74] usb 3-1: Using ep0 maxpacket: 32
[  604.683648][  T372] uclogic 0003:2179:0077.004B: item fetching failed at offset 5/7
[  604.694758][  T372] uclogic 0003:2179:0077.004B: parse failed
[  604.701492][  T372] uclogic: probe of 0003:2179:0077.004B failed with error -22
[  604.730898][   T74] usb 3-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[  604.741142][   T74] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.749834][   T74] usb 3-1: Product: syz
[  604.754138][   T74] usb 3-1: Manufacturer: syz
[  604.758847][   T74] usb 3-1: SerialNumber: syz
[  604.774346][   T74] usb 3-1: config 0 descriptor??
[  604.813511][   T74] usb-storage 3-1:0.0: USB Mass Storage device detected
[  604.826293][   T74] usb-storage 3-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  605.100781][  T354] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[  605.179883][  T580] usb 3-1: USB disconnect, device number 81
[  605.350826][  T354] usb 1-1: Using ep0 maxpacket: 32
[  605.631225][  T354] usb 1-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[  605.643748][  T354] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.652971][  T354] usb 1-1: Product: syz
[  605.657610][  T354] usb 1-1: Manufacturer: syz
[  605.662756][  T354] usb 1-1: SerialNumber: syz
[  605.670196][  T354] usb 1-1: config 0 descriptor??
[  605.711461][  T354] usb-storage 1-1:0.0: USB Mass Storage device detected
[  605.729956][  T354] usb-storage 1-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  605.957068][  T354] usb 1-1: USB disconnect, device number 89
[  606.085939][   T74] usb 5-1: USB disconnect, device number 82
[  606.994833][T10886] overlayfs: unrecognized mount option "subj_type=&+" or missing value
[  607.071886][T10889] EXT4-fs (loop0): Ignoring removed nobh option
[  607.083213][T10889] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  607.370788][   T74] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  607.820844][ T1866] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  607.870786][   T74] usb 1-1: Using ep0 maxpacket: 16
[  607.991050][   T74] usb 1-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  608.001353][   T74] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  608.011837][   T74] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  608.023812][   T74] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.034440][   T74] usb 1-1: config 0 descriptor??
[  608.060836][ T1866] usb 4-1: Using ep0 maxpacket: 16
[  608.182044][ T1866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  608.241914][ T1866] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  608.251133][ T1866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.265574][ T1866] usb 4-1: config 0 descriptor??
[  608.300997][   T74] usb 1-1: string descriptor 0 read error: -71
[  608.308989][   T74] usb 1-1: USB disconnect, device number 90
[  608.503869][T10896] input: syz0 as /devices/virtual/input/input33
[  608.526481][T10896] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  608.538513][T10896] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  608.919660][T10896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2720'.
[  608.955199][T10896] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  609.140868][ T1866] usbhid 4-1:0.0: can't add hid device: -71
[  609.147853][ T1866] usbhid: probe of 4-1:0.0 failed with error -71
[  609.159729][ T1866] usb 4-1: USB disconnect, device number 83
[  609.928794][T10927] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  609.940206][T10927] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  609.948776][T10927] System zones: 0-1, 4-36, 102-102
[  609.954434][T10927] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  610.281615][T10948] overlayfs: unrecognized mount option "subj_type=&+" or missing value
[  611.027690][ T9322] EXT4-fs error (device loop4): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  611.041771][ T9322] EXT4-fs error (device loop4): __ext4_iget:5217: inode #15: block 1803188595: comm syz-executor: invalid block
[  611.322302][T10962] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.330111][T10962] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.338149][T10962] device bridge_slave_0 entered promiscuous mode
[  611.347465][T10962] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.354928][T10962] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.363542][T10962] device bridge_slave_1 entered promiscuous mode
[  611.433189][T10962] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.440323][T10962] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.447898][T10962] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.454879][T10962] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.494250][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  611.503006][ T1866] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.511940][ T1866] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.526529][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  611.535590][ T2504] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.543541][ T2504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.563496][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  611.574076][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.581695][  T354] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.597939][  T905] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  611.610545][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  611.636363][  T905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  611.649744][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.661452][    T7] device bridge_slave_1 left promiscuous mode
[  611.667815][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.676265][    T7] device bridge_slave_0 left promiscuous mode
[  611.683134][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.745836][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.764778][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  611.781657][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  611.830928][ T2504] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  611.920827][  T905] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  612.090788][ T1866] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  612.330836][  T905] usb 2-1: Using ep0 maxpacket: 16
[  612.361164][ T1866] usb 3-1: Using ep0 maxpacket: 16
[  612.380950][ T2504] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  612.451083][  T905] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.463650][  T905] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  612.473519][ T2504] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  612.483042][  T905] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.491196][ T1866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  612.496266][ T2504] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  612.508088][ T1866] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  612.515088][  T905] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  612.524927][ T1866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.533619][ T2504] usb 4-1: SerialNumber: syz
[  612.545820][  T905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.554431][T10983] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  612.561897][ T1866] usb 3-1: config 0 descriptor??
[  612.583079][  T905] usb 2-1: config 0 descriptor??
[  612.651872][T10184] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /root/syzkaller.76sFMb/40/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  612.831894][T10973] input: syz0 as /devices/virtual/input/input34
[  612.851155][T10973] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  612.859433][T10973] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  612.937182][T10988] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.945347][T10988] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.952878][T10988] device bridge_slave_0 entered promiscuous mode
[  612.960058][T10988] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.967386][T10988] bridge0: port 2(bridge_slave_1) entered disabled state
[  612.975752][T10988] device bridge_slave_1 entered promiscuous mode
[  613.043184][T10988] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.050947][T10988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.051521][T10970] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  613.058626][T10988] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.073028][T10993] overlayfs: unrecognized mount option "subj_type=&+" or missing value
[  613.074254][T10988] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.076253][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.101106][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.108438][T10973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2741'.
[  613.119314][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.128062][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.137106][T10973] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  613.151244][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.158857][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.166385][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.173880][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.181322][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.188868][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.196702][  T905] savu 0003:1E7D:2D5A.004C: unknown main item tag 0x0
[  613.198154][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  613.212163][ T1866] usbhid 3-1:0.0: can't add hid device: -71
[  613.213076][  T905] savu 0003:1E7D:2D5A.004C: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  613.218125][ T1866] usbhid: probe of 3-1:0.0 failed with error -71
[  613.237989][ T1866] usb 3-1: USB disconnect, device number 82
[  613.248071][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.256687][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.280160][ T2504] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42
[  613.284444][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  613.309890][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  613.318513][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.325815][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.334360][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  613.343500][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  613.352200][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.359747][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.375354][   T74] usb 2-1: USB disconnect, device number 79
[  613.393555][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  613.403167][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  613.418865][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  613.427002][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  613.451743][    T7] device bridge_slave_1 left promiscuous mode
[  613.458152][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.467942][    T7] device bridge_slave_0 left promiscuous mode
[  613.474537][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.579025][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  613.588556][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  613.613247][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  613.622002][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  613.648869][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  613.658193][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  613.676074][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  613.684199][   T74] usb 4-1: USB disconnect, device number 84
[  613.686659][T11008] EXT4-fs (loop4): Ignoring removed nobh option
[  613.698261][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  613.702216][   T74] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device
[  613.728005][T11008] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  613.753240][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  613.763151][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  614.020913][  T905] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  614.033799][T11043] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2930: inode #16: comm syz.0.2747: corrupted xattr block 8
[  614.047013][T11043] EXT4-fs warning (device loop0): ext4_evict_inode:321: xattr delete (err -117)
[  614.061308][T11043] EXT4-fs (loop0): 1 orphan inode deleted
[  614.067015][T11043] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  614.077495][T11043] ext4 filesystem being mounted at /root/syzkaller.xQezJ8/0/bus supports timestamps until 2038 (0x7fffffff)
[  614.281181][  T905] usb 5-1: Using ep0 maxpacket: 16
[  614.681495][  T905] usb 5-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config
[  614.692750][  T905] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  614.705371][  T905] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  614.717153][  T905] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.731282][  T905] usb 5-1: config 0 descriptor??
[  614.850815][ T1286] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  615.001127][  T905] usb 5-1: string descriptor 0 read error: -71
[  615.015268][  T905] usb 5-1: USB disconnect, device number 83
[  615.351025][ T1286] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  615.365090][ T1286] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  615.377000][ T1286] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  615.550937][ T1286] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  615.562330][ T1286] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  615.573219][ T1286] usb 1-1: Product: syz
[  615.577880][ T1286] usb 1-1: Manufacturer: syz
[  615.583852][ T1286] usb 1-1: SerialNumber: syz
[  615.647390][ T1286] cdc_ncm 1-1:1.0: bind() failure
[  617.047499][  T378] usb 1-1: USB disconnect, device number 91
[  617.340856][   T74] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  617.450244][T11105] EXT4-fs (sda1): Can't set test_dummy_encryption on remount
[  617.690765][   T74] usb 3-1: device descriptor read/64, error 18
[  618.465167][   T74] usb 3-1: device descriptor read/64, error 18
[  618.750808][   T74] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  619.067131][T11124] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  619.074719][T11124] EXT4-fs (loop0): Ignoring removed orlov option
[  619.081513][T11124] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  619.101513][T11124] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  619.130843][ T1286] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  619.210878][   T74] usb 3-1: device descriptor read/64, error 18
[  619.380765][ T1286] usb 4-1: Using ep0 maxpacket: 16
[  619.486383][T11135] cgroup1: none used incorrectly
[  619.500961][ T1286] usb 4-1: config 0 has an invalid descriptor of length 56, skipping remainder of the config
[  619.515837][ T1286] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  619.545113][ T1286] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  619.605097][   T74] usb 3-1: device descriptor read/64, error 18
[  619.623910][ T1286] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.645176][ T1286] usb 4-1: config 0 descriptor??
[  619.691715][ T1286] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  619.730885][   T74] usb usb3-port1: attempt power cycle
[  619.914115][ T1286] usb 4-1: USB disconnect, device number 85
[  620.455850][T11143] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,bsdgroups,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[  621.860803][  T905] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  622.100868][  T905] usb 4-1: Using ep0 maxpacket: 16
[  622.190919][  T371] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  622.270998][  T905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  622.283123][  T905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  622.293285][  T905] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  622.301065][ T1286] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  622.303706][  T905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.319734][  T905] usb 4-1: config 0 descriptor??
[  622.390806][ T1866] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  622.460875][  T371] usb 5-1: device descriptor read/64, error 18
[  622.630995][ T1866] usb 2-1: Using ep0 maxpacket: 16
[  622.670942][ T1286] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  622.682624][ T1286] usb 3-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[  622.693189][ T1286] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  622.704490][ T1286] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.741308][T11182] EXT4-fs (loop0): Ignoring removed nobh option
[  622.751902][T11182] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  622.761145][ T1866] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  622.775876][T11163] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  622.801498][  T905] hid (null): report_id 0 is invalid
[  622.807343][  T905] hid (null): bogus close delimiter
[  622.814798][  T905] hid (null): invalid report_size 24934
[  622.822809][  T905] hid-generic 0003:0158:0100.004D: unknown main item tag 0x0
[  622.830577][  T905] hid-generic 0003:0158:0100.004D: collection stack underflow
[  622.839145][  T905] hid-generic 0003:0158:0100.004D: item 0 2 0 12 parsing failed
[  622.847273][  T905] hid-generic: probe of 0003:0158:0100.004D failed with error -22
[  622.850843][  T371] usb 5-1: device descriptor read/64, error 18
[  622.940975][ T1866] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  622.951566][ T1866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.960076][ T1866] usb 2-1: Product: syz
[  622.964491][ T1866] usb 2-1: Manufacturer: syz
[  622.969124][ T1866] usb 2-1: SerialNumber: syz
[  622.974943][ T1866] usb 2-1: config 0 descriptor??
[  623.003673][  T905] usb 4-1: USB disconnect, device number 86
[  623.014527][ T1866] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  623.023495][ T1866] usb 2-1: Detected FT232RL
[  623.051023][ T7099] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  623.130777][  T371] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  623.220942][ T1866] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  623.290785][ T7099] usb 1-1: Using ep0 maxpacket: 16
[  623.311163][ T1286] usb 3-1: string descriptor 0 read error: -22
[  623.400866][  T371] usb 5-1: device descriptor read/64, error 18
[  623.411005][ T7099] usb 1-1: config 0 has an invalid descriptor of length 56, skipping remainder of the config
[  623.421401][ T7099] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  623.436162][ T7099] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  623.445748][ T7099] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.455370][ T7099] usb 1-1: config 0 descriptor??
[  623.483052][ T1866] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  623.492149][ T7099] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  623.513651][ T7099] usb 3-1: USB disconnect, device number 86
[  623.698953][  T378] usb 1-1: USB disconnect, device number 92
[  623.790770][  T371] usb 5-1: device descriptor read/64, error 18
[  623.832402][T11187] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2787'.
[  623.921046][  T371] usb usb5-port1: attempt power cycle
[  624.331337][  T371] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  624.431108][  T371] usb 5-1: Invalid ep0 maxpacket: 0
[  624.580810][  T371] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  624.681138][  T371] usb 5-1: Invalid ep0 maxpacket: 0
[  624.688231][  T371] usb usb5-port1: unable to enumerate USB device
[  624.862462][T11205] netlink: 'syz.2.2791': attribute type 4 has an invalid length.
[  624.890092][T11205] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2791'.
[  624.942873][ T2504] usb 2-1: USB disconnect, device number 80
[  624.961601][ T2504] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  624.977059][ T2504] ftdi_sio 2-1:0.0: device disconnected
[  626.658423][T11232] F2FS-fs (loop0): invalid crc value
[  626.661681][T11234] EXT4-fs (loop2): Ignoring removed nobh option
[  626.678835][T11232] F2FS-fs (loop0): Found nat_bits in checkpoint
[  626.688022][T11234] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  626.738590][T11232] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  627.050856][   T74] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  627.300890][   T74] usb 3-1: Using ep0 maxpacket: 16
[  627.315223][T10988] attempt to access beyond end of device
[  627.315223][T10988] loop0: rw=2049, want=45104, limit=40427
[  627.349352][T11253] EXT4-fs (loop4): orphan cleanup on readonly fs
[  627.357222][T11253] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.2804: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  627.376257][T11253] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.2804: Bad quota inode: 4, type: 1
[  627.387958][T11253] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  627.404041][T11253] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  627.413596][T11253] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  627.441354][   T74] usb 3-1: config 0 has an invalid descriptor of length 56, skipping remainder of the config
[  627.486692][   T74] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  627.527957][   T74] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  627.538828][   T74] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.628090][   T74] usb 3-1: config 0 descriptor??
[  627.691589][   T74] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  628.020433][  T371] usb 3-1: USB disconnect, device number 87
[  629.170035][T11287] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  629.430781][  T905] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  629.561419][T11294] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6144 sclass=netlink_route_socket pid=11294 comm=syz.2.2817
[  629.664959][T11294] EXT4-fs (loop2): 1 orphan inode deleted
[  629.675292][T11294] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  629.688309][T11294] ext4 filesystem being mounted at /root/syzkaller.MhfR4e/20/file1 supports timestamps until 2038 (0x7fffffff)
[  629.850895][  T905] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  629.861271][  T905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.870865][  T905] usb 2-1: config 0 descriptor??
[  630.191295][T11307] EXT4-fs (loop4): Ignoring removed nobh option
[  630.202661][T11307] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  630.282368][T11312] EXT4-fs (loop2): orphan cleanup on readonly fs
[  630.318277][T11312] EXT4-fs error (device loop2): ext4_ext_check_inode:540: inode #4: comm syz.2.2820: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  630.331604][T11288] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  630.341356][T11312] EXT4-fs error (device loop2): ext4_quota_enable:6059: comm syz.2.2820: Bad quota inode: 4, type: 1
[  630.354574][   T23] audit: type=1400 audit(1719625747.613:504): avc:  denied  { accept } for  pid=11283 comm="syz.1.2814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  630.361047][T11312] EXT4-fs warning (device loop2): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  630.390186][T11288] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  630.397841][T11312] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  630.425165][T11312] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  630.570815][ T2504] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  630.651303][  T905] usb 2-1: Cannot set autoneg
[  630.659023][  T905] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71
[  630.676130][  T905] usb 2-1: USB disconnect, device number 81
[  630.830784][ T2504] usb 5-1: Using ep0 maxpacket: 16
[  630.950860][ T2504] usb 5-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  630.962264][ T2504] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  630.976982][ T2504] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  630.986254][ T2504] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.995702][ T2504] usb 5-1: config 0 descriptor??
[  631.050211][ T2504] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  631.410915][  T905] usb 5-1: USB disconnect, device number 88
[  631.600843][   T74] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  631.910809][   T74] usb 3-1: Using ep0 maxpacket: 8
[  632.030875][   T74] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  632.043762][   T74] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  632.054388][   T74] usb 3-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  632.063913][   T74] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.079705][   T74] usb 3-1: config 0 descriptor??
[  632.292967][T11346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6144 sclass=netlink_route_socket pid=11346 comm=syz.4.2830
[  632.441783][T11346] EXT4-fs (loop4): 1 orphan inode deleted
[  632.447936][T11346] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  632.458770][T11346] ext4 filesystem being mounted at /root/syzkaller.Wo9pam/17/file1 supports timestamps until 2038 (0x7fffffff)
[  632.607369][   T74] uclogic 0003:2179:0077.004E: item fetching failed at offset 5/7
[  632.616850][   T74] uclogic 0003:2179:0077.004E: parse failed
[  632.622683][   T74] uclogic: probe of 0003:2179:0077.004E failed with error -22
[  633.922733][T11378] EXT4-fs (loop0): Ignoring removed nobh option
[  633.933179][T11378] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  634.035851][ T2504] usb 3-1: USB disconnect, device number 88
[  634.240884][  T371] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  634.451781][T11386] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  634.470502][T11386] EXT4-fs (loop4): Ignoring removed orlov option
[  634.482884][T11386] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  634.491921][  T371] usb 1-1: Using ep0 maxpacket: 16
[  634.501583][T11386] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  634.620831][  T371] usb 1-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  634.634062][  T371] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  634.672393][  T371] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  634.696645][  T371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.723856][  T371] usb 1-1: config 0 descriptor??
[  634.766260][  T371] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  634.970645][ T7099] usb 1-1: USB disconnect, device number 93
[  635.001204][   T74] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  635.193624][T11397] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  635.201445][T11397] EXT4-fs (loop4): Ignoring removed orlov option
[  635.218830][T11397] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  635.231209][T11397] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  635.240854][   T74] usb 2-1: Using ep0 maxpacket: 16
[  635.370923][   T74] usb 2-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  635.381750][   T74] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  635.395148][   T74] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  635.404213][   T74] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.413558][   T74] usb 2-1: config 0 descriptor??
[  635.451544][   T74] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  635.686702][ T2504] usb 2-1: USB disconnect, device number 82
[  635.793466][T11406] EXT4-fs (loop2): orphan cleanup on readonly fs
[  635.801382][T11406] EXT4-fs error (device loop2): ext4_ext_check_inode:540: inode #4: comm syz.2.2848: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  635.820622][T11406] EXT4-fs error (device loop2): ext4_quota_enable:6059: comm syz.2.2848: Bad quota inode: 4, type: 1
[  635.832131][T11406] EXT4-fs warning (device loop2): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  635.846722][T11406] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  635.853265][T11406] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  637.160760][ T7099] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  637.462043][T11442] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  637.477788][T11444] EXT4-fs (loop4): Ignoring removed nobh option
[  637.485367][T11442] EXT4-fs (loop0): Ignoring removed orlov option
[  637.492368][T11442] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  637.501831][T11444] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  637.504605][T11442] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  637.523356][ T7099] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  637.537191][ T7099] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.546343][ T7099] usb 3-1: config 0 descriptor??
[  637.830795][  T371] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  638.001363][T11435] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  638.240780][  T371] usb 5-1: Using ep0 maxpacket: 16
[  638.370994][  T371] usb 5-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  638.388618][  T371] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  638.404073][  T371] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  638.410932][ T7099] usb 3-1: Cannot set autoneg
[  638.416686][  T371] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.422885][ T7099] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71
[  638.448316][  T371] usb 5-1: config 0 descriptor??
[  638.462333][ T7099] usb 3-1: USB disconnect, device number 89
[  638.532401][  T371] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  638.722193][  T371] usb 5-1: USB disconnect, device number 89
[  638.845819][T11469] 9pnet: Insufficient options for proto=fd
[  639.039980][   T23] audit: type=1400 audit(1719625756.303:505): avc:  denied  { setattr } for  pid=11472 comm="syz.3.2867" path="/dev/loop8" dev="devtmpfs" ino=9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  639.080826][ T1866] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  639.330824][ T1866] usb 2-1: Using ep0 maxpacket: 16
[  639.450897][ T1866] usb 2-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  639.464113][ T1866] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  639.481030][ T1866] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  639.490645][ T1866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.502132][ T1866] usb 2-1: config 0 descriptor??
[  639.577488][ T1866] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  639.786316][ T1286] usb 2-1: USB disconnect, device number 83
[  640.101582][T11488] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  640.109604][T11488] EXT4-fs (loop4): Ignoring removed orlov option
[  640.116486][T11488] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  640.131189][T11488] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  640.380308][ T1866] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  640.735025][T11502] fuse: Unknown parameter 'fd0x0000000000000004'
[  640.741012][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.781546][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  640.794503][ T1866] usb 1-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  640.805099][ T1866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.820653][T11499] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  640.821378][ T1866] usb 1-1: config 0 descriptor??
[  640.981692][T11499] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  640.990921][T11499] System zones: 0-1, 4-36, 102-102
[  641.003021][T11499] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  641.435716][T11486] FAT-fs (loop0): Directory bread(block 64) failed
[  641.442851][T11486] FAT-fs (loop0): Directory bread(block 65) failed
[  641.449989][T11486] FAT-fs (loop0): Directory bread(block 66) failed
[  641.456805][T11486] FAT-fs (loop0): Directory bread(block 67) failed
[  641.464572][T11486] FAT-fs (loop0): Directory bread(block 68) failed
[  641.474016][T11486] FAT-fs (loop0): Directory bread(block 69) failed
[  641.481265][T11486] FAT-fs (loop0): Directory bread(block 70) failed
[  641.510647][T11486] FAT-fs (loop0): Directory bread(block 71) failed
[  641.519704][T11486] FAT-fs (loop0): Directory bread(block 72) failed
[  641.526632][T11486] FAT-fs (loop0): Directory bread(block 73) failed
[  641.780804][  T378] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  641.800844][ T1866] usbhid 1-1:0.0: can't add hid device: -71
[  641.807180][ T1866] usbhid: probe of 1-1:0.0 failed with error -71
[  641.815017][ T1866] usb 1-1: USB disconnect, device number 94
[  641.875835][   T23] audit: type=1400 audit(1719625759.143:506): avc:  denied  { ioctl } for  pid=11520 comm="syz.4.2881" path="/dev/vga_arbiter" dev="devtmpfs" ino=22 ioctlcmd=0x6607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  641.980858][ T2504] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  642.150904][  T378] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  642.160470][  T378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.170183][  T378] usb 3-1: config 0 descriptor??
[  642.234933][ T2504] usb 2-1: Using ep0 maxpacket: 16
[  642.299951][T10988] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  642.308840][T10988] FAT-fs (loop0): Filesystem has been set read-only
[  642.317437][T11525] 9pnet: Insufficient options for proto=fd
[  642.361326][ T2504] usb 2-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  642.373943][ T2504] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  642.398888][ T2504] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  642.407887][ T2504] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.433017][ T2504] usb 2-1: config 0 descriptor??
[  642.471514][ T2504] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  642.565714][T11529] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.573232][T11529] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.582414][T11529] device bridge_slave_0 entered promiscuous mode
[  642.592912][T11529] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.600594][T11529] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.610486][T11529] device bridge_slave_1 entered promiscuous mode
[  642.632932][T11516] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  642.669975][T11516] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  642.679608][  T372] usb 2-1: USB disconnect, device number 84
[  642.728165][T11529] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.735516][T11529] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.742648][T11529] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.750793][T11529] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.782959][  T905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  642.798377][  T905] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.805911][  T905] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.822068][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  642.831250][ T2504] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.838309][ T2504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.847434][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  642.855828][ T2504] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.863025][ T2504] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.877082][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  642.886835][T11539] fuse: Unknown parameter 'fd0x0000000000000004'
[  642.899416][  T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  642.922129][  T383] device bridge_slave_1 left promiscuous mode
[  642.928546][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.930951][  T378] usb 3-1: Cannot set autoneg
[  642.940267][  T383] device bridge_slave_0 left promiscuous mode
[  642.941462][  T378] MOSCHIP usb-ethernet driver: probe of 3-1:0.0 failed with error -71
[  642.946802][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.956022][  T378] usb 3-1: USB disconnect, device number 90
[  643.058510][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  643.081063][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  643.092678][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  643.108608][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  643.123072][  T905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  643.675051][T11546] EXT4-fs (loop4): orphan cleanup on readonly fs
[  643.683605][T11546] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.2890: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  643.710151][T11546] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.2890: Bad quota inode: 4, type: 1
[  643.725454][T11546] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  643.746689][T11546] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  643.755334][T11546] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  644.361629][  T905] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  644.730927][  T905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  644.741877][  T905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  644.751786][  T905] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  644.762856][  T905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.773039][  T905] usb 4-1: config 0 descriptor??
[  644.885812][   T23] audit: type=1326 audit(1719625762.153:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11564 comm="syz.4.2894" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e12ae6b99 code=0x0
[  645.054720][T11577] fuse: Unknown parameter 'fd0x0000000000000004'
[  645.267599][  T372] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  645.338669][T11580] 9pnet: Insufficient options for proto=fd
[  645.541103][T11557] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  645.549711][T11557] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  645.571013][  T905] usbhid 4-1:0.0: can't add hid device: -32
[  645.576961][  T905] usbhid: probe of 4-1:0.0 failed with error -32
[  645.612227][ T1866] usb 4-1: USB disconnect, device number 87
[  645.660908][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  645.672012][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  645.682400][  T372] usb 3-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[  645.691377][  T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.701231][  T372] usb 3-1: config 0 descriptor??
[  646.392555][T11588] EXT4-fs (loop4): Ignoring removed nobh option
[  646.401654][T11588] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  646.449523][T11575] FAT-fs (loop2): Directory bread(block 64) failed
[  646.456130][T11575] FAT-fs (loop2): Directory bread(block 65) failed
[  646.462900][T11575] FAT-fs (loop2): Directory bread(block 66) failed
[  646.469434][T11575] FAT-fs (loop2): Directory bread(block 67) failed
[  646.476434][T11575] FAT-fs (loop2): Directory bread(block 68) failed
[  646.483294][T11575] FAT-fs (loop2): Directory bread(block 69) failed
[  646.490288][T11575] FAT-fs (loop2): Directory bread(block 70) failed
[  646.497278][T11575] FAT-fs (loop2): Directory bread(block 71) failed
[  646.504239][T11575] FAT-fs (loop2): Directory bread(block 72) failed
[  646.512379][T11575] FAT-fs (loop2): Directory bread(block 73) failed
[  646.640893][  T372] usbhid 3-1:0.0: can't add hid device: -71
[  646.646818][  T372] usbhid: probe of 3-1:0.0 failed with error -71
[  646.656317][  T372] usb 3-1: USB disconnect, device number 91
[  646.720768][  T378] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  646.740939][T11597] fuse: Unknown parameter '0x0000000000000004'
[  646.980747][  T378] usb 5-1: Using ep0 maxpacket: 16
[  647.111062][  T378] usb 5-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  647.123772][  T378] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  647.142071][  T378] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  647.143712][T10828] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  647.151803][  T378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.162358][T10828] FAT-fs (loop2): Filesystem has been set read-only
[  647.169812][  T378] usb 5-1: config 0 descriptor??
[  647.211745][  T378] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  647.506875][ T2504] usb 5-1: USB disconnect, device number 90
[  647.608740][T11604] EXT4-fs (loop0): Ignoring removed bh option
[  647.623393][T11604] EXT4-fs error (device loop0): ext4_ext_check_inode:540: inode #16: comm syz.0.2906: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  647.645214][T11604] EXT4-fs error (device loop0): ext4_orphan_get:1240: comm syz.0.2906: couldn't read orphan inode 16 (err -117)
[  647.659822][T11604] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable,noquota,nouid32,barrier,resgid=0x0000000000000000,journal_dev=0x00000000000001ff,barrier,acl,bh,,errors=continue
[  647.680663][T11604] ext4 filesystem being mounted at /root/syzkaller.E6ZJwm/3/file1 supports timestamps until 2038 (0x7fffffff)
[  647.755648][T11616] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.764409][T11616] bridge0: port 1(bridge_slave_0) entered disabled state
[  647.775799][T11616] device bridge_slave_0 entered promiscuous mode
[  647.785289][T11616] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.795001][T11616] bridge0: port 2(bridge_slave_1) entered disabled state
[  647.803659][T11616] device bridge_slave_1 entered promiscuous mode
[  647.873527][T11616] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.882237][T11616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  647.889780][T11616] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.897323][T11616] bridge0: port 1(bridge_slave_0) entered forwarding state
[  647.930573][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  647.949999][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[  647.960310][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[  647.978480][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  647.989298][ T1866] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  647.998747][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[  648.006232][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  648.016163][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  648.025810][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[  648.034172][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  648.057076][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  648.068291][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  648.092301][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  648.107305][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  648.128384][  T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  648.141093][  T383] device bridge_slave_1 left promiscuous mode
[  648.147719][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.155881][  T383] device bridge_slave_0 left promiscuous mode
[  648.162858][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  648.259852][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  648.261854][ T1866] usb 1-1: Using ep0 maxpacket: 16
[  648.268625][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  648.390909][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  648.405189][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  648.420004][ T1866] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  648.432308][ T1866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.447289][ T1866] usb 1-1: config 0 descriptor??
[  648.843752][T11637] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  648.851551][T11637] EXT4-fs (loop4): Ignoring removed orlov option
[  648.858144][T11637] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  648.871622][T11637] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  648.911928][T11604] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  648.990892][ T1866] usbhid 1-1:0.0: can't add hid device: -71
[  648.997195][ T1866] usbhid: probe of 1-1:0.0 failed with error -71
[  649.008725][ T1866] usb 1-1: USB disconnect, device number 95
[  649.044898][T11647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2916'.
[  649.647371][T11529] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6099: Out of memory
[  649.875953][T11660] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.883733][T11660] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.891432][T11660] device bridge_slave_0 entered promiscuous mode
[  649.914122][T11660] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.924214][T11660] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.932458][T11660] device bridge_slave_1 entered promiscuous mode
[  650.004315][T11660] bridge0: port 2(bridge_slave_1) entered blocking state
[  650.011581][T11660] bridge0: port 2(bridge_slave_1) entered forwarding state
[  650.018787][T11660] bridge0: port 1(bridge_slave_0) entered blocking state
[  650.025684][T11660] bridge0: port 1(bridge_slave_0) entered forwarding state
[  650.061555][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  650.069232][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[  650.076982][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.095583][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  650.097187][T11668] EXT4-fs (loop2): Ignoring removed nobh option
[  650.104546][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[  650.115326][T11668] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  650.116753][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  650.142109][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  650.151355][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[  650.158302][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  650.176426][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  650.186971][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  650.212456][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  650.225292][ T2504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  650.241560][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  650.256138][T11671] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  650.273264][T11671] EXT4-fs error (device loop4): ext4_orphan_get:1236: inode #15: comm syz.4.2923: iget: bad i_size value: -67835469387268086
[  650.274687][ T1866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  650.292073][T11671] EXT4-fs error (device loop4): ext4_orphan_get:1240: comm syz.4.2923: couldn't read orphan inode 15 (err -117)
[  650.306719][T11671] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  650.311869][    T9] device bridge_slave_1 left promiscuous mode
[  650.321514][T11671] ext2 filesystem being mounted at /root/syzkaller.Wo9pam/38/file0 supports timestamps until 2038 (0x7fffffff)
[  650.323498][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.342562][    T9] device bridge_slave_0 left promiscuous mode
[  650.348590][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  650.428012][  T654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  650.440752][  T378] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  650.687599][  T905] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  650.820796][  T378] usb 3-1: Using ep0 maxpacket: 16
[  650.940738][  T905] usb 5-1: Using ep0 maxpacket: 16
[  650.950843][  T378] usb 3-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config
[  650.961470][  T378] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  650.974685][  T378] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  650.983878][  T378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.992682][T11690] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  651.000013][T11690] EXT4-fs (loop0): Ignoring removed orlov option
[  651.007245][  T378] usb 3-1: config 0 descriptor??
[  651.012305][T11690] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  651.021391][T11690] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  651.051530][  T378] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  651.061936][  T905] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  651.230938][  T905] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  651.240314][  T905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  651.248684][  T905] usb 5-1: Product: syz
[  651.253422][  T905] usb 5-1: Manufacturer: syz
[  651.257884][  T905] usb 5-1: SerialNumber: syz
[  651.264394][  T580] usb 3-1: USB disconnect, device number 92
[  651.271132][  T905] usb 5-1: config 0 descriptor??
[  651.312160][  T905] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  651.321043][  T905] usb 5-1: Detected FT232RL
[  651.637769][  T378] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  651.645492][  T905] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  651.890801][  T378] usb 4-1: Using ep0 maxpacket: 16
[  652.010965][  T378] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  652.024463][  T378] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  652.036652][  T378] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  652.047625][  T378] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.058313][  T378] usb 4-1: config 0 descriptor??
[  652.561243][T11695] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  652.613446][T11713] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,bsdgroups,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[  652.650916][  T378] usbhid 4-1:0.0: can't add hid device: -71
[  652.657576][  T378] usbhid: probe of 4-1:0.0 failed with error -71
[  652.668419][  T378] usb 4-1: USB disconnect, device number 88
[  652.773558][T11722] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge0
[  652.845819][T11723] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  652.862560][T11723] EXT4-fs error (device loop0): ext4_orphan_get:1236: inode #15: comm syz.0.2936: iget: bad i_size value: -67835469387268086
[  652.880046][T11723] EXT4-fs error (device loop0): ext4_orphan_get:1240: comm syz.0.2936: couldn't read orphan inode 15 (err -117)
[  652.894248][T11723] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  652.906885][T11723] ext2 filesystem being mounted at /root/syzkaller.A5myZ2/4/file0 supports timestamps until 2038 (0x7fffffff)
[  652.930817][  T905] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  652.943341][  T905] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  652.953855][  T905] usb 5-1: USB disconnect, device number 91
[  652.961998][  T905] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  652.973253][  T905] ftdi_sio 5-1:0.0: device disconnected
[  653.301422][  T372] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  653.540765][  T372] usb 1-1: Using ep0 maxpacket: 16
[  653.660992][  T372] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  653.920887][  T372] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  653.930155][  T372] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.939027][  T372] usb 1-1: Product: syz
[  653.943228][  T372] usb 1-1: Manufacturer: syz
[  653.947687][  T372] usb 1-1: SerialNumber: syz
[  653.953379][  T372] usb 1-1: config 0 descriptor??
[  653.991820][  T372] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  654.000135][  T372] usb 1-1: Detected FT232RL
[  654.048838][T11739] overlayfs: failed to resolve './file0': -2
[  654.200987][  T372] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  654.235268][T11748] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  654.249354][T11748] ext4 filesystem being mounted at /root/syzkaller.Wo9pam/40/bus supports timestamps until 2038 (0x7fffffff)
[  654.268636][T11748] EXT4-fs error (device loop4): ext4_find_dest_de:2063: inode #12: block 32: comm syz.4.2944: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  654.289922][T11748] incfs: Can't find or create .index dir in ./file0
[  654.296593][T11748] incfs: mount failed -117
[  654.302044][T11748] overlayfs: './file1' not a directory
[  654.462720][  T372] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  654.590868][ T1286] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  654.830785][ T1286] usb 2-1: Using ep0 maxpacket: 16
[  654.846863][T11761] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  654.857538][T11761] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814e11d, mo2=0002]
[  654.866046][T11761] System zones: 0-1, 4-36, 102-102
[  654.872276][T11761] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpquota,norecovery,,errors=continue
[  655.000861][ T1286] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x2D, skipping
[  655.012731][ T1286] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  655.025120][ T1286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.059888][ T1286] usb 2-1: config 0 descriptor??
[  655.154367][ T1286] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  655.183114][T11764] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,bsdgroups,jqfmt=vfsv0,grpquota,noblock_validity,,errors=continue
[  655.359691][  T378] usb 2-1: USB disconnect, device number 85
[  655.684373][  T372] usb 1-1: USB disconnect, device number 96
[  655.695919][  T372] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  655.708667][  T372] ftdi_sio 1-1:0.0: device disconnected
[  655.770794][ T1286] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  656.020759][ T1286] usb 4-1: Using ep0 maxpacket: 16
[  656.081857][T11784] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  656.089327][T11784] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  656.099078][T11784] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016c118, mo2=0002]
[  656.107432][T11784] System zones: 1-12
[  656.112344][T11784] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2221: inode #15: comm syz.4.2954: corrupted in-inode xattr
[  656.125186][T11784] EXT4-fs error (device loop4): ext4_orphan_get:1240: comm syz.4.2954: couldn't read orphan inode 15 (err -117)
[  656.137658][T11784] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue
[  656.141642][ T1286] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  656.490935][ T1286] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  656.501170][ T1286] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.510119][ T1286] usb 4-1: Product: syz
[  656.514713][ T1286] usb 4-1: Manufacturer: syz
[  656.519593][ T1286] usb 4-1: SerialNumber: syz
[  656.526463][ T1286] usb 4-1: config 0 descriptor??
[  656.571750][ T1286] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  656.580610][ T1286] usb 4-1: Detected FT232RL
[  656.810346][ T1286] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  657.361306][  T372] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  657.790808][  T372] usb 3-1: Using ep0 maxpacket: 8
[  657.911201][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  657.925196][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  657.929120][T11811] EXT4-fs (loop4): orphan cleanup on readonly fs
[  657.936236][  T372] usb 3-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  657.951037][  T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.961466][  T372] usb 3-1: config 0 descriptor??
[  657.965622][T11811] EXT4-fs error (device loop4): ext4_ext_check_inode:540: inode #4: comm syz.4.2960: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  657.985931][T11811] EXT4-fs error (device loop4): ext4_quota_enable:6059: comm syz.4.2960: Bad quota inode: 4, type: 1
[  657.997950][T11811] EXT4-fs warning (device loop4): ext4_enable_quotas:6100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  658.013507][T11811] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  658.020472][T11811] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  658.250941][ T1286] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  658.258377][ T1286] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  658.268663][ T1286] usb 4-1: USB disconnect, device number 89
[  658.276048][ T1286] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  658.286158][ T1286] ftdi_sio 4-1:0.0: device disconnected
[  658.482878][  T372] uclogic 0003:2179:0077.004F: item fetching failed at offset 5/7
[  658.492997][  T372] uclogic 0003:2179:0077.004F: parse failed
[  658.658221][  T372] uclogic: probe of 0003:2179:0077.004F failed with error -22
[  659.188823][T11832] kernel profiling enabled (shift: 0)
[  659.642475][ T1866] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  659.795590][ T2504] usb 3-1: USB disconnect, device number 93
[  660.010751][ T1866] usb 2-1: Using ep0 maxpacket: 16
[  660.021010][  T372] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  660.140889][ T1866] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x2D, skipping
[  660.151710][ T1866] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  660.161811][ T1866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.171236][ T1866] usb 2-1: config 0 descriptor??
[  660.211488][ T1866] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  660.281245][  T372] usb 5-1: Using ep0 maxpacket: 8
[  660.400845][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  660.413415][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  660.424368][  T372] usb 5-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  660.433958][  T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.453930][ T1866] usb 2-1: USB disconnect, device number 86
[  660.469957][  T372] usb 5-1: config 0 descriptor??
[  660.870871][  T378] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[  660.961562][  T372] uclogic 0003:2179:0077.0050: item fetching failed at offset 5/7
[  660.992861][  T372] uclogic 0003:2179:0077.0050: parse failed
[  660.999803][  T372] uclogic: probe of 0003:2179:0077.0050 failed with error -22
[  661.130781][  T378] usb 4-1: Using ep0 maxpacket: 32
[  661.185144][T11864] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  661.199004][T11864] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #15: comm syz.2.2974: iget: bad i_size value: -67835469387268086
[  661.214769][T11864] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz.2.2974: couldn't read orphan inode 15 (err -117)
[  661.232635][T11864] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  661.243400][T11864] ext2 filesystem being mounted at /root/syzkaller.t3CqkX/13/file0 supports timestamps until 2038 (0x7fffffff)
[  661.373212][T11870] EXT4-fs (loop0): Ignoring removed bh option
[  661.393862][T11870] EXT4-fs error (device loop0): ext4_ext_check_inode:540: inode #16: comm syz.0.2977: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  661.423098][T11870] EXT4-fs error (device loop0): ext4_orphan_get:1240: comm syz.0.2977: couldn't read orphan inode 16 (err -117)
[  661.444946][T11870] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable,noquota,nouid32,barrier,resgid=0x0000000000000000,journal_dev=0x00000000000001ff,barrier,acl,bh,,errors=continue
[  661.472062][T11870] ext4 filesystem being mounted at /root/syzkaller.A5myZ2/11/file1 supports timestamps until 2038 (0x7fffffff)
[  661.486463][  T378] usb 4-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[  661.530818][ T2504] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  661.603701][  T378] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.890806][ T1866] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  661.906500][  T378] usb 4-1: Product: syz
[  661.912395][  T378] usb 4-1: Manufacturer: syz
[  661.919222][  T378] usb 4-1: SerialNumber: syz
[  661.925563][  T378] usb 4-1: config 0 descriptor??
[  661.971601][  T378] usb-storage 4-1:0.0: USB Mass Storage device detected
[  661.981358][  T378] usb-storage 4-1:0.0: Quirks match for vid 04b3 pid 4001: 2000
[  662.120834][ T2504] usb 3-1: Using ep0 maxpacket: 16
[  662.190719][    C1] ==================================================================
[  662.200998][    C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[  662.209304][    C1] Read of size 8 at addr ffff8881a7e9f680 by task syz.1.2978/11881
[  662.217416][    C1] 
[  662.220117][    C1] CPU: 1 PID: 11881 Comm: syz.1.2978 Not tainted 5.4.274-syzkaller-00003-g51e9abf68baf #0
[  662.231091][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  662.240953][ T2504] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  662.242858][    C1] Call Trace:
[  662.242863][    C1]  <IRQ>
[  662.242890][    C1]  dump_stack+0x1d8/0x241
[  662.266502][    C1]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  662.274417][    C1]  ? printk+0xd1/0x111
[  662.279114][    C1]  ? profile_pc+0xa4/0xe0
[  662.284057][    C1]  ? wake_up_klogd+0xb2/0xf0
[  662.289165][    C1]  ? profile_pc+0xa4/0xe0
[  662.294159][    C1]  print_address_description+0x8c/0x600
[  662.300823][    C1]  ? panic+0x89d/0x89d
[  662.305665][    C1]  ? profile_pc+0xa4/0xe0
[  662.312606][    C1]  __kasan_report+0xf3/0x120
[  662.317812][    C1]  ? profile_pc+0xa4/0xe0
[  662.327965][    C1]  ? _raw_spin_lock+0x160/0x1b0
[  662.333832][    C1]  kasan_report+0x30/0x60
[  662.339270][    C1]  profile_pc+0xa4/0xe0
[  662.344021][    C1]  profile_tick+0xb9/0x100
[  662.349923][    C1]  tick_sched_timer+0x237/0x3c0
[  662.356882][    C1]  ? tick_setup_sched_timer+0x460/0x460
[  662.362530][    C1]  __hrtimer_run_queues+0x3e9/0xb90
[  662.369496][    C1]  ? _raw_spin_unlock_irq+0x4a/0x60
[  662.378391][    C1]  ? hrtimer_interrupt+0x890/0x890
[  662.385595][    C1]  ? kvm_sched_clock_read+0x14/0x40
[  662.392837][    C1]  ? sched_clock+0x36/0x40
[  662.399001][    C1]  ? sched_clock_cpu+0x18/0x3a0
[  662.405495][    C1]  ? ktime_get_update_offsets_now+0x26c/0x280
[  662.413842][    C1]  hrtimer_interrupt+0x38a/0x890
[  662.421417][ T2504] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  662.421778][    C1]  smp_apic_timer_interrupt+0x110/0x460
[  662.431510][ T2504] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  662.438128][    C1]  apic_timer_interrupt+0xf/0x20
[  662.438134][    C1]  </IRQ>
[  662.438161][    C1] RIP: 0010:_raw_spin_lock+0x160/0x1b0
[  662.450377][ T2504] usb 3-1: Product: syz
[  662.451917][    C1] Code: fc fa fc 66 90 eb 85 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 34 ff ff ff 4c 89 ff e8 da 19 43 fd e9 27 ff ff ff 48 8d 4c 24 20 <80> e1 07 80 c1 03 38 c1 0f 8c 43 ff ff ff 48 8d 7c 24 20 e8 48 19
[  662.451924][    C1] RSP: 0018:ffff8881a7e9f680 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[  662.451935][    C1] RAX: 0000000000000004 RBX: 1ffff11034fd3ed0 RCX: ffff8881a7e9f6a0
[  662.451940][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881a7e9f6a0
[  662.451946][    C1] RBP: ffff8881a7e9f718 R08: dffffc0000000000 R09: 0000000000000003
[  662.451953][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  662.451959][    C1] R13: ffffea0007996ce8 R14: 1ffff11034fd3ed4 R15: ffff8881a7e9f6a0
[  662.451988][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  662.456423][ T2504] usb 3-1: Manufacturer: syz
[  662.462117][    C1]  ? xas_load+0x4f8/0x560
[  662.462155][    C1]  alloc_set_pte+0xba2/0x1170
[  662.462172][    C1]  filemap_map_pages+0x9d8/0xdd0
[  662.462188][    C1]  ? maybe_unlock_mmap_for_io+0x120/0x120
[  662.462208][    C1]  ? __count_memcg_events+0x97/0x210
[  662.467176][ T2504] usb 3-1: SerialNumber: syz
[  662.489427][    C1]  handle_mm_fault+0x25cd/0x4990
[  662.489442][    C1]  ? perf_event_mmap+0x3ab/0x1920
[  662.489451][    C1]  ? finish_fault+0x230/0x230
[  662.489461][    C1]  ? percpu_counter_add_batch+0x14d/0x170
[  662.489475][    C1]  ? _raw_spin_unlock+0x49/0x60
[  662.489483][    C1]  ? follow_page_pte+0x711/0xcc0
[  662.489494][    C1]  __get_user_pages+0xc0b/0x13b0
[  662.489517][    C1]  ? populate_vma_page_range+0xf0/0xf0
[  662.506237][ T2504] usb 3-1: config 0 descriptor??
[  662.506383][    C1]  ? memset+0x1f/0x40
[  662.554089][ T2504] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  662.555231][    C1]  ? vmacache_update+0x9f/0xf0
[  662.555250][    C1]  __mm_populate+0x369/0x510
[  662.563679][ T2504] usb 3-1: Detected FT232RL
[  662.567126][    C1]  ? __get_user_pages+0x13b0/0x13b0
[  662.567152][    C1]  vm_mmap_pgoff+0x20d/0x260
[  662.684999][    C1]  ? account_locked_vm+0x1b0/0x1b0
[  662.691408][    C1]  ? fpu__clear+0x3c0/0x3c0
[  662.696653][    C1]  ? ksys_mmap_pgoff+0xd6/0x1e0
[  662.702736][    C1]  do_syscall_64+0xca/0x1c0
[  662.708436][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  662.715491][    C1] RIP: 0033:0x7fe13be18b99
[  662.721468][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  662.743788][    C1] RSP: 002b:00007fe13b09a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  662.754338][    C1] RAX: ffffffffffffffda RBX: 00007fe13bfa6fa0 RCX: 00007fe13be18b99
[  662.763499][    C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  662.770964][ T2504] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  662.772446][    C1] RBP: 00007fe13be9977e R08: ffffffffffffffff R09: 0000000000000000
[  662.772452][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  662.772458][    C1] R13: 000000000000000b R14: 00007fe13bfa6fa0 R15: 00007ffe89ff7e28
[  662.772477][    C1] 
[  662.808332][    C1] The buggy address belongs to the page:
[  662.814344][    C1] page:ffffea00069fa7c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[  662.824264][    C1] flags: 0x8000000000000000()
[  662.829845][    C1] raw: 8000000000000000 ffffea00069fa7c8 ffffea00069fa7c8 0000000000000000
[  662.839398][    C1] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  662.848079][    C1] page dumped because: kasan: bad access detected
[  662.855478][    C1] page_owner tracks the page as allocated
[  662.862070][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT)
[  662.875485][    C1]  prep_new_page+0x18f/0x370
[  662.880864][    C1]  get_page_from_freelist+0x2d13/0x2d90
[  662.886697][    C1]  __alloc_pages_nodemask+0x393/0x840
[  662.892038][    C1]  dup_task_struct+0x85/0x600
[  662.896524][    C1]  copy_process+0x56d/0x3230
[  662.901038][    C1]  _do_fork+0x197/0x900
[  662.905136][    C1]  __x64_sys_clone3+0x2da/0x300
[  662.909912][    C1]  do_syscall_64+0xca/0x1c0
[  662.914945][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  662.924520][    C1] page_owner free stack trace missing
[  662.932853][    C1] 
[  662.935470][    C1] addr ffff8881a7e9f680 is located in stack of task syz.1.2978/11881 at offset 0 in frame:
[  662.946355][    C1]  _raw_spin_lock+0x0/0x1b0
[  662.950853][    C1] 
[  662.953162][    C1] this frame has 1 object:
[  662.957899][    C1]  [32, 36) 'val.i.i.i'
[  662.957901][    C1] 
[  662.964373][    C1] Memory state around the buggy address:
[  662.970956][    C1]  ffff8881a7e9f580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  662.980542][    C1]  ffff8881a7e9f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  662.989140][    C1] >ffff8881a7e9f680: f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 00 00
[  662.997703][    C1]                    ^
[  663.002241][    C1]  ffff8881a7e9f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  663.010685][    C1]  ffff8881a7e9f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  663.019456][    C1] ==================================================================
[  663.028329][    C1] Disabling lock debugging due to kernel taint
[  663.048802][ T2504] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  663.093367][ T1866] usb 1-1: Using ep0 maxpacket: 16
[  663.100855][  T372] usb 5-1: USB disconnect, device number 92
[  663.115510][ T2504] usb 4-1: USB disconnect, device number 90
[  663.410884][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  663.427101][ T1866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  663.438854][ T1866] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  663.449771][ T1866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.459923][ T1866] usb 1-1: config 0 descriptor??
[  663.520873][  T371] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  663.760748][  T371] usb 2-1: Using ep0 maxpacket: 8
[  663.880883][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  663.891703][  T371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  663.901370][  T371] usb 2-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[  663.910161][  T371] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.918916][  T371] usb 2-1: config 0 descriptor??
[  663.924027][T11870] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  664.010832][ T1866] usbhid 1-1:0.0: can't add hid device: -71
[  664.017215][ T1866] usbhid: probe of 1-1:0.0 failed with error -71
[  664.024743][ T1866] usb 1-1: USB disconnect, device number 97
[  664.384919][  T905] usb 3-1: USB disconnect, device number 94
[  664.392004][  T905] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  664.402726][  T905] ftdi_sio 3-1:0.0: device disconnected
[  664.416282][  T371] uclogic 0003:2179:0077.0051: item fetching failed at offset 5/7
[  664.426453][  T371] uclogic 0003:2179:0077.0051: parse failed
[  664.433365][  T371] uclogic: probe of 0003:2179:0077.0051 failed with error -22
[  664.594059][T11660] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6099: Out of memory
[  665.061206][  T383] device bridge_slave_1 left promiscuous mode
[  665.067744][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[  665.076030][  T383] device bridge_slave_0 left promiscuous mode
[  665.083933][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[  665.670063][ T2504] usb 2-1: USB disconnect, device number 87