last executing test programs:

9.590169814s ago: executing program 1 (id=1810):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x181281, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000040)="66b95502000066b80600000066ba000000000f300fc72c66b8020000000f23c00f21f86635010006000f23f8f26d660f3a229f00015e660fc62f0b66b9950900000f3266b8000000800f23d80f21f86635c00000300f23f866b8d70200000f23d00f21f866352000000e0f23f8660f73d340", 0x72}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12015001020000102505a1a440000102030109025c0002010000000904000001020d00000524060001052400a2000d240f01f9fffffffdff08000006241a0000080905810300040000000904010000000000000904010102020d00000905820210000000000905030240"], 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r5, @ANYBLOB="050000000000fcdbdf", @ANYRES32, @ANYBLOB="4a000e001c"], 0xa0}}, 0x2084)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8a"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r7}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000940)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0xaf, 0x105, 0x8, 0xf, 0x400, 0xc, 0x2, 0xe, 0xd, 0xfffe, 0x4000, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, &(0x7f0000000c00)={0x14, 0x0, &(0x7f0000000bc0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x3, 0xa, 0x0, 0x0, 0x3f, 0x1, 0x8, 0x9, 0x3, 0x7f, 0x4, 0xbb, 0x0, 0x5, 0x8, 0x6, 0xc, 0x7, 0x3, '\x00', 0xc0, 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.461803876s ago: executing program 3 (id=1815):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x20000015, 0x8, 0x5, 0x180, 0x200000000000004, 0x0, 0xf1, 0x800000001000000, 0x7ff, 0x5, 0x1, 0xffffffff, 0x10000000000, 0x7, 0x8000000000000001, 0xbdb], 0x8080000, 0x3c4210})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x3e, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000580)={<r4=>0x0, @broadcast, @dev}, &(0x7f00000005c0)=0xc)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000020000000000000000000000850000009b000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2f7e11082781feda, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @value=r2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

7.842452017s ago: executing program 3 (id=1817):
gettid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, 0x0, &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'sit0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x307}, 0x3d, r7})
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4)
syslog(0x4, &(0x7f00000002c0)=""/18, 0x12)
socket$inet6(0xa, 0x400000000001, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="04b1b3b53d74abf97d", @ANYRESOCT=r0])

6.715780277s ago: executing program 3 (id=1822):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
socket$key(0xf, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa810021000806000186dd06100002aaaaaaaaaabbff020000000000000000000000000001aaaaaaaaaabbfe8000000000000000000000000000bbf553837fcc293565d249d189d6bd5cc989982a853489b82024a7d708d40a324448009cd600472defa1ff1dc8b17f1a4dff67dec90658faf3f5819759ce8c1a232f6905a433afc51f1bc38fca5642c0b92a8b55ed5a5f90677ac856f9b825a51261d5a9c9d22e55f3e1096506876d9a88f75c0033821ae835c34a55f76e2615e630cd46000000000000"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb0104181b00550c616f649abdb7d002ec00007b0000000000"], 0x0, 0x1a}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x27, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r3, 0x89f9, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000280)={@private0={0xfc, 0x0, '\x00', 0x1}, @broadcast, 0xd, 0x11}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b00)={r5, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000100000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

6.08715368s ago: executing program 1 (id=1826):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000010000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x2, 0x0, 0x1, 0x900, 0x0, 0xffffff80}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000008500000029000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfeff, 0xe, 0x0, &(0x7f0000000400)="e4e647c9e0b8e9a2f2ab3026da58", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.835403025s ago: executing program 3 (id=1827):
gettid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, 0x0, &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x307}, 0x3d, r6})
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4)
syslog(0x4, &(0x7f00000002c0)=""/18, 0x12)
socket$inet6(0xa, 0x400000000001, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="04b1b3b53d74abf97d", @ANYRESOCT=r0])

4.569192149s ago: executing program 1 (id=1828):
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r1=>0x0})
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x3, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x288a, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
timerfd_create(0x9, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x1, 0x1c5, &(0x7f00000004c0)="$eJzs2z9rE2EcB/Df1SQmdUgGJ3G40Sk0fQUNUkEMCEoHBUGxDUhPChYKOmg3B9+EL8bBVSdfhmMH4SR/mjQxQ0x7CTSfz3I/7u6b53nuuCTPwfPy7tvD/aPj7ovu96gmSWzsRBpnSTRiI86dBgBwnZzlefzO8zy/eRq1r5Hn+ap7BAAUze8/AKyfp8+eP2p3OrtP0rQakX0+2TvZq/W3g+PtbryJLA5iK+rxJ3p/EIYG9YOHnd2ttK8RX7JPvXxEb3tjMt+KejRm51uDfDqZL8fmxfx21OP27Pz2zHwl7lVG+XJE1OPn6ziKLPajlx3nP7bS9P7jzlT+Vv88AAAAuA6a6Uh//l6Jyfl7szl5fDw/HuTbydzvB6bm16W4U1rt2AFgXR2//3D4KssO3i1QVIefsWB8vuLH5qCRApu4ouL8ko727Czj+vxvUbnYw6miVnBXS5N7kuKHnETEvCf/Gt6uq2r9W0Ss/HYv9FD3iyV/EQFLN3765wxUCu4QAAAAAAAAAAAAAADwjzkWBpUvu65o1WMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYP38DQAA//8cAH78")
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$incfs(&(0x7f00000007c0)='./bus\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300)='./file0\x00')
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
dup(r7)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)

3.941556571s ago: executing program 4 (id=1831):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x4180}, {r0, 0x100}], 0x2, 0x0, 0x0, 0x0)
r1 = signalfd4(r0, 0x0, 0x0, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
getdents(r1, &(0x7f00000002c0)=""/96, 0x60)
r2 = socket(0x10, 0x803, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
clock_gettime(0x0, &(0x7f00000004c0)={<r5=>0x0, <r6=>0x0})
timer_settime(r4, 0x0, &(0x7f0000000280)={{r5, r6+10000000}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x2)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r9, 0x80041285, &(0x7f0000001080))
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000240)={0x3, 0x9, 0x3b9, 0x0, 0x12})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x7c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4c, 0x2, [@TCA_BASIC_EMATCHES={0x48, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x3c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x23, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x7, 0x3, [@TCF_META_TYPE_VAR="043f51"]}, @TCA_EM_META_LVALUE={0x5, 0x2, [@TCF_META_TYPE_VAR='3', @TCF_META_TYPE_VAR]}]}}]}]}]}}]}, 0x7c}}, 0x0)

3.761137149s ago: executing program 0 (id=1832):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
truncate(&(0x7f0000000080)='./file0\x00', 0x8001)

3.717883213s ago: executing program 0 (id=1833):
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00'})
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x3, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x288a, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
timerfd_create(0x9, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x1, 0x1c5, &(0x7f00000004c0)="$eJzs2z9rE2EcB/Df1SQmdUgGJ3G40Sk0fQUNUkEMCEoHBUGxDUhPChYKOmg3B9+EL8bBVSdfhmMH4SR/mjQxQ0x7CTSfz3I/7u6b53nuuCTPwfPy7tvD/aPj7ovu96gmSWzsRBpnSTRiI86dBgBwnZzlefzO8zy/eRq1r5Hn+ap7BAAUze8/AKyfp8+eP2p3OrtP0rQakX0+2TvZq/W3g+PtbryJLA5iK+rxJ3p/EIYG9YOHnd2ttK8RX7JPvXxEb3tjMt+KejRm51uDfDqZL8fmxfx21OP27Pz2zHwl7lVG+XJE1OPn6ziKLPajlx3nP7bS9P7jzlT+Vv88AAAAuA6a6Uh//l6Jyfl7szl5fDw/HuTbydzvB6bm16W4U1rt2AFgXR2//3D4KssO3i1QVIefsWB8vuLH5qCRApu4ouL8ko727Czj+vxvUbnYw6miVnBXS5N7kuKHnETEvCf/Gt6uq2r9W0Ss/HYv9FD3iyV/EQFLN3765wxUCu4QAAAAAAAAAAAAAADwjzkWBpUvu65o1WMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYP38DQAA//8cAH78")
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$incfs(&(0x7f00000007c0)='./bus\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300)='./file0\x00')

3.604920065s ago: executing program 3 (id=1834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}})
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fspick(r4, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000980)={0xf92, 0x0, 0x0, 0x0, 0x6733, 0x0, 0x0, 0xa00000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6bf7, 0x0, 0xfef, 0x0, 0x0, 0x1, 0xb0000000000, 0x8})
socketpair(0x25, 0x1, 0x1902, &(0x7f0000000000))
r5 = socket(0x11, 0x3, 0x0)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x541c, &(0x7f0000004780))
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r7=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0, 0xdd12}], 0x1}, 0x20040051)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x401, &(0x7f0000000140)={[{@cpuset_v2_mode}]})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001100010026bd7000fbdbdf25e0000001000000001b00000000000000000004cf0a0032"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040024)

3.600832305s ago: executing program 1 (id=1835):
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="01000000000001000000080000001800018014000200"], 0x38}}, 0x4048086)

3.397578295s ago: executing program 1 (id=1836):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x20000015, 0x8, 0x5, 0x180, 0x200000000000004, 0x0, 0xf1, 0x800000001000000, 0x7ff, 0x5, 0x1, 0xffffffff, 0x10000000000, 0x7, 0x8000000000000001, 0xbdb], 0x8080000, 0x3c4210})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x3e, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000580)={<r4=>0x0, @broadcast, @dev}, &(0x7f00000005c0)=0xc)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000020000000000000000000000850000009b000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fcff"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2f7e11082781feda, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @value=r2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.018266152s ago: executing program 4 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
truncate(&(0x7f0000000080)='./file0\x00', 0x8001)

3.008674153s ago: executing program 4 (id=1838):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
socket(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x1010000, &(0x7f0000000600)=ANY=[@ANYBLOB="757466383d312c696f636861727365743d6d6163637972696c6c69632c756e695f786c6174653d302c696f636861727365743d757466382c757466383d302c757466383d312c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c63d027636b3d7374726963742c74696d655f6f66667365743d3078666666666666666666666666666262322c00"], 0x1, 0x363, &(0x7f0000000280)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ8Hmpy+57znnPtDcntJTp9bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6f/+fOazNzEEVr5zIlACAEzZ2///efdW13k+1+LVa+lQAAHBaPfH0M48urUQ83mjMRKy9udncbMZDw/qly/FSdGI1zsVs3IzILxS6D5Xe44WLK8vnGo3GTvw0F82ImOonNvMrhaWsl1+PhZiNuX5+/2ojpZRd+GRleaHRExG7O73xY62y2ZyOs/3xvz8bq8MLj6KT3lPExZXl841+B821In8nYm9436I7//mYjW+fH3STUvEJxpXlKwvFpIf5m816XBrshQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2ZbwzMDdbPSd3nfKWc+fkJ9b31cfL8/vpAe/n6QKmeIqXfXnug+VYW+9YHGl2fZ9NCggAAAAAAAAAAAAAAAAAAADCwsVWLVqezur6xtd0uF3bWN7amIqIbefnrj744E+NtblGo5kPUIwZDNPrDbrdbKSsapyxiPD3rDl5EPvh0MONym/pgKyZOo35wVafzv3t+fHcYuTsrev5z2CaLyRuYlabx8EjPa//Pp3ScHTUonC9H6uOjX00plSJvlNOvPDveYVQiqsc/cNvtqTi4TeoWvrr24p3F3m99nnL33T/75NV33v+l3ep0R47eEaytb9xM7ValaHy83dLd1UWkEnmhUj4Tqoel7+2PtLLvfn3qrre/OdroqRx5tXs+j7TJ8s35eDS9lhe60xypOjNMn+5vRGd1esLJf6vCbRzTO9777MOUfvj5yEMMTY29bFT+nlcfAAAAAAAAAAAAAAAAAACgrPRd8b7+l32nD8t68LGTnxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HOG//+/VNjbjZHIUQp/7EzIqq+ub0TU/u3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA///tLFqQ")
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61105c00000000006113380000000000bfa00000000000000700000008ffffffd50301001874004095000600000000006916360000000000bf67000000000000360607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c747664e9f7478f8200000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r5}, 0x18)
io_uring_setup(0x261e, &(0x7f00000008c0)={0x0, 0xfffffffc, 0x8000, 0xfffffffe, 0x800001b5})
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000100), 0x21c004, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES8=r5, @ANYBLOB=',wf\tno=', @ANYRESHEX, @ANYBLOB=',\x00'])
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x6)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf32(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c462f02034201000080000000000200060014000000630000003800000081020000020000000000200003006200070005000000002006000000f7ffff803dffffff03000000feffffffffffffff1374b04a0500000005000000090000000100000000000000380000000c0000000800000006000000"], 0x98)
close(r6)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)

2.352623918s ago: executing program 0 (id=1839):
syz_emit_ethernet(0x5e, &(0x7f0000000040)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, "9e00", 0x28, 0x6, 0xfde3996dcd16970f, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0xa, 0x4, 0x1, 0x0, 0x3, {[@md5sig={0x13, 0x12, "393a3dccd0bf325a28ddacf5d7bb15ca"}]}}}}}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000640), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x15, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r6 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r6, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)

2.350849138s ago: executing program 1 (id=1840):
sched_setscheduler(0x0, 0x1, 0x0)
syz_usb_connect$uac1(0x3, 0xa7, &(0x7f0000000000)=ANY=[@ANYBLOB="12015002000000206b1d0101400001020301090295000301a0a0090904000000010100000a2401900c020201020c240202060203840c0008120daa471fcfda0a0007000500190c240803090034c5e5eb68a3082405010201013f0924030201030301"], &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$usbmon(0x0, 0x7, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x8, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r0, 0x18000000000002a0, 0xb, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x4010, 0xffffffffffffffff, 0x8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)

2.348208418s ago: executing program 3 (id=1841):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x181281, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000040)="66b95502000066b80600000066ba000000000f300fc72c66b8020000000f23c00f21f86635010006000f23f8f26d660f3a229f00015e660fc62f0b66b9950900000f3266b8000000800f23d80f21f86635c00000300f23f866b8d70200000f23d00f21f866352000000e0f23f8660f73d340", 0x72}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12015001020000102505a1a440000102030109025c0002010000000904000001020d00000524060001052400a2000d240f01f9fffffffdff08000006241a0000080905810300040000000904010000000000000904010102020d00000905820210000000000905030240"], 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r5, @ANYBLOB="050000000000fcdbdf", @ANYRES32, @ANYBLOB="4a000e001c"], 0xa0}}, 0x2084)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8a"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000940)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0xaf, 0x105, 0x8, 0xf, 0x400, 0xc, 0x2, 0xe, 0xd, 0xfffe, 0x4000, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, &(0x7f0000000c00)={0x14, 0x0, &(0x7f0000000bc0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x3, 0xa, 0x0, 0x0, 0x3f, 0x1, 0x8, 0x9, 0x3, 0x7f, 0x4, 0xbb, 0x0, 0x5, 0x8, 0x6, 0xc, 0x7, 0x3, '\x00', 0xc0, 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.308952942s ago: executing program 4 (id=1842):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0xe0413, &(0x7f00000003c0)={[{@nobarrier}, {@debug}, {@noload}, {@grpid}, {@nodelalloc}], [{@fscontext={'fscontext', 0x3d, 'root'}}, {@seclabel}, {@seclabel}, {@euid_gt}, {@seclabel}, {@uid_gt}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@subj_role={'subj_role', 0x3d, 'GPL\x00'}}]}, 0xd, 0x634, &(0x7f0000000b40)="$eJzs3c1rXF0ZAPDn3swkaaImbxG1GxsQaUGbNGkrRQRb3JZSdekqNmmpTZvSRDS1YAJ1o4gbF4IrF9b/QgtuXejShRsXIoUg0oWVauflTu4k85H5yHQ+kszvB7e599zMOedOeXLOnDnn3gBG1lz2TxpxLiKeJBEzVecKkZ+c2/u9N/9+fjfbkiiVvv2vJJ7/ONmuzivJf07nL/7/TCR/TiPOjjWWu7H17OHy2trq0/x4YfPRk4WNrWeXHjxavr96f/Xx0leWrl+7eu364uV2l/CpVicLVfu3XnzvBzM/vf2d3/76XbL4u7/dTuJGvM/rll1X/Wsn2pXcxlzMRWnP24PUtPzv9Q/M+7j4z0zte5xJ6hM4tu7lMVKMiM/GTIxV/W/OxE++OdTKAX1VSqLSRgEjJ2kf/8XGpMn+VAYYoEo/oPLZ/rDPwY3SPvdKgEHYvbk3ALAX+8WIqMR/YW9sMCbLYwNTb5KacZ4kItqOzHUgK+NPf7z9ItuiyTgc0B/bO5VR7vr2PynH5mxMlo+m3qQ18Z9WbVn6t7osf67uWPzD4GzvRMTn8vZ/PLqO/+92Wb74BwAAAAAAgN55dTMivnzY/L90f/7P+CHzf6Yj4kYPyj/8+7+dqpT0db6T9KA4oMruzYivNcz//V/17ODZsfx7/k+W5wMU03sP1lYv5wtvL0ZxIjterM22ZoLwpZ+f/VWz8qvn/2VbVn5lLmCe1etC3ULcleXN5d5cPYy23Z2It+X5v+fzlNr5P1n7nzS0/z/7RhbgTzos4+wXX96pSfjHwZ+H9vFf50zn1wa0VvpNxIVD1/8cdLeT1vfnWCj3BxYqvYJGn//RL37frPwjxz/QM1n7P9U6/ieS6vv1bBwt//GIuLJVKDU7323//y/Fg/wzP1ze3Hy6GDGe3BprSF86Wp3htKrEQyVesvi/+IXW43/7/f+qOMy64dsdlvmZ99N/b3ZO+w/Dk8X/Suv2f7a2/T/qzmQsvZz9Q36LsQZ3Omr/r5bb9It5ivE/qNZ4P45OA3Qo1QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAEy6NiE9Eks7v76fp/HzEdER8OqbStfWNzS/dW//+45XsXO3z/2f2jpPK8/9nq46X6o6vRMRHEfHLsTPl4/m762srw754AAAAAAAAAAAAAAAAAAAAOCamy2v+SxP16/8z/xwbdu2AvivkP8U7jJ5C168sTfS0IsDAdR//wEnXefwX+1oPYPCax//bd6WygVYHGCD9fxhdXca/rwvgFND+w6jqcExvst/1AIah4/Z/t7/1AAAAAAAAeuKj86/+mkTE9lfPlLfMeH7OZH843dJhVwAYGnN4YXQV1oddA2BYjvIZf7qP9QCGJ9nf+++hi/2bz/5P+lMhAAAAAAAAAAAAAKDBhXPW/8OoSiNaPMLb3H44zVqs/z8s+N0uAE6R5o/+6KTtT/QQ4ATzGR9o145b/w8AAAAAAAAAAAAAx8Dks4fLa2urTze2Tt7O13uRz1T+Rgyq8tvLx+Gt6+3O+3a/U3nM/NFyLkbE8bjAQe9UbsHxYfk8KkV0/fIh/T0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAafBwAAP//wUorAg==")
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x21000, 0x0)
ioctl$TIOCMIWAIT(r0, 0x545c, 0x300fff2)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000002200)=0xf1eb)
close_range(0xffffffffffffffff, r0, 0x2)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r2}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa00008, &(0x7f0000000000), 0x1, 0x7c8, &(0x7f0000001280)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JrsQ2JQeSqGBQHtOYmTFpJatYMkhNoYklEIvPbT0UGguOTdtesuhl/64tpf+DT2UhLR1QlN6KC4jjRL5hxw7seQ0/nxgrPdmRnrvO2/mzfPMIAWwZw2nf3IRByN60uRgNj+JbEZ0R5yor/dgeamQTkmsrLz6Q1Jb5/7yUiGa3pPan2X+GhFfvBlxKLe+3MrC4vREqVScy/Kj1ZkLo5WFxcPnZyamilPF2aNj4+NHjv3n2NGdi/WnrxcP3HnnpX9+fOKXN/5y8+0vkzgRB7JlzXHslOEYzrZJT7oJV3lxpwvbZcluV4Ankh6aXfWjPA7GYHRt0pL/72jNAIB2uRwRKwDAHpM4/wPAHtO4DnB/eanQmKJ+P+fK464dHG/3xYkOuPtCRPTX42/c36wv6a7fs/umv3YfdOB+UrtH0pBExNAOlD8cEddunb6RTtGm+5AAG7lyNSLODg2v7f/THm7tMwvb9a8trDPcSHxaf9H/Qed8lo5//rt+/BeRy47//trfteOfvuZj9yms/Yz1x3/u9qpszw4U2iQd/x1verbtQVP8maGuLPeH2pivJzl3vlRM+7Y/RsRI9PSl+bFNyhi59+u9Vsuax38/vvv6h2n56eujNXK3u/tWv2dyojrxNDE3u3s14m/dG8WfPGz/pMX499QWy3j5f2990GpZGn8ab2NaH397rVyP+MeG7f/oOahk0+cTR2u7w2hjp9hg//zk2/cHWpXf3P7XbqUlLRUa/wt0Qtr+A5vHP5Q0P69Z2X4ZX10f/LzVstXxn76Rlr86/o33/97ktVq6N5t3aaJanRuL6E1eWT//yKP3NvKN9dP4R/6+Kv6sBXOb7v/pSmez9MpjHn7svvP9R08ef3ul8U+m7Z9kQTy2/befuPlguqtV+Vtr//FaaiSbs77/6173uVut4FNtPAAAAAAAAAAAAAAAAAAAAAAAAADYolxEHIgkl3+YzuXy+fpveP85BnKlcqV66Fx5fnYyar+VPRQ9ucZXXQ42fR/qWPZ9+I38kTX5f0fEnyLivb59tXy+UC5N7nbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDZ3+L3/1Pf9e127QCAtunf7QoAAB23rfO/wQIAPBdanNJ7N569r611AQA6o3b+T7p3uxoAQAe5pA8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG126uTJdFr5eXmpkOYnLy7MT5cvHp4sVqbzM/OFfKE8dyE/VS5PlYr5Qnmm5Qddqb+UyuUL4zE7f2m0WqxURysLi2dmyvOz1TPnZyamimeKPR2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2rrKwOD1RKhXnJDZPXH4mqnE1a7bd3hrPU+Jstk2flfpsI9EXEe0qormX2Nf5jgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgd+K3AAAA//+aBB1p")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x101042, 0x4)
lsetxattr$trusted_overlay_upper(&(0x7f00000007c0)='.\x00', &(0x7f0000000800), &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x56, 0x2)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.0316002s ago: executing program 2 (id=1843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
truncate(&(0x7f0000000080)='./file0\x00', 0x8001)

1.984259304s ago: executing program 2 (id=1844):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000"], 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x3, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="14000000040000000400000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x43, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r3, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
socket(0x10, 0x803, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='io_uring_register\x00', r5}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40800)
r6 = io_uring_setup(0x456, &(0x7f00000000c0)={0x0, 0x3, 0x1000, 0x1004003, 0x3c})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r6, 0x18, &(0x7f0000000000), 0x1)

1.51906204s ago: executing program 0 (id=1845):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000"], 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x3, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="14000000040000000400000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x43, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r3, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='io_uring_register\x00', r6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000fa070000bb65000006"], 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40800)
r7 = io_uring_setup(0x456, &(0x7f00000000c0)={0x0, 0x3, 0x1000, 0x1004003, 0x3c})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x18, &(0x7f0000000000), 0x1)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r8 = fcntl$getown(r1, 0x9)
syz_open_procfs$namespace(r8, &(0x7f0000000040)='ns/user\x00')

996.871172ms ago: executing program 2 (id=1846):
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16=r1, @ANYBLOB="01000000000001000000080000001800018014000200"], 0x38}}, 0x4048086)

973.800224ms ago: executing program 2 (id=1847):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x4180}, {r0, 0x100}], 0x2, 0x0, 0x0, 0x0)
r1 = signalfd4(r0, 0x0, 0x0, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
getdents(r1, &(0x7f00000002c0)=""/96, 0x60)
r2 = socket(0x10, 0x803, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
clock_gettime(0x0, &(0x7f00000004c0)={<r5=>0x0, <r6=>0x0})
timer_settime(r4, 0x0, &(0x7f0000000280)={{r5, r6+10000000}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x2)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r9, 0x80041285, &(0x7f0000001080))
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000240)={0x3, 0x9, 0x3b9, 0x0, 0x12})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x7c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4c, 0x2, [@TCA_BASIC_EMATCHES={0x48, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x3c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x23, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x7, 0x3, [@TCF_META_TYPE_VAR="043f51"]}, @TCA_EM_META_LVALUE={0x5, 0x2, [@TCF_META_TYPE_VAR='3', @TCF_META_TYPE_VAR]}]}}]}]}]}}]}, 0x7c}}, 0x0)

952.746456ms ago: executing program 4 (id=1848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
truncate(&(0x7f0000000080)='./file0\x00', 0x8001)

919.556319ms ago: executing program 4 (id=1849):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x181281, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000040)="66b95502000066b80600000066ba000000000f300fc72c66b8020000000f23c00f21f86635010006000f23f8f26d660f3a229f00015e660fc62f0b66b9950900000f3266b8000000800f23d80f21f86635c00000300f23f866b8d70200000f23d00f21f866352000000e0f23f8660f73d340", 0x72}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12015001020000102505a1a440000102030109025c0002010000000904000001020d00000524060001052400a2000d240f01f9fffffffdff08000006241a0000080905810300040000000904010000000000000904010102020d00000905820210000000000905030240"], 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r5, @ANYBLOB="050000000000fcdbdf", @ANYRES32, @ANYBLOB="4a000e001c"], 0xa0}}, 0x2084)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000940)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0xaf, 0x105, 0x8, 0xf, 0x400, 0xc, 0x2, 0xe, 0xd, 0xfffe, 0x4000, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, &(0x7f0000000c00)={0x14, 0x0, &(0x7f0000000bc0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x3, 0xa, 0x0, 0x0, 0x3f, 0x1, 0x8, 0x9, 0x3, 0x7f, 0x4, 0xbb, 0x0, 0x5, 0x8, 0x6, 0xc, 0x7, 0x3, '\x00', 0xc0, 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

613.374349ms ago: executing program 0 (id=1850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3}, 0x50)
pipe2(&(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x80800)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000700)={'ip6_vti0\x00', 0x0, 0x2f, 0x3, 0x7, 0x759, 0x49, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x1, 0x1}})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
close(0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)

82.276081ms ago: executing program 2 (id=1851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
truncate(&(0x7f0000000080)='./file0\x00', 0x8001)

50.405645ms ago: executing program 2 (id=1852):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffe}})
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fspick(r4, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000980)={0xf92, 0x0, 0x0, 0x0, 0x6733, 0x0, 0x0, 0xa00000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6bf7, 0x0, 0xfef, 0x0, 0x0, 0x1, 0xb0000000000, 0x8})
socketpair(0x25, 0x1, 0x1902, &(0x7f0000000000))
r5 = socket(0x11, 0x3, 0x0)
r6 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x541c, &(0x7f0000004780))
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r7=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0, 0xdd12}], 0x1}, 0x20040051)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x401, &(0x7f0000000140)={[{@cpuset_v2_mode}]})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001100010026bd7000fbdbdf25e0000001000000001b00000000000000000004cf0a0032"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040024)

0s ago: executing program 0 (id=1853):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
socket(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x1010000, &(0x7f0000000600)=ANY=[@ANYBLOB="757466383d312c696f636861727365743d6d6163637972696c6c69632c756e695f786c6174653d302c696f636861727365743d757466382c757466383d302c757466383d312c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c63d027636b3d7374726963742c74696d655f6f66667365743d3078666666666666666666666666666262322c00"], 0x1, 0x363, &(0x7f0000000280)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ8Hmpy+57znnPtDcntJTp9bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6f/+fOazNzEEVr5zIlACAEzZ2///efdW13k+1+LVa+lQAAHBaPfH0M48urUQ83mjMRKy9udncbMZDw/qly/FSdGI1zsVs3IzILxS6D5Xe44WLK8vnGo3GTvw0F82ImOonNvMrhaWsl1+PhZiNuX5+/2ojpZRd+GRleaHRExG7O73xY62y2ZyOs/3xvz8bq8MLj6KT3lPExZXl841+B821In8nYm9436I7//mYjW+fH3STUvEJxpXlKwvFpIf5m816XBrshQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2ZbwzMDdbPSd3nfKWc+fkJ9b31cfL8/vpAe/n6QKmeIqXfXnug+VYW+9YHGl2fZ9NCggAAAAAAAAAAAAAAAAAAADCwsVWLVqezur6xtd0uF3bWN7amIqIbefnrj744E+NtblGo5kPUIwZDNPrDbrdbKSsapyxiPD3rDl5EPvh0MONym/pgKyZOo35wVafzv3t+fHcYuTsrev5z2CaLyRuYlabx8EjPa//Pp3ScHTUonC9H6uOjX00plSJvlNOvPDveYVQiqsc/cNvtqTi4TeoWvrr24p3F3m99nnL33T/75NV33v+l3ep0R47eEaytb9xM7ValaHy83dLd1UWkEnmhUj4Tqoel7+2PtLLvfn3qrre/OdroqRx5tXs+j7TJ8s35eDS9lhe60xypOjNMn+5vRGd1esLJf6vCbRzTO9777MOUfvj5yEMMTY29bFT+nlcfAAAAAAAAAAAAAAAAAACgrPRd8b7+l32nD8t68LGTnxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HOG//+/VNjbjZHIUQp/7EzIqq+ub0TU/u3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA///tLFqQ")
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61105c00000000006113380000000000bfa00000000000000700000008ffffffd50301001874004095000600000000006916360000000000bf67000000000000360607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c747664e9f7478f8200000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r5}, 0x18)
io_uring_setup(0x261e, &(0x7f00000008c0)={0x0, 0xfffffffc, 0x8000, 0xfffffffe, 0x800001b5})
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000100), 0x21c004, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES8=r5, @ANYBLOB=',wf\tno=', @ANYRESHEX, @ANYBLOB=',\x00'])
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x6)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf32(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c462f02034201000080000000000200060014000000630000003800000081020000020000000000200003006200070005000000002006000000f7ffff803dffffff03000000feffffffffffffff1374b04a0500000005000000090000000100000000000000380000000c0000000800000006000000"], 0x98)
close(r6)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)

kernel console output (not intermixed with test programs):

sefold feature
[  272.038435][  T481] cdc_ncm 1-1:1.0: setting tx_max = 48
[  272.046753][  T481] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  272.057106][ T3960] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.888: couldn't read orphan inode 15 (err -117)
[  272.060070][  T481] usb 1-1: USB disconnect, device number 14
[  272.144561][  T481] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  272.209350][ T3960] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  272.401297][ T3982] netlink: 12 bytes leftover after parsing attributes in process `syz.3.894'.
[  272.449070][  T286] EXT4-fs (loop4): unmounting filesystem.
[  272.631161][ T3993] netlink: 12 bytes leftover after parsing attributes in process `syz.4.897'.
[  272.698359][  T351] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[  272.718350][ T2837] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  272.889730][  T351] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  272.900935][  T351] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  272.913095][ T2837] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  272.924257][ T2837] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  273.163078][  T351] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.172336][  T351] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.180476][  T351] usb 3-1: Product: syz
[  273.184695][  T351] usb 3-1: Manufacturer: syz
[  273.192926][  T351] usb 3-1: SerialNumber: syz
[  273.197705][ T2837] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.201581][ T4002] loop1: detected capacity change from 0 to 512
[  273.207655][ T2837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.222567][ T3984] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  273.229990][ T2837] usb 4-1: Product: syz
[  273.230794][ T4002] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.900: casefold flag without casefold feature
[  273.235120][ T2837] usb 4-1: Manufacturer: syz
[  273.247697][ T4002] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.900: couldn't read orphan inode 15 (err -117)
[  273.251916][ T2837] usb 4-1: SerialNumber: syz
[  273.263568][ T4002] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  273.290078][ T3987] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  273.410769][  T282] EXT4-fs (loop1): unmounting filesystem.
[  273.661460][ T4010] loop4: detected capacity change from 0 to 256
[  273.670587][ T4010] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  274.801744][ T4018] netlink: 12 bytes leftover after parsing attributes in process `syz.1.902'.
[  274.815423][ T4020] loop4: detected capacity change from 0 to 1024
[  274.932000][ T4020] loop4: detected capacity change from 0 to 2048
[  274.983398][ T4020] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  275.197334][  T351] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  275.208347][  T351] cdc_ncm 3-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  275.226018][  T351] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  275.287293][ T4032] netlink: 12 bytes leftover after parsing attributes in process `syz.1.907'.
[  275.344476][ T4033] device syzkaller0 entered promiscuous mode
[  275.562422][ T2837] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  275.568990][  T351] cdc_ncm 3-1:1.0: setting tx_max = 48
[  275.574856][ T2837] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  275.584175][  T351] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  275.603801][ T2837] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  275.610498][ T2837] cdc_ncm 4-1:1.0: setting tx_max = 48
[  275.627345][  T351] usb 3-1: USB disconnect, device number 20
[  275.638768][ T2837] cdc_ncm 4-1:1.0 usb1: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  275.650156][  T351] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  275.679532][ T2837] usb 4-1: USB disconnect, device number 13
[  275.688096][ T2837] cdc_ncm 4-1:1.0 usb1: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  275.712761][ T4041] loop1: detected capacity change from 0 to 512
[  275.741793][ T4041] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.909: casefold flag without casefold feature
[  275.787422][ T4041] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.909: couldn't read orphan inode 15 (err -117)
[  275.824443][ T4041] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  275.897212][  T282] EXT4-fs (loop1): unmounting filesystem.
[  276.466918][ T4060] device syzkaller0 entered promiscuous mode
[  276.799744][  T286] EXT4-fs (loop4): unmounting filesystem.
[  277.203011][ T4083] loop4: detected capacity change from 0 to 1024
[  277.277065][ T4090] loop1: detected capacity change from 0 to 256
[  277.286328][ T4090] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  277.902558][ T4083] loop4: detected capacity change from 0 to 2048
[  278.141928][ T4083] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  278.461303][ T3726] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  279.478832][ T4112] device syzkaller0 entered promiscuous mode
[  279.572113][ T4116] loop1: detected capacity change from 0 to 256
[  279.582031][ T4116] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  280.748194][ T4122] device syzkaller0 entered promiscuous mode
[  280.854506][  T286] EXT4-fs (loop4): unmounting filesystem.
[  281.280406][ T4134] loop1: detected capacity change from 0 to 256
[  281.290356][ T4134] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  282.268444][  T293] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  282.442490][ T4145] device syzkaller0 entered promiscuous mode
[  282.709513][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  282.720698][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  282.732813][ T4152] netlink: 12 bytes leftover after parsing attributes in process `syz.3.930'.
[  282.743176][  T293] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  282.757333][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.765814][  T293] usb 5-1: Product: syz
[  282.770205][  T293] usb 5-1: Manufacturer: syz
[  282.774844][  T293] usb 5-1: SerialNumber: syz
[  282.789426][ T4132] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  282.820490][ T4154] netlink: 12 bytes leftover after parsing attributes in process `syz.0.931'.
[  283.950420][  T293] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  283.966329][  T293] cdc_ncm 5-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  283.978984][  T293] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  284.089240][ T4177] netlink: 12 bytes leftover after parsing attributes in process `syz.1.939'.
[  284.151335][  T293] cdc_ncm 5-1:1.0: setting tx_max = 48
[  284.166652][  T293] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  284.192238][  T293] usb 5-1: USB disconnect, device number 19
[  284.211268][  T293] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[  286.025002][ T4214] loop4: detected capacity change from 0 to 512
[  286.095345][ T4214] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.943: casefold flag without casefold feature
[  286.108216][ T4214] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.943: couldn't read orphan inode 15 (err -117)
[  286.143257][ T4227] loop3: detected capacity change from 0 to 512
[  286.157123][ T4214] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  286.279990][ T4227] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.946: casefold flag without casefold feature
[  286.301179][ T4227] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.946: couldn't read orphan inode 15 (err -117)
[  286.333646][ T4227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  286.467896][ T4239] loop1: detected capacity change from 0 to 256
[  286.477886][ T4239] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  287.087661][ T4237] netlink: 12 bytes leftover after parsing attributes in process `syz.0.945'.
[  287.702464][  T284] EXT4-fs (loop3): unmounting filesystem.
[  287.786977][  T286] EXT4-fs (loop4): unmounting filesystem.
[  288.109463][ T4254] loop4: detected capacity change from 0 to 1024
[  288.170331][ T3726] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  288.199772][ T4254] loop4: detected capacity change from 0 to 2048
[  288.223389][ T4254] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  290.737880][ T4289] loop3: detected capacity change from 0 to 512
[  290.754850][  T286] EXT4-fs (loop4): unmounting filesystem.
[  291.009673][ T4289] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.961: casefold flag without casefold feature
[  291.035992][ T4296] loop4: detected capacity change from 0 to 512
[  291.050301][ T4289] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.961: couldn't read orphan inode 15 (err -117)
[  291.090524][ T4296] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.963: casefold flag without casefold feature
[  291.120241][ T4289] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  291.142014][ T4296] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.963: couldn't read orphan inode 15 (err -117)
[  291.186896][ T4296] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  291.314943][  T284] EXT4-fs (loop3): unmounting filesystem.
[  291.516970][  T286] EXT4-fs (loop4): unmounting filesystem.
[  291.631438][ T4316] loop4: detected capacity change from 0 to 512
[  291.897278][ T4316] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.968: casefold flag without casefold feature
[  291.949846][ T4316] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.968: couldn't read orphan inode 15 (err -117)
[  291.953890][ T4312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.965'.
[  291.977220][ T4316] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  292.054268][ T4323] netlink: 28 bytes leftover after parsing attributes in process `syz.0.969'.
[  292.192443][  T286] EXT4-fs (loop4): unmounting filesystem.
[  292.230789][ T4326] loop4: detected capacity change from 0 to 1024
[  292.250312][ T4326] EXT4-fs: Ignoring removed nobh option
[  292.267360][ T4326] EXT4-fs: Ignoring removed bh option
[  292.286340][ T4326] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  292.395338][ T4326] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  293.554794][  T286] EXT4-fs (loop4): unmounting filesystem.
[  295.622094][ T4390] netlink: 12 bytes leftover after parsing attributes in process `syz.4.985'.
[  295.681960][ T4395] device syzkaller0 entered promiscuous mode
[  295.795358][ T4401] loop1: detected capacity change from 0 to 512
[  295.815782][ T4401] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.990: casefold flag without casefold feature
[  295.838417][ T4401] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.990: couldn't read orphan inode 15 (err -117)
[  295.853810][ T4401] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  296.003253][  T282] EXT4-fs (loop1): unmounting filesystem.
[  296.038351][   T19] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  296.091396][ T4411] loop1: detected capacity change from 0 to 512
[  296.125046][ T4411] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.992: casefold flag without casefold feature
[  296.138099][ T4411] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.992: couldn't read orphan inode 15 (err -117)
[  296.150598][ T4411] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  296.247448][  T282] EXT4-fs (loop1): unmounting filesystem.
[  296.279554][   T19] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  296.291380][   T19] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  296.304433][   T19] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  296.313882][   T19] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.322609][   T19] usb 4-1: Product: syz
[  296.327323][   T19] usb 4-1: Manufacturer: syz
[  296.360182][   T19] usb 4-1: SerialNumber: syz
[  296.365905][ T4398] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  297.419465][ T4435] loop1: detected capacity change from 0 to 512
[  297.455915][ T4435] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1000: casefold flag without casefold feature
[  297.470765][ T4435] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1000: couldn't read orphan inode 15 (err -117)
[  297.487777][ T4435] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  297.666466][ T4447] loop4: detected capacity change from 0 to 512
[  297.837461][  T282] EXT4-fs (loop1): unmounting filesystem.
[  297.880779][ T4447] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1002: casefold flag without casefold feature
[  297.984100][ T4447] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1002: couldn't read orphan inode 15 (err -117)
[  298.018599][ T4447] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  298.182992][  T286] EXT4-fs (loop4): unmounting filesystem.
[  298.204978][ T4455] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1003'.
[  298.268893][   T19] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  298.282046][   T19] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  298.303658][   T19] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  298.473333][   T19] cdc_ncm 4-1:1.0: setting tx_max = 48
[  298.668788][ T4466] loop4: detected capacity change from 0 to 256
[  298.686386][ T4466] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  300.570703][   T19] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  300.726658][ T4482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1011'.
[  300.913961][ T4484] loop4: detected capacity change from 0 to 1024
[  301.048127][   T19] usb 4-1: USB disconnect, device number 14
[  301.056232][   T19] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  301.080587][ T4484] loop4: detected capacity change from 0 to 2048
[  301.211919][ T4484] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  304.215729][ T4517] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1017'.
[  305.067542][  T286] EXT4-fs (loop4): unmounting filesystem.
[  305.962032][ T4525] device syzkaller0 entered promiscuous mode
[  306.860418][ T4535] device syzkaller0 entered promiscuous mode
[  306.966469][ T4541] loop4: detected capacity change from 0 to 1024
[  306.977605][ T4543] loop1: detected capacity change from 0 to 1024
[  307.056272][ T4541] EXT4-fs: Ignoring removed nobh option
[  307.068525][ T4541] EXT4-fs: Ignoring removed bh option
[  307.086775][ T4543] EXT4-fs: Ignoring removed nobh option
[  307.094369][ T4543] EXT4-fs: Ignoring removed bh option
[  307.107487][ T4541] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  307.128746][ T4543] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  308.109604][ T4541] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  308.119427][ T4543] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  308.455231][ T4543] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1026'.
[  308.527018][ T4562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1031'.
[  308.614863][  T286] EXT4-fs (loop4): unmounting filesystem.
[  308.697505][  T282] EXT4-fs (loop1): unmounting filesystem.
[  308.968469][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  309.168410][   T24] usb 5-1: Using ep0 maxpacket: 32
[  309.176096][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  309.206291][   T24] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  309.240858][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  309.280865][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  309.324819][   T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  309.363948][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.398993][   T24] usb 5-1: Product: syz
[  309.418184][   T24] usb 5-1: Manufacturer: syz
[  309.439003][   T24] usb 5-1: SerialNumber: syz
[  309.596962][ T4576] loop1: detected capacity change from 0 to 256
[  309.606919][ T4576] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  310.018386][ T3726] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  311.027305][ T4601] loop3: detected capacity change from 0 to 512
[  311.055316][ T4601] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1043: casefold flag without casefold feature
[  311.086435][ T4601] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1043: couldn't read orphan inode 15 (err -117)
[  311.140227][ T4601] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  311.222735][ T4608] serio: Serial port ptm0
[  311.345743][  T284] EXT4-fs (loop3): unmounting filesystem.
[  311.562084][ T4619] loop1: detected capacity change from 0 to 1024
[  311.608957][ T3726] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  311.649932][ T4619] loop1: detected capacity change from 0 to 2048
[  311.670693][ T4619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  311.859213][   T24] usb 5-1: 0:2 : does not exist
[  311.876827][   T24] usb 5-1: USB disconnect, device number 20
[  312.322278][ T4637] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1052'.
[  312.541805][  T282] EXT4-fs (loop1): unmounting filesystem.
[  312.718669][ T4645] loop3: detected capacity change from 0 to 1024
[  312.733206][ T4645] EXT4-fs: Ignoring removed nobh option
[  312.741570][ T4645] EXT4-fs: Ignoring removed bh option
[  312.747453][ T4645] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  313.594376][ T4645] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  313.609662][ T4645] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1057'.
[  314.846830][ T4661] loop4: detected capacity change from 0 to 1024
[  315.165909][ T4661] EXT4-fs: Ignoring removed nobh option
[  315.182768][  T284] EXT4-fs (loop3): unmounting filesystem.
[  315.182957][ T4661] EXT4-fs: Ignoring removed bh option
[  315.194209][ T4670] loop1: detected capacity change from 0 to 512
[  315.195065][ T4661] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  315.234305][ T4661] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  315.323322][ T4670] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1062: casefold flag without casefold feature
[  315.337893][ T4670] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1062: couldn't read orphan inode 15 (err -117)
[  315.350968][ T4670] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  319.193509][  T286] EXT4-fs (loop4): unmounting filesystem.
[  319.453919][  T282] EXT4-fs (loop1): unmounting filesystem.
[  320.862261][ T4710] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1069'.
[  322.432202][ T4751] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1083'.
[  322.444270][ T4753] loop4: detected capacity change from 0 to 512
[  322.485147][ T4753] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1084: casefold flag without casefold feature
[  322.518520][ T4753] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1084: couldn't read orphan inode 15 (err -117)
[  322.558488][ T4753] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  322.786973][  T286] EXT4-fs (loop4): unmounting filesystem.
[  322.825759][ T4769] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1086'.
[  325.195667][ T4801] loop1: detected capacity change from 0 to 1024
[  325.202600][ T4801] EXT4-fs: Ignoring removed nobh option
[  325.208575][ T4801] EXT4-fs: Ignoring removed bh option
[  325.214613][ T4801] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  325.282588][ T4801] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  328.283816][  T282] EXT4-fs (loop1): unmounting filesystem.
[  328.395502][ T4826] loop1: detected capacity change from 0 to 1024
[  328.718771][ T4830] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1101'.
[  328.732834][ T4831] loop1: detected capacity change from 0 to 2048
[  328.773417][ T4831] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  331.359935][ T4856] loop3: detected capacity change from 0 to 256
[  331.366782][ T4856] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  331.604347][ T4692] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  332.337619][ T4868] loop4: detected capacity change from 0 to 256
[  332.353807][ T4868] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  332.584640][ T4870] loop3: detected capacity change from 0 to 1024
[  332.677272][ T4870] EXT4-fs: Ignoring removed nobh option
[  332.746762][ T4870] EXT4-fs: Ignoring removed bh option
[  332.819310][ T4870] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  332.988634][ T4870] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  333.217302][  T282] EXT4-fs (loop1): unmounting filesystem.
[  333.420086][  T284] EXT4-fs (loop3): unmounting filesystem.
[  333.498610][ T4692] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  333.964124][ T4889] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1117'.
[  334.076891][ T4891] loop1: detected capacity change from 0 to 256
[  334.087313][ T4891] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  335.038219][ T4692] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  337.689912][ T4917] loop4: detected capacity change from 0 to 1024
[  337.727480][ T4917] loop4: detected capacity change from 0 to 2048
[  338.956112][ T4924] loop1: detected capacity change from 0 to 512
[  338.978915][ T4917] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  339.029500][ T4924] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1125: casefold flag without casefold feature
[  339.048339][  T351] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  339.069468][ T4924] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1125: couldn't read orphan inode 15 (err -117)
[  339.088470][ T4924] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  339.199022][ T4929] device syzkaller0 entered promiscuous mode
[  339.509443][  T351] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  339.521940][  T282] EXT4-fs (loop1): unmounting filesystem.
[  339.525793][  T351] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  339.548475][  T351] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  339.563785][  T351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.583262][  T351] usb 4-1: Product: syz
[  339.592666][  T351] usb 4-1: Manufacturer: syz
[  339.603516][  T351] usb 4-1: SerialNumber: syz
[  339.620050][ T4913] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  339.628467][ T4938] device syzkaller0 entered promiscuous mode
[  339.765055][ T4942] loop1: detected capacity change from 0 to 512
[  339.811484][ T4942] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1130: casefold flag without casefold feature
[  339.844700][ T4942] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1130: couldn't read orphan inode 15 (err -117)
[  339.893812][ T4942] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  339.911540][  T286] EXT4-fs (loop4): unmounting filesystem.
[  339.914531][ T4945] device syzkaller0 entered promiscuous mode
[  340.035080][  T282] EXT4-fs (loop1): unmounting filesystem.
[  340.806953][  T481] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  341.243766][ T4966] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1137'.
[  341.369183][  T481] usb 5-1: Using ep0 maxpacket: 32
[  341.375887][  T481] usb 5-1: unable to get BOS descriptor or descriptor too short
[  341.384680][  T481] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  341.394077][  T481] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  341.404519][  T481] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  341.746300][ T4971] loop1: detected capacity change from 0 to 256
[  341.763525][ T4971] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  342.250121][  T481] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  342.267843][  T481] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.277405][  T481] usb 5-1: Product: syz
[  342.283551][  T481] usb 5-1: Manufacturer: syz
[  342.330302][  T481] usb 5-1: SerialNumber: syz
[  342.775486][  T351] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  342.788393][  T351] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  342.796111][  T351] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  342.802221][  T351] cdc_ncm 4-1:1.0: setting tx_max = 48
[  342.826666][ T4979] device syzkaller0 entered promiscuous mode
[  342.835155][  T351] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  342.867074][  T351] usb 4-1: USB disconnect, device number 15
[  342.873453][  T351] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  343.562245][ T4983] device syzkaller0 entered promiscuous mode
[  343.591511][  T481] usb 5-1: 0:2 : does not exist
[  343.611056][ T4989] loop3: detected capacity change from 0 to 512
[  343.626136][  T481] usb 5-1: USB disconnect, device number 21
[  343.749741][ T4989] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1145: casefold flag without casefold feature
[  343.768495][ T4989] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1145: couldn't read orphan inode 15 (err -117)
[  343.796108][ T4989] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  346.242194][ T4997] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1147'.
[  346.279814][  T284] EXT4-fs (loop3): unmounting filesystem.
[  346.300271][ T4695] udevd[4695]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  346.359666][ T5012] loop3: detected capacity change from 0 to 512
[  346.459344][ T5012] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1149: casefold flag without casefold feature
[  346.632761][ T5017] device syzkaller0 entered promiscuous mode
[  346.749419][ T5012] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1149: couldn't read orphan inode 15 (err -117)
[  346.793946][ T5012] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  348.614711][  T284] EXT4-fs (loop3): unmounting filesystem.
[  349.309819][ T5039] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1157'.
[  350.015943][ T5050] loop3: detected capacity change from 0 to 256
[  350.034644][ T5050] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  350.727536][ T5052] loop1: detected capacity change from 0 to 512
[  350.735721][ T5054] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1162'.
[  350.802099][ T5052] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1161: casefold flag without casefold feature
[  350.884473][ T5052] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1161: couldn't read orphan inode 15 (err -117)
[  350.896593][ T5052] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  351.361059][ T5076] loop4: detected capacity change from 0 to 256
[  351.370411][ T5076] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  351.995845][  T282] EXT4-fs (loop1): unmounting filesystem.
[  352.359625][ T5092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1174'.
[  352.438322][ T2837] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  352.546995][ T5100] loop4: detected capacity change from 0 to 512
[  352.589283][ T5100] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1177: casefold flag without casefold feature
[  352.610047][ T5100] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1177: couldn't read orphan inode 15 (err -117)
[  352.790110][ T5100] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  352.928287][ T2837] usb 4-1: Using ep0 maxpacket: 32
[  352.987927][  T286] EXT4-fs (loop4): unmounting filesystem.
[  353.278820][ T5115] loop4: detected capacity change from 0 to 256
[  353.285667][ T5115] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  354.328421][ T2837] usb 4-1: unable to get BOS descriptor or descriptor too short
[  354.346503][ T2837] usb 4-1: unable to read config index 0 descriptor/start: -71
[  354.354641][ T2837] usb 4-1: can't read configurations, error -71
[  354.703593][ T5130] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1186'.
[  357.166229][ T5136] loop1: detected capacity change from 0 to 1024
[  357.366780][ T5136] loop1: detected capacity change from 0 to 2048
[  357.558642][ T5136] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  357.881690][ T5148] loop3: detected capacity change from 0 to 512
[  358.143434][ T5149] loop4: detected capacity change from 0 to 256
[  358.152001][ T5149] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  358.230312][ T5148] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1191: casefold flag without casefold feature
[  358.287871][ T5148] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1191: couldn't read orphan inode 15 (err -117)
[  358.343312][ T5148] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  358.538076][ T4694] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  358.602634][  T293] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  358.678978][  T284] EXT4-fs (loop3): unmounting filesystem.
[  359.388391][  T282] EXT4-fs (loop1): unmounting filesystem.
[  359.414119][ T5173] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1196'.
[  359.442224][ T5175] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1197'.
[  362.056705][ T2837] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  362.171581][ T5204] device syzkaller0 entered promiscuous mode
[  362.259464][ T2837] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  362.279754][ T2837] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  362.283019][ T5213] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1209'.
[  362.292971][ T2837] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  362.331303][ T2837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.339998][ T2837] usb 4-1: Product: syz
[  362.350714][ T2837] usb 4-1: Manufacturer: syz
[  362.355468][ T2837] usb 4-1: SerialNumber: syz
[  362.365567][ T5188] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  362.502113][ T5223] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1211'.
[  362.558327][  T293] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  362.749364][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  362.760594][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  362.773006][  T293] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  362.782322][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.790585][  T293] usb 5-1: Product: syz
[  362.794822][  T293] usb 5-1: Manufacturer: syz
[  362.799472][  T293] usb 5-1: SerialNumber: syz
[  362.805511][ T5206] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  363.257560][ T5233] device syzkaller0 entered promiscuous mode
[  363.392016][ T2837] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  363.401219][ T2837] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  363.415613][ T2837] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  363.697993][ T5242] loop1: detected capacity change from 0 to 256
[  363.708297][ T5242] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  364.579842][ T4694] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  364.830648][ T2837] cdc_ncm 4-1:1.0: setting tx_max = 48
[  364.837854][  T293] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  364.890735][  T293] cdc_ncm 5-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  364.902666][ T2837] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  364.913823][  T293] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  364.936027][ T2837] usb 4-1: USB disconnect, device number 18
[  364.942399][ T2837] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  364.997753][ T5250] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1219'.
[  365.021377][ T5252] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1221'.
[  365.071645][  T293] cdc_ncm 5-1:1.0: setting tx_max = 48
[  365.084019][  T293] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  368.347516][  T293] usb 5-1: USB disconnect, device number 22
[  368.353708][ T5264] loop1: detected capacity change from 0 to 512
[  368.361700][  T293] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[  368.459723][ T5264] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1224: casefold flag without casefold feature
[  368.472812][ T5264] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1224: couldn't read orphan inode 15 (err -117)
[  368.510626][ T5264] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  368.878071][ T5276] device syzkaller0 entered promiscuous mode
[  368.948309][ T5285] device syzkaller0 entered promiscuous mode
[  369.019660][ T5287] loop4: detected capacity change from 0 to 512
[  369.020667][  T282] EXT4-fs (loop1): unmounting filesystem.
[  369.036611][ T5287] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1229: casefold flag without casefold feature
[  369.049702][ T5287] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1229: couldn't read orphan inode 15 (err -117)
[  369.061765][  T340] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  369.062388][ T5287] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  369.209762][  T286] EXT4-fs (loop4): unmounting filesystem.
[  369.345580][ T5295] loop1: detected capacity change from 0 to 256
[  369.355340][ T5295] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  369.390175][  T340] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  370.499734][ T5296] loop4: detected capacity change from 0 to 512
[  370.506899][  T340] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  370.523799][  T340] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  370.606302][  T340] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.614820][  T340] usb 1-1: Product: syz
[  370.619386][  T340] usb 1-1: Manufacturer: syz
[  370.624013][  T340] usb 1-1: SerialNumber: syz
[  370.630158][ T5281] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  370.664319][ T5302] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1233'.
[  370.679158][ T5296] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1231: casefold flag without casefold feature
[  370.864425][ T5305] loop3: detected capacity change from 0 to 256
[  370.875360][ T5305] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  370.920204][ T5296] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1231: couldn't read orphan inode 15 (err -117)
[  371.804149][ T5296] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  371.807438][  T340] cdc_ncm 1-1:1.0: bind() failure
[  371.821153][  T340] usb 1-1: USB disconnect, device number 15
[  371.909840][ T5310] loop3: detected capacity change from 0 to 512
[  371.919276][ T5310] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1235: casefold flag without casefold feature
[  371.932258][ T5310] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1235: couldn't read orphan inode 15 (err -117)
[  371.944430][ T5310] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  372.090531][  T286] EXT4-fs (loop4): unmounting filesystem.
[  372.153007][  T284] EXT4-fs (loop3): unmounting filesystem.
[  372.284376][ T5327] device syzkaller0 entered promiscuous mode
[  372.788833][ T5343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1244'.
[  374.109477][ T5355] loop4: detected capacity change from 0 to 256
[  374.116331][ T5355] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  374.969718][ T5357] loop1: detected capacity change from 0 to 1024
[  375.194965][ T4694] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  375.262629][ T5357] loop1: detected capacity change from 0 to 2048
[  375.311295][ T5357] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  376.334971][ T5377] device syzkaller0 entered promiscuous mode
[  376.356765][ T5374] loop4: detected capacity change from 0 to 256
[  376.363707][ T5374] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  376.488369][ T4692] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  377.966485][  T282] EXT4-fs (loop1): unmounting filesystem.
[  378.320197][ T5414] loop1: detected capacity change from 0 to 512
[  378.372319][ T5414] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1262: casefold flag without casefold feature
[  378.412499][ T5414] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1262: couldn't read orphan inode 15 (err -117)
[  378.424850][ T5414] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  378.583761][  T282] EXT4-fs (loop1): unmounting filesystem.
[  378.629507][ T5425] loop1: detected capacity change from 0 to 1024
[  378.717974][ T5425] loop1: detected capacity change from 0 to 2048
[  378.811451][ T5425] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  378.827663][ T5432] device syzkaller0 entered promiscuous mode
[  378.848296][  T351] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  379.039505][  T351] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  379.050688][  T351] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  379.207762][  T351] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  379.217114][  T351] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.225419][  T351] usb 5-1: Product: syz
[  379.229856][  T351] usb 5-1: Manufacturer: syz
[  379.234521][  T351] usb 5-1: SerialNumber: syz
[  379.244214][ T5422] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  379.539636][  T282] EXT4-fs (loop1): unmounting filesystem.
[  380.731988][  T351] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  380.749337][  T351] cdc_ncm 5-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  380.788807][  T351] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  380.935215][  T351] cdc_ncm 5-1:1.0: setting tx_max = 48
[  380.966630][  T351] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  380.979976][ T5474] device syzkaller0 entered promiscuous mode
[  381.007741][  T351] usb 5-1: USB disconnect, device number 23
[  381.052169][  T351] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[  381.581727][ T5487] loop4: detected capacity change from 0 to 512
[  381.675805][ T5487] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1279: casefold flag without casefold feature
[  381.778635][ T5487] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1279: couldn't read orphan inode 15 (err -117)
[  381.821120][ T5487] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  382.082247][  T286] EXT4-fs (loop4): unmounting filesystem.
[  383.066646][ T5537] loop3: detected capacity change from 0 to 512
[  385.893569][ T5550] loop1: detected capacity change from 0 to 256
[  386.061380][ T5550] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  387.086414][ T5537] EXT4-fs: error -4 creating inode table initialization thread
[  387.115359][ T5537] EXT4-fs (loop3): mount failed
[  387.361321][ T5559] loop4: detected capacity change from 0 to 256
[  387.368098][ T5559] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  388.019314][ T5577] loop3: detected capacity change from 0 to 256
[  388.041926][ T5577] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  388.074971][ T5576] device syzkaller0 entered promiscuous mode
[  389.234092][ T5578] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1297'.
[  389.962947][ T5586] device syzkaller0 entered promiscuous mode
[  389.981087][ T5588] loop3: detected capacity change from 0 to 256
[  389.987916][ T5588] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  390.044019][ T5596] loop4: detected capacity change from 0 to 512
[  390.059341][ T4692] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  390.756029][ T5597] loop1: detected capacity change from 0 to 256
[  390.766005][ T5597] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  391.695270][ T5596] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1304: casefold flag without casefold feature
[  391.727013][ T5596] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1304: couldn't read orphan inode 15 (err -117)
[  391.764812][ T5596] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  391.906984][  T286] EXT4-fs (loop4): unmounting filesystem.
[  392.129144][ T5622] device syzkaller0 entered promiscuous mode
[  392.409880][ T5629] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1316'.
[  392.417467][ T5630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5630 comm=syz.4.1315
[  392.436706][ T5630] loop4: detected capacity change from 0 to 512
[  392.502598][ T5630] EXT4-fs warning (device loop4): ext4_enable_quotas:7055: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  392.520247][ T5630] EXT4-fs (loop4): mount failed
[  392.525122][ T5637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1311'.
[  394.538302][ T2837] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  394.576143][ T5648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1320'.
[  394.589282][   T28] kauditd_printk_skb: 49 callbacks suppressed
[  394.589299][   T28] audit: type=1400 audit(1760158616.641:8184): avc:  denied  { write } for  pid=5646 comm="syz.0.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  394.638939][ T5653] loop4: detected capacity change from 0 to 512
[  394.663374][ T5653] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1322: casefold flag without casefold feature
[  394.698124][ T5653] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1322: couldn't read orphan inode 15 (err -117)
[  394.710767][ T5653] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  394.738329][ T2837] usb 3-1: Using ep0 maxpacket: 32
[  394.746017][ T2837] usb 3-1: unable to get BOS descriptor or descriptor too short
[  394.762808][ T2837] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  394.798561][ T2837] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  394.821027][  T286] EXT4-fs (loop4): unmounting filesystem.
[  394.833523][ T2837] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  394.906506][ T5662] loop1: detected capacity change from 0 to 256
[  394.916189][ T5662] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  396.008743][ T2837] usb 3-1: string descriptor 0 read error: -71
[  396.015020][ T2837] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  396.025635][ T2837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.072311][ T2837] usb 3-1: can't set config #1, error -71
[  396.093109][ T2837] usb 3-1: USB disconnect, device number 22
[  397.082066][ T5680] loop1: detected capacity change from 0 to 256
[  397.089654][ T5680] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  401.524050][ T5705] device syzkaller0 entered promiscuous mode
[  401.889820][ T5706] loop1: detected capacity change from 0 to 256
[  401.897548][ T5706] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  403.422761][ T5712] syz.4.1340 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  403.751114][ T5745] loop3: detected capacity change from 0 to 512
[  403.790860][   T28] audit: type=1400 audit(1760158625.861:8185): avc:  denied  { read } for  pid=5738 comm="syz.4.1349" name="event2" dev="devtmpfs" ino=275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  403.826346][ T5745] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1351: casefold flag without casefold feature
[  403.849987][ T5745] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1351: couldn't read orphan inode 15 (err -117)
[  403.886423][   T28] audit: type=1400 audit(1760158625.861:8186): avc:  denied  { open } for  pid=5738 comm="syz.4.1349" path="/dev/input/event2" dev="devtmpfs" ino=275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  403.908570][ T5745] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  403.912937][   T28] audit: type=1400 audit(1760158625.861:8187): avc:  denied  { ioctl } for  pid=5738 comm="syz.4.1349" path="/dev/input/event2" dev="devtmpfs" ino=275 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  405.034638][ T5759] loop4: detected capacity change from 0 to 256
[  405.048777][ T5759] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  405.739773][  T284] EXT4-fs (loop3): unmounting filesystem.
[  405.807088][ T5769] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1355'.
[  406.413599][   T28] audit: type=1400 audit(1760158628.341:8188): avc:  denied  { write } for  pid=5772 comm="syz.2.1357" name="001" dev="devtmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  406.787076][ T5784] loop1: detected capacity change from 0 to 512
[  406.884119][ T5784] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1360: casefold flag without casefold feature
[  406.897649][ T5784] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1360: couldn't read orphan inode 15 (err -117)
[  406.910036][ T5784] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  407.848853][ T5795] loop4: detected capacity change from 0 to 256
[  407.963740][ T5795] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1358'.
[  407.974259][ T5795] device gretap0 entered promiscuous mode
[  407.994272][ T5795] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1358'.
[  408.003823][ T5795] 0ªX¹¦D: renamed from gretap0
[  408.015477][ T5795] device 
30ªX¹¦D left promiscuous mode
[  408.024747][ T5795] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  408.477400][ T5795] syz.4.1358 (5795) used greatest stack depth: 20600 bytes left
[  409.955566][  T282] EXT4-fs (loop1): unmounting filesystem.
[  411.190079][ T5819] loop1: detected capacity change from 0 to 512
[  411.261596][ T5819] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1367: casefold flag without casefold feature
[  411.288867][ T5819] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1367: couldn't read orphan inode 15 (err -117)
[  411.301284][ T5819] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  411.316022][   T28] audit: type=1400 audit(1760158633.381:8189): avc:  denied  { create } for  pid=5818 comm="syz.1.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  412.635766][ T5832] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1369'.
[  413.117148][ T5837] loop4: detected capacity change from 0 to 1024
[  413.138374][  T282] EXT4-fs (loop1): unmounting filesystem.
[  413.179084][ T5837] EXT4-fs: Ignoring removed i_version option
[  413.198723][ T5837] EXT4-fs (loop4): Test dummy encryption mode enabled
[  413.225545][ T5837] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  413.358764][   T28] audit: type=1400 audit(1760158635.381:8190): avc:  denied  { write } for  pid=5839 comm="syz.1.1372" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  413.576353][   T28] audit: type=1326 audit(1760158635.421:8191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5811 comm="syz.2.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311398eec9 code=0x7fc00000
[  413.607481][ T5850] netlink: 'syz.4.1370': attribute type 13 has an invalid length.
[  413.739096][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.746331][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.228838][  T282] audit: audit_backlog=65 > audit_backlog_limit=64
[  414.235430][  T282] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  414.244141][   T28] audit: type=1326 audit(1760158635.421:8192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5811 comm="syz.2.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f311398eec9 code=0x7fc00000
[  414.269318][  T286] EXT4-fs (loop4): unmounting filesystem.
[  414.330352][   T28] audit: type=1326 audit(1760158635.421:8193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5811 comm="syz.2.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311398eec9 code=0x7fc00000
[  414.368280][   T28] audit: type=1326 audit(1760158635.421:8194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5811 comm="syz.2.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311398eec9 code=0x7fc00000
[  414.387199][  T282] audit: backlog limit exceeded
[  414.471167][   T28] audit: type=1326 audit(1760158635.421:8195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5811 comm="syz.2.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f311398eec9 code=0x7fc00000
[  417.306498][ T5876] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1379'.
[  419.978628][ T5902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1384'.
[  420.081287][   T28] kauditd_printk_skb: 62 callbacks suppressed
[  420.081304][   T28] audit: type=1400 audit(1760158642.144:8258): avc:  denied  { load_policy } for  pid=5916 comm="syz.4.1391" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  420.082291][ T5917] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  420.128440][ T5917] SELinux: failed to load policy
[  420.929956][ T5915] device syzkaller0 entered promiscuous mode
[  421.393651][   T28] audit: type=1400 audit(1760158643.454:8259): avc:  denied  { mounton } for  pid=5926 comm="syz.2.1394" path="/264/file0" dev="tmpfs" ino=1503 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  421.445480][ T5917] Falling back ldisc for ttyS3.
[  421.493738][ T5931] syz.4.1395[5931] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  421.493843][ T5931] syz.4.1395[5931] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  421.580977][   T28] audit: type=1400 audit(1760158643.644:8260): avc:  denied  { create } for  pid=5933 comm="syz.1.1396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  421.615340][ T5927] device wg2 entered promiscuous mode
[  421.638725][ T5929] loop3: detected capacity change from 0 to 256
[  421.645571][ T5929] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  421.748301][   T28] audit: type=1400 audit(1760158643.684:8261): avc:  denied  { bind } for  pid=5933 comm="syz.1.1396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  421.774892][ T4692] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  421.802586][   T28] audit: type=1400 audit(1760158643.684:8262): avc:  denied  { node_bind } for  pid=5933 comm="syz.1.1396" saddr=100.1.1.0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  423.258056][ T5945] SELinux:  policydb magic number 0x66667830 does not match expected magic number 0xf97cff8c
[  423.286173][   T28] audit: type=1400 audit(1760158645.344:8263): avc:  denied  { create } for  pid=5946 comm="syz.4.1399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  423.318144][ T5945] SELinux: failed to load policy
[  423.390331][   T28] audit: type=1400 audit(1760158645.394:8264): avc:  denied  { setopt } for  pid=5946 comm="syz.4.1399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  423.439883][ T5960] loop4: detected capacity change from 0 to 512
[  423.448308][ T5960] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  423.726895][   T28] audit: type=1400 audit(1760158645.784:8265): avc:  denied  { write } for  pid=5954 comm="syz.4.1403" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  423.806323][ T5960] binder: 5954:5960 ioctl c00c620f 200000000140 returned -22
[  423.816934][ T5968] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1404'.
[  424.098365][  T351] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  424.188283][  T293] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  424.305565][  T351] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  424.313881][  T351] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  424.324173][  T351] usb 5-1: config 220 has no interface number 2
[  424.330941][  T351] usb 5-1: too many endpoints for config 220 interface 1 altsetting 5: 48, using maximum allowed: 30
[  424.341889][  T351] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  424.355406][  T351] usb 5-1: config 220 interface 0 has no altsetting 0
[  424.588502][  T293] usb 4-1: Using ep0 maxpacket: 8
[  424.593648][  T351] usb 5-1: config 220 interface 76 has no altsetting 0
[  424.600670][  T351] usb 5-1: config 220 interface 1 has no altsetting 0
[  424.609644][  T293] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  424.618061][  T293] usb 4-1: config 179 has no interface number 0
[  424.624754][  T293] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  424.636061][  T293] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  424.647615][  T293] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  424.659028][  T293] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  424.668376][  T290] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  424.670780][  T293] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  424.691596][  T351] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  424.701198][  T293] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  424.710406][  T351] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.718512][  T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.726661][  T351] usb 5-1: Product: syz
[  424.730941][  T351] usb 5-1: Manufacturer: syz
[  424.733773][ T5980] tap0: tun_chr_ioctl cmd 1074025675
[  424.736501][  T351] usb 5-1: SerialNumber: syz
[  424.741889][ T5980] tap0: persist enabled
[  424.745768][ T5972] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  424.751030][ T5980] tap0: tun_chr_ioctl cmd 1074025675
[  424.762745][ T5980] tap0: persist enabled
[  424.769884][   T28] audit: type=1400 audit(1760158646.834:8266): avc:  denied  { set_context_mgr } for  pid=5979 comm="syz.2.1410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  424.859489][  T290] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.870556][  T290] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.880381][  T290] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  424.893553][  T290] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  424.902688][  T290] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.911477][  T290] usb 2-1: config 0 descriptor??
[  424.982463][ T5972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.991588][ T5972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.005677][  T351] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  425.012259][  T351] usb 5-1: No valid video chain found.
[  425.022512][  T351] usb 5-1: USB disconnect, device number 24
[  425.058348][ T1462] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  425.210905][   T28] audit: type=1400 audit(1760158647.274:8267): avc:  denied  { write } for  pid=5971 comm="syz.3.1407" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  425.211782][   T24] usb 4-1: USB disconnect, device number 20
[  425.235378][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  425.235416][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  425.251481][ T5987] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  425.258639][ T1462] usb 3-1: Using ep0 maxpacket: 8
[  425.280074][ T1462] usb 3-1: unable to get BOS descriptor or descriptor too short
[  425.291642][ T1462] usb 3-1: unable to read config index 0 descriptor/start: -71
[  425.299343][ T1462] usb 3-1: can't read configurations, error -71
[  425.308803][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  425.317406][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  425.326051][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  425.334992][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  425.342002][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.345734][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  425.350674][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.359736][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  425.365988][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.374766][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  425.381487][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.390060][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  425.397020][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.405844][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  425.412309][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.420571][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  425.426921][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.435329][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  425.442151][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.450235][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  425.456839][  T290] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  425.464726][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth7: link becomes ready
[  425.472028][  T290] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  425.479636][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[  425.489627][  T290] plantronics 0003:047F:FFFF.0004: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  425.495264][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[  425.517222][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[  425.524958][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth11: link becomes ready
[  425.532697][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth10: link becomes ready
[  425.540477][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth13: link becomes ready
[  425.548386][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth12: link becomes ready
[  425.581134][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth15: link becomes ready
[  425.590381][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth14: link becomes ready
[  425.618503][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth17: link becomes ready
[  425.626331][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth16: link becomes ready
[  425.643259][ T5993] loop4: detected capacity change from 0 to 1024
[  425.650733][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth19: link becomes ready
[  425.658804][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth18: link becomes ready
[  425.667718][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth21: link becomes ready
[  425.675705][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth20: link becomes ready
[  425.683592][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth23: link becomes ready
[  425.692458][ T4692] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  425.702495][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth22: link becomes ready
[  425.716397][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth25: link becomes ready
[  425.723262][ T5993] loop4: detected capacity change from 0 to 2048
[  425.728881][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth24: link becomes ready
[  425.738011][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth27: link becomes ready
[  425.745856][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth26: link becomes ready
[  425.763117][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth29: link becomes ready
[  425.778662][ T5993] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  425.781441][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth28: link becomes ready
[  425.810209][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth31: link becomes ready
[  425.818098][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth30: link becomes ready
[  425.825979][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth33: link becomes ready
[  425.849090][ T6000] loop3: detected capacity change from 0 to 128
[  425.849940][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth32: link becomes ready
[  425.866710][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth35: link becomes ready
[  425.886791][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth34: link becomes ready
[  425.887172][ T6000] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  425.900188][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth37: link becomes ready
[  425.905733][ T5976] loop1: detected capacity change from 0 to 40427
[  425.910881][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth36: link becomes ready
[  425.925302][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth39: link becomes ready
[  425.932606][ T6000] ext4 filesystem being mounted at /294/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  425.944595][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth38: link becomes ready
[  425.948056][ T5976] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[  425.968987][ T5976] F2FS-fs (loop1): invalid crc value
[  425.977065][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth41: link becomes ready
[  425.987834][ T5976] F2FS-fs (loop1): Found nat_bits in checkpoint
[  425.991749][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth40: link becomes ready
[  426.013170][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth43: link becomes ready
[  426.029592][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth42: link becomes ready
[  426.037465][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth45: link becomes ready
[  426.045876][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth44: link becomes ready
[  426.053738][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth47: link becomes ready
[  426.062266][  T284] EXT4-fs (loop3): unmounting filesystem.
[  426.063126][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth46: link becomes ready
[  426.075931][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth49: link becomes ready
[  426.083780][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth48: link becomes ready
[  426.091952][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth51: link becomes ready
[  426.115159][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth50: link becomes ready
[  426.128487][ T5976] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  426.137273][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth53: link becomes ready
[  426.147297][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth52: link becomes ready
[  426.185919][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth55: link becomes ready
[  426.197282][   T28] audit: type=1400 audit(1760158648.264:8268): avc:  denied  { remount } for  pid=5975 comm="syz.1.1409" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  426.217229][ T5976] F2FS-fs (loop1): Try to recover all the superblocks, ret: 0
[  426.226473][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth54: link becomes ready
[  426.234451][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth57: link becomes ready
[  426.246914][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth56: link becomes ready
[  426.255974][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth59: link becomes ready
[  426.264297][ T3285] IPv6: ADDRCONF(NETDEV_CHANGE): veth58: link becomes ready
[  426.327097][  T340] usb 2-1: USB disconnect, device number 17
[  426.500734][ T6020] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1419'.
[  426.589148][  T286] EXT4-fs (loop4): unmounting filesystem.
[  426.846646][  T282] syz-executor: attempt to access beyond end of device
[  426.846646][  T282] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  427.388023][ T6036] loop1: detected capacity change from 0 to 256
[  427.403740][ T6036] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  428.513516][ T6038] loop1: detected capacity change from 0 to 1024
[  428.526490][ T6038] EXT4-fs: Ignoring removed nobh option
[  428.532318][ T6038] EXT4-fs: Ignoring removed bh option
[  428.538128][ T6038] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  429.472933][ T6038] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  430.000416][ T6065] loop4: detected capacity change from 0 to 256
[  430.008019][ T6065] FAT-fs (loop4): Unrecognized mount option "shortname=l" or missing value
[  430.009519][  T282] EXT4-fs (loop1): unmounting filesystem.
[  430.025448][ T6065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1433'.
[  430.058353][  T293] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  430.248390][  T293] usb 4-1: Using ep0 maxpacket: 8
[  430.255006][  T293] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  430.264283][  T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.273183][  T293] usb 4-1: config 0 descriptor??
[  430.338280][  T351] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  430.348431][ T2837] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  430.518256][  T351] usb 5-1: Using ep0 maxpacket: 32
[  430.524599][  T351] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.535940][ T2837] usb 3-1: Using ep0 maxpacket: 16
[  430.541198][  T351] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.551089][  T351] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  430.560369][  T351] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.569238][ T2837] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  430.577691][ T2837] usb 3-1: config 0 has no interface number 0
[  430.584142][  T351] usb 5-1: config 0 descriptor??
[  430.590157][  T351] hub 5-1:0.0: USB hub found
[  430.596118][ T2837] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  430.605285][ T2837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.613359][ T2837] usb 3-1: Product: syz
[  430.617573][ T2837] usb 3-1: Manufacturer: syz
[  430.622228][ T2837] usb 3-1: SerialNumber: syz
[  430.627666][ T2837] usb 3-1: config 0 descriptor??
[  430.633736][ T2837] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  430.640185][ T2837] usb 3-1: No valid video chain found.
[  430.790099][  T351] hub 5-1:0.0: 1 port detected
[  430.839808][ T2837] usb 3-1: USB disconnect, device number 25
[  430.991005][  T351] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  430.997583][  T351] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  431.006876][  T351] usbhid 5-1:0.0: can't add hid device: -71
[  431.013060][  T351] usbhid: probe of 5-1:0.0 failed with error -71
[  431.050639][  T351] usb 5-1: USB disconnect, device number 25
[  431.066122][ T1462] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  431.248455][ T1462] usb 1-1: Using ep0 maxpacket: 32
[  431.255863][ T1462] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  431.268182][ T1462] usb 1-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[  431.278058][ T1462] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.340685][ T1462] usb 1-1: config 0 descriptor??
[  431.382613][ T6079] binder: 6078:6079 ioctl 4018620d 0 returned -22
[  431.436973][ T6083] device syzkaller0 entered promiscuous mode
[  431.488347][  T293] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  431.500000][  T293] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  431.516791][  T293] asix: probe of 4-1:0.0 failed with error -71
[  431.533064][  T293] usb 4-1: USB disconnect, device number 21
[  431.794934][ T6093] loop4: detected capacity change from 0 to 256
[  431.802586][ T6093] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  433.272864][ T6095] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1444'.
[  433.590925][ T6109] device syzkaller0 entered promiscuous mode
[  433.805420][ T6110] loop3: detected capacity change from 0 to 256
[  433.815552][ T6110] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  434.864644][ T1462] usbhid 1-1:0.0: can't add hid device: -71
[  434.883418][ T1462] usbhid: probe of 1-1:0.0 failed with error -71
[  434.990201][ T6111] loop4: detected capacity change from 0 to 256
[  434.997094][ T6111] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  435.104075][ T6121] device syzkaller0 entered promiscuous mode
[  436.998085][ T1462] usb 1-1: USB disconnect, device number 16
[  437.008344][ T4692] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  437.289910][ T6131] loop3: detected capacity change from 0 to 256
[  437.299938][ T6131] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  439.308922][   T28] audit: type=1400 audit(1760158661.154:8269): avc:  denied  { write } for  pid=6135 comm="syz.0.1455" name="/" dev="incremental-fs" ino=1706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.419529][   T28] audit: type=1400 audit(1760158661.154:8270): avc:  denied  { add_name } for  pid=6135 comm="syz.0.1455" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.505598][   T28] audit: type=1400 audit(1760158661.154:8271): avc:  denied  { associate } for  pid=6135 comm="syz.0.1455" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  439.615285][   T28] audit: type=1400 audit(1760158661.154:8272): avc:  denied  { remove_name } for  pid=6135 comm="syz.0.1455" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="incremental-fs" ino=1709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.730856][   T28] audit: type=1400 audit(1760158661.154:8273): avc:  denied  { rename } for  pid=6135 comm="syz.0.1455" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="incremental-fs" ino=1709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.776316][ T6155] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1457'.
[  441.181999][ T6169] loop1: detected capacity change from 0 to 256
[  441.191565][ T6169] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  441.788982][ T4692] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  442.520727][ T6183] device syzkaller0 entered promiscuous mode
[  444.648471][ T6188] loop3: detected capacity change from 0 to 256
[  446.017877][ T6188] FAT-fs (loop3): Directory bread(block 64) failed
[  446.024565][ T6188] FAT-fs (loop3): Directory bread(block 65) failed
[  446.032101][ T6188] FAT-fs (loop3): Directory bread(block 66) failed
[  446.039275][ T6188] FAT-fs (loop3): Directory bread(block 67) failed
[  446.045846][ T6188] FAT-fs (loop3): Directory bread(block 68) failed
[  446.052434][ T6188] FAT-fs (loop3): Directory bread(block 69) failed
[  446.059025][ T6188] FAT-fs (loop3): Directory bread(block 70) failed
[  446.065564][ T6188] FAT-fs (loop3): Directory bread(block 71) failed
[  446.072145][ T6188] FAT-fs (loop3): Directory bread(block 72) failed
[  446.078695][ T6188] FAT-fs (loop3): Directory bread(block 73) failed
[  446.151426][   T28] audit: type=1400 audit(1760158668.176:8274): avc:  denied  { mount } for  pid=6173 comm="syz.3.1466" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  446.360428][ T6198] loop1: detected capacity change from 0 to 1024
[  446.371138][ T6198] EXT4-fs: Ignoring removed nobh option
[  446.386984][ T6198] EXT4-fs: Ignoring removed bh option
[  446.395009][ T6198] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  446.459114][ T6198] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  446.598353][  T340] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  446.796058][ T6214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1475'.
[  446.809739][  T340] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  446.821284][  T340] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.842633][  T340] usb 4-1: config 0 has no interface number 0
[  446.862250][  T340] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  446.874808][  T340] usb 4-1: New USB device strings: Mfr=1, Product=26, SerialNumber=3
[  446.885843][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1476'.
[  446.887050][  T340] usb 4-1: Product: syz
[  446.899573][  T340] usb 4-1: Manufacturer: syz
[  446.904196][  T340] usb 4-1: SerialNumber: syz
[  446.910145][  T340] usb 4-1: config 0 descriptor??
[  446.944954][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x600000ff
[  446.960915][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x60000001
[  446.980079][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x600000ff
[  446.988344][ T6218] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2305 sclass=netlink_route_socket pid=6218 comm=syz.2.1476
[  447.002677][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x600000ff
[  447.026902][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x60000001
[  447.050921][ T6216] kvm [6215]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x600000ff
[  447.171021][  T282] EXT4-fs (loop1): unmounting filesystem.
[  447.321870][ T1462] usb 4-1: USB disconnect, device number 22
[  447.359412][   T28] audit: type=1400 audit(1760158669.428:8275): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  447.671909][ T6241] device syzkaller0 entered promiscuous mode
[  450.992969][ T6250] loop1: detected capacity change from 0 to 256
[  451.144203][ T6250] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  451.730252][ T6255] loop3: detected capacity change from 0 to 1024
[  451.775869][ T6255] EXT4-fs: Ignoring removed nobh option
[  451.788327][ T6255] EXT4-fs: Ignoring removed bh option
[  451.822493][ T6255] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  451.861218][ T6267] usb usb8: usbfs: process 6267 (syz.2.1492) did not claim interface 5 before use
[  451.869016][ T6255] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  451.879192][   T28] audit: type=1400 audit(1760158673.948:8276): avc:  denied  { write } for  pid=6266 comm="syz.2.1492" laddr=fe80::a8aa:aaff:feaa:aa16 lport=255 faddr=ff01::1 fport=65534 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  452.787093][ T6277] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1491'.
[  452.829649][  T284] EXT4-fs (loop3): unmounting filesystem.
[  452.958298][  T340] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  453.140033][  T340] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  453.180295][ T6281] device syzkaller0 entered promiscuous mode
[  453.192353][  T340] usb 3-1: config 1 has no interface number 0
[  453.200420][  T340] usb 3-1: config 1 interface 105 has no altsetting 0
[  453.271711][  T340] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=31.6d
[  453.280916][  T340] usb 3-1: New USB device strings: Mfr=107, Product=102, SerialNumber=146
[  453.289646][  T340] usb 3-1: Product: syz
[  453.293988][  T340] usb 3-1: Manufacturer: syz
[  453.298727][  T340] usb 3-1: SerialNumber: syz
[  453.426512][ T6296] SELinux:  Context system_u:object_r:ifconfig_exec_t:s0 is not valid (left unmapped).
[  453.436586][   T28] audit: type=1400 audit(1760158675.509:8277): avc:  denied  { relabelto } for  pid=6295 comm="syz.0.1499" name="313" dev="tmpfs" ino=1763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:ifconfig_exec_t:s0"
[  453.463344][   T28] audit: type=1400 audit(1760158675.509:8278): avc:  denied  { associate } for  pid=6295 comm="syz.0.1499" name="313" dev="tmpfs" ino=1763 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:ifconfig_exec_t:s0"
[  453.797131][ T6298] device syzkaller0 entered promiscuous mode
[  453.919523][   T28] audit: type=1400 audit(1760158675.989:8279): avc:  denied  { write } for  pid=283 comm="syz-executor" name="313" dev="tmpfs" ino=1763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:ifconfig_exec_t:s0"
[  453.954837][   T28] audit: type=1400 audit(1760158676.009:8280): avc:  denied  { remove_name } for  pid=283 comm="syz-executor" name="file1" dev="tmpfs" ino=1768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:ifconfig_exec_t:s0"
[  453.989955][   T28] audit: type=1400 audit(1760158676.009:8281): avc:  denied  { rmdir } for  pid=283 comm="syz-executor" name="313" dev="tmpfs" ino=1763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:ifconfig_exec_t:s0"
[  454.062767][ T6276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1493'.
[  454.273419][  T340] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  454.348303][  T293] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  454.529550][  T293] usb 4-1: config index 0 descriptor too short (expected 100, got 36)
[  454.538041][  T293] usb 4-1: config 0 has an invalid descriptor of length 126, skipping remainder of the config
[  454.548503][  T293] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  454.561484][  T293] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  454.571070][  T293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.580137][  T293] usb 4-1: config 0 descriptor??
[  454.596570][ T6315] netlink: 288 bytes leftover after parsing attributes in process `syz.2.1493'.
[  455.321783][  T293] usb 4-1: string descriptor 0 read error: -71
[  455.334555][  T293] usb 4-1: USB disconnect, device number 23
[  455.748484][ T6335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1509'.
[  455.885920][  T340] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  455.899056][  T340] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, e2:18:9d:73:17:93
[  455.913074][  T340] usb 3-1: USB disconnect, device number 26
[  455.919505][  T340] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  456.010234][  T340] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  456.149463][  T340] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  456.176908][  T340] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  456.231512][ T6359] loop1: detected capacity change from 0 to 512
[  456.287927][ T6358] syz.1.1515[6358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  456.288010][ T6358] syz.1.1515[6358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  456.347319][ T6363] loop4: detected capacity change from 0 to 256
[  456.403520][ T6359] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  456.412725][ T6359] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  456.603367][ T6358] SELinux:  Context @ is not valid (left unmapped).
[  456.773707][   T28] audit: type=1400 audit(1760158678.842:8282): avc:  denied  { relabelto } for  pid=6357 comm="syz.1.1515" name="cgroup.controllers" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  456.900131][ T6363] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  456.916530][  T282] EXT4-fs (loop1): unmounting filesystem.
[  457.287413][ T6392] loop1: detected capacity change from 0 to 1024
[  457.328587][ T6392] EXT4-fs: Ignoring removed nobh option
[  457.345691][ T6392] EXT4-fs: Ignoring removed bh option
[  457.355435][ T6392] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  457.676003][ T6392] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  457.901008][   T28] audit: type=1400 audit(1760158679.972:8283): avc:  denied  { bind } for  pid=6403 comm="syz.0.1524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  458.119037][  T282] EXT4-fs (loop1): unmounting filesystem.
[  458.163563][   T28] audit: type=1400 audit(1760158680.232:8284): avc:  denied  { ioctl } for  pid=6415 comm="syz.2.1525" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 ioctlcmd=0xf504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  458.188298][ T6421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=6421 comm=syz.2.1525
[  458.550468][   T28] audit: type=1400 audit(1760158680.622:8285): avc:  denied  { ioctl } for  pid=6425 comm="syz.4.1528" path="/dev/fuse" dev="devtmpfs" ino=93 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  458.648367][ T6428] loop1: detected capacity change from 0 to 256
[  458.657696][ T6428] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  459.812970][ T6435] loop4: detected capacity change from 0 to 1024
[  459.932335][ T6435] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  459.941858][ T6435] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.960741][ T6439] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1530'.
[  460.245004][  T286] EXT4-fs (loop4): unmounting filesystem.
[  460.452067][ T6457] loop4: detected capacity change from 0 to 256
[  460.458906][ T6457] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  460.577618][   T28] audit: type=1400 audit(1760158682.633:8286): avc:  denied  { load_policy } for  pid=6453 comm="syz.2.1533" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  460.577691][ T6455] SELinux:  policydb version 0 does not match my version range 15-33
[  460.637862][ T6455] SELinux: failed to load policy
[  460.723263][ T6455] device syzkaller0 entered promiscuous mode
[  460.772083][   T28] audit: type=1400 audit(1760158682.833:8287): avc:  denied  { create } for  pid=6453 comm="syz.2.1533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  460.801340][ T6463] loop3: detected capacity change from 0 to 1024
[  460.820437][ T6463] EXT4-fs: Ignoring removed nobh option
[  460.826446][ T6463] EXT4-fs: Ignoring removed bh option
[  460.842870][ T6463] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  460.895593][ T6463] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  460.973159][ T6473] device syzkaller0 entered promiscuous mode
[  460.991549][ T6473] process 'syz.2.1541' launched './file1' with NULL argv: empty string added
[  461.027571][   T28] audit: type=1400 audit(1760158683.073:8288): avc:  denied  { execute_no_trans } for  pid=6472 comm="syz.2.1541" path="/294/file1" dev="tmpfs" ino=1670 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  461.199304][ T6479] loop4: detected capacity change from 0 to 512
[  461.261894][ T6480] loop1: detected capacity change from 0 to 256
[  461.304471][ T6479] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1543: casefold flag without casefold feature
[  461.325774][ T6480] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  461.335507][ T6479] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1543: couldn't read orphan inode 15 (err -117)
[  461.347711][ T6479] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  461.676255][  T284] EXT4-fs (loop3): unmounting filesystem.
[  461.985862][ T6496] loop3: detected capacity change from 0 to 256
[  461.994851][ T6496] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  462.780844][  T286] EXT4-fs (loop4): unmounting filesystem.
[  463.130147][ T6515] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1546'.
[  463.999176][ T6524] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1552'.
[  464.211825][ T6532] loop1: detected capacity change from 0 to 1024
[  464.247194][ T6532] EXT4-fs: Ignoring removed nobh option
[  464.265260][ T6532] EXT4-fs: Ignoring removed bh option
[  464.277223][ T6532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  464.312586][ T6532] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  464.542365][ T6548] device bridge_slave_1 left promiscuous mode
[  464.548785][ T6548] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.556732][   T28] audit: type=1400 audit(1760158686.608:8289): avc:  denied  { mount } for  pid=6536 comm="syz.0.1557" name="/" dev="configfs" ino=6790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  464.584942][   T28] audit: type=1400 audit(1760158686.608:8290): avc:  denied  { search } for  pid=6536 comm="syz.0.1557" name="/" dev="configfs" ino=6790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  464.661053][ T6548] device bridge_slave_0 left promiscuous mode
[  464.667356][ T6548] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.700676][   T28] audit: type=1400 audit(1760158686.608:8291): avc:  denied  { setattr } for  pid=6536 comm="syz.0.1557" name="/" dev="configfs" ino=6790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  464.723811][  T290] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  464.970169][  T290] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  465.008803][  T290] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  465.459717][  T290] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  465.481576][  T290] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.490168][  T290] usb 4-1: Product: syz
[  465.494417][  T290] usb 4-1: Manufacturer: syz
[  465.502747][  T290] usb 4-1: SerialNumber: syz
[  465.509533][  T282] EXT4-fs (loop1): unmounting filesystem.
[  465.529311][ T6541] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  467.567095][  T340] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  467.799398][  T340] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  467.810578][  T340] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  467.823111][  T340] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  467.833339][  T340] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.850686][  T340] usb 3-1: Product: syz
[  467.858312][  T340] usb 3-1: Manufacturer: syz
[  467.863271][  T340] usb 3-1: SerialNumber: syz
[  467.873794][ T6567] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  467.902127][ T6581] loop1: detected capacity change from 0 to 256
[  467.910093][ T6581] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  467.942994][  T290] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  467.950469][  T290] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  467.958061][  T290] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  467.990008][ T4694] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  468.144965][ T6534] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  468.158178][  T290] cdc_ncm 4-1:1.0: setting tx_max = 48
[  468.205811][  T290] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  468.264073][  T290] usb 4-1: USB disconnect, device number 24
[  468.288636][  T290] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  468.988480][  T340] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  469.007814][  T340] cdc_ncm 3-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  469.120843][ T6609] device syzkaller0 entered promiscuous mode
[  469.329015][  T340] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  469.338575][ T6561] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  469.351111][ T6608] loop3: detected capacity change from 0 to 1024
[  469.375047][  T340] cdc_ncm 3-1:1.0: setting tx_max = 48
[  469.382710][ T6608] EXT4-fs: Ignoring removed nobh option
[  469.397393][  T340] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  469.413291][ T6608] EXT4-fs: Ignoring removed bh option
[  469.417537][  T340] usb 3-1: USB disconnect, device number 27
[  469.430562][  T340] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  469.454854][ T6608] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  469.529803][ T6608] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  469.842954][ T6635] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1574'.
[  470.069668][  T284] EXT4-fs (loop3): unmounting filesystem.
[  471.478172][ T6682] device syzkaller0 entered promiscuous mode
[  472.528311][  T293] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  472.612607][ T6697] loop1: detected capacity change from 0 to 1024
[  472.643657][ T6697] loop1: detected capacity change from 0 to 2048
[  472.699795][ T6697] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  472.729579][  T293] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  472.748503][  T293] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  472.770584][  T293] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  472.788312][  T293] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.796547][  T293] usb 3-1: Product: syz
[  472.800784][  T293] usb 3-1: Manufacturer: syz
[  472.805470][  T293] usb 3-1: SerialNumber: syz
[  472.828875][ T6677] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  473.519840][   T28] audit: type=1400 audit(1760158695.588:8292): avc:  denied  { ioctl } for  pid=6709 comm="syz.4.1598" path="socket:[48645]" dev="sockfs" ino=48645 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  473.560040][   T28] audit: type=1400 audit(1760158695.588:8293): avc:  denied  { read } for  pid=6709 comm="syz.4.1598" path="socket:[48645]" dev="sockfs" ino=48645 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  473.676265][  T282] EXT4-fs (loop1): unmounting filesystem.
[  473.871684][  T293] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  474.129861][  T293] cdc_ncm 3-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  474.159463][  T293] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  474.196779][  T293] cdc_ncm 3-1:1.0: setting tx_max = 48
[  474.818275][  T293] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  474.830967][  T293] usb 3-1: USB disconnect, device number 28
[  474.837192][  T293] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  475.073486][ T6730] device syzkaller0 entered promiscuous mode
[  476.957042][ T6765] loop3: detected capacity change from 0 to 1024
[  477.047645][ T6765] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  477.058443][ T6765] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  477.346319][ T6780] loop1: detected capacity change from 0 to 256
[  477.359653][ T6780] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  478.558943][ T6801] device syzkaller0 entered promiscuous mode
[  478.682170][   T28] audit: type=1400 audit(1760158700.748:8294): avc:  denied  { map } for  pid=6760 comm="syz.3.1614" path="/331/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  478.722666][   T28] audit: type=1400 audit(1760158700.748:8295): avc:  denied  { execute } for  pid=6760 comm="syz.3.1614" path="/331/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  478.747396][   T24] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  478.939322][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  478.954075][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  478.966646][  T284] EXT4-fs (loop3): unmounting filesystem.
[  478.976366][   T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  478.994838][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.015306][   T24] usb 5-1: Product: syz
[  479.025571][   T24] usb 5-1: Manufacturer: syz
[  479.037769][   T24] usb 5-1: SerialNumber: syz
[  479.051693][ T6785] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  480.376734][ T6825] loop1: detected capacity change from 0 to 256
[  480.396407][ T6825] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  481.534120][   T24] cdc_ncm 5-1:1.0: failed to get mac address
[  481.542933][   T24] cdc_ncm 5-1:1.0: bind() failure
[  481.569788][   T24] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  481.571889][ T6832] loop1: detected capacity change from 0 to 1024
[  481.579832][   T24] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  481.639224][ T6832] loop1: detected capacity change from 0 to 2048
[  481.657889][   T24] usb 5-1: USB disconnect, device number 26
[  481.895273][ T6832] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  482.729252][  T282] EXT4-fs (loop1): unmounting filesystem.
[  482.799171][   T24] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  482.878957][ T6870] loop4: detected capacity change from 0 to 1024
[  482.890850][ T6870] EXT4-fs: Ignoring removed nobh option
[  482.897237][ T6870] EXT4-fs: Ignoring removed bh option
[  484.188373][   T24] usb 1-1: Using ep0 maxpacket: 16
[  484.779043][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.798330][ T6870] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  484.823803][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  484.854602][ T6870] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  484.863266][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  484.905851][   T24] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  484.925223][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.966965][   T24] usb 1-1: config 0 descriptor??
[  485.097421][  T286] EXT4-fs (loop4): unmounting filesystem.
[  485.427402][ T6897] loop4: detected capacity change from 0 to 256
[  485.437862][ T6897] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  485.743438][   T24] microsoft 0003:045E:07DA.0005: unbalanced collection at end of report description
[  485.844608][   T24] microsoft 0003:045E:07DA.0005: parse failed
[  485.920829][   T24] microsoft: probe of 0003:045E:07DA.0005 failed with error -22
[  486.617226][  T293] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  488.570703][  T293] usb 4-1: device descriptor read/all, error -71
[  488.597009][ T6910] loop1: detected capacity change from 0 to 512
[  488.667338][ T6910] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  488.684357][ T6910] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  488.930271][ T6920] random: crng reseeded on system resumption
[  488.971734][ T6920] Restarting kernel threads ... done.
[  488.977453][   T28] audit: type=1400 audit(1760158711.038:8296): avc:  denied  { ioctl } for  pid=6918 comm="syz.3.1655" path="/dev/snapshot" dev="devtmpfs" ino=91 ioctlcmd=0x3305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  489.042324][   T28] audit: type=1400 audit(1760158711.098:8297): avc:  denied  { setattr } for  pid=6909 comm="syz.1.1652" path="/358/file0/file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  489.170974][   T24] usb 1-1: USB disconnect, device number 17
[  489.660992][  T282] EXT4-fs (loop1): unmounting filesystem.
[  489.831627][ T6944] loop1: detected capacity change from 0 to 1024
[  489.875103][ T6944] EXT4-fs: Ignoring removed nobh option
[  489.927811][ T6944] EXT4-fs: Ignoring removed bh option
[  489.955102][ T6940] loop4: detected capacity change from 0 to 256
[  489.962744][ T6940] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  489.969881][ T6944] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  490.004503][ T6944] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  490.013908][ T4692] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  490.664387][  T282] EXT4-fs (loop1): unmounting filesystem.
[  492.499797][ T6968] loop4: detected capacity change from 0 to 256
[  492.506694][ T6968] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  493.369434][ T6972] loop1: detected capacity change from 0 to 256
[  493.377056][ T6972] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  497.282842][ T6982] loop1: detected capacity change from 0 to 512
[  497.342329][ T6985] tipc: Started in network mode
[  497.362234][ T6985] tipc: Node identity 4, cluster identity 4711
[  497.378274][ T6985] tipc: Node number set to 4
[  497.396656][ T6982] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1671: casefold flag without casefold feature
[  497.418438][ T6982] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1671: couldn't read orphan inode 15 (err -117)
[  497.458393][ T6982] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  497.601144][ T6998] loop3: detected capacity change from 0 to 256
[  497.617392][ T6998] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  497.701067][  T282] EXT4-fs (loop1): unmounting filesystem.
[  498.157231][   T28] audit: type=1400 audit(1760158720.198:8298): avc:  denied  { listen } for  pid=7005 comm="syz.0.1677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  498.563638][   T28] audit: type=1400 audit(1760158720.628:8299): avc:  denied  { map } for  pid=7018 comm="syz.4.1681" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  498.588061][ T7019] binder: 7018:7019 ioctl c0185502 2000000001c0 returned -22
[  498.938481][ T7028] loop1: detected capacity change from 0 to 256
[  498.948318][ T7028] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  499.631425][ T7031] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1682'.
[  499.641023][ T4692] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  500.154125][ T7038] loop1: detected capacity change from 0 to 512
[  500.209206][ T7038] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1685: casefold flag without casefold feature
[  500.277373][ T7038] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1685: couldn't read orphan inode 15 (err -117)
[  500.344118][ T7038] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  500.623071][  T282] EXT4-fs (loop1): unmounting filesystem.
[  501.014936][   T28] audit: type=1400 audit(1760158723.078:8300): avc:  denied  { write } for  pid=7052 comm="syz.3.1690" name="vlan0" dev="proc" ino=4026532911 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  501.475621][   T28] audit: type=1400 audit(1760158723.538:8301): avc:  denied  { relabelfrom } for  pid=7062 comm="syz.4.1692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  501.526117][   T28] audit: type=1400 audit(1760158723.538:8302): avc:  denied  { relabelto } for  pid=7062 comm="syz.4.1692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  501.604450][ T7067] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1693'.
[  501.762916][ T7071] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1694'.
[  501.808324][ T7071] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1694'.
[  501.817483][ T7071] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1694'.
[  501.886043][ T7074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7074 comm=syz.2.1694
[  501.926349][ T7075] loop4: detected capacity change from 0 to 256
[  501.936313][ T7075] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  503.376266][ T7103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1702'.
[  503.457250][  T293] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  503.829406][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  503.846792][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  503.898145][  T293] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  503.907271][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.915542][  T293] usb 5-1: Product: syz
[  503.919873][  T293] usb 5-1: Manufacturer: syz
[  503.924496][  T293] usb 5-1: SerialNumber: syz
[  503.930349][ T7087] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  504.466765][ T7113] incfs: Options parsing error. -22
[  504.472234][ T7113] incfs: mount failed -22
[  508.714717][  T293] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  508.828407][  T293] cdc_ncm 5-1:1.0: bind() failure
[  508.846344][  T293] usb 5-1: USB disconnect, device number 27
[  509.846200][ T7157] loop3: detected capacity change from 0 to 256
[  509.862606][ T7157] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  509.935513][ T7156] loop4: detected capacity change from 0 to 256
[  509.952318][ T7156] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  511.100904][ T7167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1717'.
[  513.828046][ T7181] loop1: detected capacity change from 0 to 256
[  513.846739][ T7181] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  515.582818][ T7185] device syzkaller0 entered promiscuous mode
[  521.734690][ T7234] loop1: detected capacity change from 0 to 256
[  521.742274][ T7234] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  521.761765][ T7235] loop4: detected capacity change from 0 to 256
[  521.769346][ T7235] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  522.942609][ T7240] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1737'.
[  523.998262][ T7255] loop3: detected capacity change from 0 to 256
[  524.016206][ T7255] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  527.293925][ T7266] loop4: detected capacity change from 0 to 256
[  527.310811][ T7266] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  528.876170][ T7268] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1746'.
[  529.803273][ T7277] loop4: detected capacity change from 0 to 1024
[  531.120437][ T7277] EXT4-fs: Ignoring removed nobh option
[  531.126070][ T7277] EXT4-fs: Ignoring removed bh option
[  531.132209][ T7277] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  531.198264][ T6826] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[  531.210614][ T7277] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  531.420497][ T6826] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  531.447701][ T6826] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  531.515336][ T6826] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  531.538492][ T6826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.625483][ T6826] usb 4-1: Product: syz
[  531.654807][  T286] EXT4-fs (loop4): unmounting filesystem.
[  531.687082][ T6826] usb 4-1: Manufacturer: syz
[  531.692060][ T6826] usb 4-1: SerialNumber: syz
[  531.703982][ T7281] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  531.816665][ T6826] cdc_ncm 4-1:1.0: bind() failure
[  531.826097][ T6826] usb 4-1: USB disconnect, device number 27
[  532.234824][ T7316] device syzkaller0 entered promiscuous mode
[  532.249252][ T7318] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1758'.
[  533.110929][ T7328] loop3: detected capacity change from 0 to 1024
[  533.269877][ T7330] loop1: detected capacity change from 0 to 256
[  533.279665][ T7330] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  534.127397][ T7328] loop3: detected capacity change from 0 to 2048
[  534.317594][ T4694] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  534.723126][ T7328] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  535.068479][  T340] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  535.148320][ T6826] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  535.270299][  T340] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  535.288374][  T340] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  535.351176][ T6826] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  535.365538][  T340] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  535.380206][ T6826] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  535.418222][  T340] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.426494][  T340] usb 1-1: Product: syz
[  535.431107][  T340] usb 1-1: Manufacturer: syz
[  535.435795][  T340] usb 1-1: SerialNumber: syz
[  535.441453][ T6826] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  535.451050][ T6826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.467130][ T7354] loop4: detected capacity change from 0 to 256
[  535.473614][ T6826] usb 2-1: Product: syz
[  535.477798][ T6826] usb 2-1: Manufacturer: syz
[  535.487133][ T6826] usb 2-1: SerialNumber: syz
[  535.499123][ T7340] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  535.527908][ T7348] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  535.541303][ T7354] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  536.524457][  T340] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  536.538241][  T340] cdc_ncm 1-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  536.555910][  T340] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  536.567576][  T284] EXT4-fs (loop3): unmounting filesystem.
[  536.724980][  T340] cdc_ncm 1-1:1.0: setting tx_max = 48
[  536.731951][ T6826] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  536.740753][ T6826] cdc_ncm 2-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  536.748391][  T340] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  536.759387][ T6826] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  536.779189][  T340] usb 1-1: USB disconnect, device number 18
[  536.785486][  T340] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  536.932364][ T7344] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  536.945452][ T6826] cdc_ncm 2-1:1.0: setting tx_max = 48
[  536.956836][ T6826] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  536.993728][ T6826] usb 2-1: USB disconnect, device number 18
[  537.007038][ T6826] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  538.929871][ T7423] loop1: detected capacity change from 0 to 256
[  538.936716][ T7423] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  539.896068][ T7420] loop3: detected capacity change from 0 to 256
[  539.902937][ T7420] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  540.750637][ T7445] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1783'.
[  541.016746][ T7448] loop3: detected capacity change from 0 to 256
[  541.030158][ T7448] FAT-fs (loop3): Unrecognized mount option "cÐ'ck=strict" or missing value
[  541.532377][ T7453] loop4: detected capacity change from 0 to 128
[  541.772886][ T4692] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  543.048301][  T293] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  543.238298][  T293] usb 5-1: Using ep0 maxpacket: 32
[  543.246501][  T293] usb 5-1: unable to get BOS descriptor or descriptor too short
[  543.272766][  T293] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  543.302341][  T293] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  543.336208][  T293] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  544.031437][ T7470] loop3: detected capacity change from 0 to 128
[  544.041241][   T28] audit: type=1400 audit(1760158766.105:8303): avc:  denied  { mounton } for  pid=7467 comm="syz.3.1794" path="/360/file0/bus" dev="loop3" ino=1048601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  544.077862][  T293] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  544.091784][ T7473] loop1: detected capacity change from 0 to 256
[  544.099101][ T7473] FAT-fs (loop1): Unrecognized mount option "cÐ'ck=strict" or missing value
[  544.134315][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.171229][  T293] usb 5-1: Product: syz
[  544.211775][ T4694] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  544.221712][  T293] usb 5-1: Manufacturer: syz
[  544.230127][  T293] usb 5-1: SerialNumber: syz
[  544.749784][ T7491] loop1: detected capacity change from 0 to 128
[  546.436847][ T7502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1803'.
[  546.598767][ T7504] device syzkaller0 entered promiscuous mode
[  546.763423][ T7509] loop1: detected capacity change from 0 to 1024
[  546.870901][ T7509] EXT4-fs: Ignoring removed nobh option
[  546.886736][ T7509] EXT4-fs: Ignoring removed bh option
[  546.902446][ T7509] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  547.185901][ T7509] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  547.508082][  T293] usb 5-1: 0:2 : does not exist
[  547.528359][  T293] usb 5-1: USB disconnect, device number 28
[  547.599166][  T282] EXT4-fs (loop1): unmounting filesystem.
[  548.159946][  T351] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  548.613650][  T351] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  548.627854][  T351] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  548.644481][  T351] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  548.660207][  T351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.677198][  T351] usb 2-1: Product: syz
[  548.686681][  T351] usb 2-1: Manufacturer: syz
[  548.734358][  T351] usb 2-1: SerialNumber: syz
[  548.742018][ T7545] loop3: detected capacity change from 0 to 512
[  548.755128][ T7530] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  548.775263][ T7545] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1815: casefold flag without casefold feature
[  548.855850][ T7547] loop4: detected capacity change from 0 to 128
[  548.915812][ T7545] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1815: couldn't read orphan inode 15 (err -117)
[  549.184019][ T7545] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  549.349436][  T284] EXT4-fs (loop3): unmounting filesystem.
[  549.458271][  T293] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  549.698250][  T293] usb 3-1: Using ep0 maxpacket: 32
[  549.705059][  T293] usb 3-1: unable to get BOS descriptor or descriptor too short
[  549.718871][  T293] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  549.745448][  T293] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  549.761595][ T7561] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1818'.
[  549.765870][  T293] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  549.796322][  T293] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  549.813417][  T293] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.826278][  T293] usb 3-1: Product: syz
[  549.833952][  T293] usb 3-1: Manufacturer: syz
[  549.841205][  T293] usb 3-1: SerialNumber: syz
[  550.277579][  T351] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  550.284157][  T351] cdc_ncm 2-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  550.292370][  T351] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  550.298476][  T351] cdc_ncm 2-1:1.0: setting tx_max = 48
[  550.306856][  T351] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  550.360109][  T351] usb 2-1: USB disconnect, device number 19
[  550.366391][  T351] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  550.644186][ T7586] loop4: detected capacity change from 0 to 1024
[  550.700071][ T7586] loop4: detected capacity change from 0 to 2048
[  550.764313][ T7586] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  552.684031][  T293] usb 3-1: 0:2 : does not exist
[  552.734187][  T293] usb 3-1: USB disconnect, device number 29
[  552.920088][ T7629] loop1: detected capacity change from 0 to 128
[  553.246640][  T286] EXT4-fs (loop4): unmounting filesystem.
[  553.962203][ T7649] loop1: detected capacity change from 0 to 512
[  553.995663][ T7649] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1836: casefold flag without casefold feature
[  554.010049][ T7649] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1836: couldn't read orphan inode 15 (err -117)
[  554.022696][ T7652] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1834'.
[  554.038803][ T7649] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  554.267321][ T7658] loop4: detected capacity change from 0 to 256
[  554.274297][ T7658] FAT-fs (loop4): Unrecognized mount option "cÐ'ck=strict" or missing value
[  554.468569][  T282] EXT4-fs (loop1): unmounting filesystem.
[  554.899290][ T7667] loop4: detected capacity change from 0 to 1024
[  554.966751][ T7667] loop4: detected capacity change from 0 to 2048
[  555.029425][ T7667] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  555.178219][ T6826] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  555.218259][   T19] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  555.368381][ T6826] usb 2-1: Using ep0 maxpacket: 32
[  555.401223][ T6826] usb 2-1: unable to get BOS descriptor or descriptor too short
[  555.441777][ T6826] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  555.530201][ T6826] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  555.602390][ T6826] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  555.619283][   T19] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  555.621061][ T6826] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  555.637588][   T19] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  555.661236][ T6826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.663333][   T19] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  555.669868][ T6826] usb 2-1: Product: syz
[  555.683037][ T6826] usb 2-1: Manufacturer: syz
[  555.687750][ T6826] usb 2-1: SerialNumber: syz
[  555.698047][   T19] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.712411][   T19] usb 4-1: Product: syz
[  555.722002][   T19] usb 4-1: Manufacturer: syz
[  555.730818][   T19] usb 4-1: SerialNumber: syz
[  555.745923][ T7668] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  556.235540][  T286] EXT4-fs (loop4): unmounting filesystem.
[  556.588433][  T293] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  557.062375][   T19] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  557.074982][   T19] cdc_ncm 4-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  557.082772][   T19] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  557.109447][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  557.127194][  T293] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  557.180497][   T19] cdc_ncm 4-1:1.0: setting tx_max = 48
[  557.192346][   T19] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  557.210081][  T293] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  557.234556][   T19] usb 4-1: USB disconnect, device number 28
[  557.248506][   T19] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  557.280252][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.295681][  T293] usb 5-1: Product: syz
[  557.306534][  T293] usb 5-1: Manufacturer: syz
[  557.327463][  T293] usb 5-1: SerialNumber: syz
[  557.356065][ T2837] ==================================================================
[  557.364182][ T2837] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[  557.372044][ T2837] Read of size 8 at addr ffff88811fe78cf0 by task kworker/0:5/2837
[  557.379950][ T2837] 
[  557.382286][ T2837] CPU: 0 PID: 2837 Comm: kworker/0:5 Not tainted syzkaller #0
[  557.389760][ T2837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  557.399840][ T2837] Workqueue: rcu_gp srcu_invoke_callbacks
[  557.405609][ T2837] Call Trace:
[  557.408911][ T2837]  <TASK>
[  557.411945][ T2837]  __dump_stack+0x21/0x24
[  557.416305][ T2837]  dump_stack_lvl+0xee/0x150
[  557.420918][ T2837]  ? __cfi_dump_stack_lvl+0x8/0x8
[  557.425966][ T2837]  ? __list_del_entry_valid+0xa6/0x130
[  557.431451][ T2837]  print_address_description+0x71/0x200
[  557.437030][ T2837]  print_report+0x4a/0x60
[  557.441392][ T2837]  kasan_report+0x122/0x150
[  557.445952][ T2837]  ? __list_del_entry_valid+0xa6/0x130
[  557.451440][ T2837]  __asan_report_load8_noabort+0x14/0x20
[  557.457103][ T2837]  __list_del_entry_valid+0xa6/0x130
[  557.462420][ T2837]  process_one_work+0x4b9/0xc40
[  557.467297][ T2837]  worker_thread+0xa29/0x11f0
[  557.471994][ T2837]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  557.477483][ T2837]  kthread+0x281/0x320
[  557.481570][ T2837]  ? __cfi_worker_thread+0x10/0x10
[  557.486707][ T2837]  ? __cfi_kthread+0x10/0x10
[  557.491316][ T2837]  ret_from_fork+0x1f/0x30
[  557.495764][ T2837]  </TASK>
[  557.498794][ T2837] 
[  557.501142][ T2837] Allocated by task 19:
[  557.505302][ T2837]  kasan_set_track+0x4b/0x70
[  557.509913][ T2837]  kasan_save_alloc_info+0x25/0x30
[  557.515051][ T2837]  __kasan_kmalloc+0x95/0xb0
[  557.519657][ T2837]  __kmalloc_node+0xb2/0x1e0
[  557.524274][ T2837]  kvmalloc_node+0x294/0x480
[  557.528876][ T2837]  alloc_netdev_mqs+0x8d/0xf90
[  557.533665][ T2837]  alloc_etherdev_mqs+0x37/0x40
[  557.538544][ T2837]  usbnet_probe+0x20c/0x2780
[  557.543168][ T2837]  usb_probe_interface+0x610/0xaf0
[  557.548296][ T2837]  really_probe+0x2cb/0x960
[  557.552818][ T2837]  __driver_probe_device+0x198/0x280
[  557.558124][ T2837]  driver_probe_device+0x54/0x3e0
[  557.563167][ T2837]  __device_attach_driver+0x2e9/0x4a0
[  557.568556][ T2837]  bus_for_each_drv+0x183/0x210
[  557.573454][ T2837]  __device_attach+0x2a2/0x400
[  557.578233][ T2837]  device_initial_probe+0x1a/0x20
[  557.583325][ T2837]  bus_probe_device+0xc0/0x1f0
[  557.588114][ T2837]  device_add+0xb4d/0xef0
[  557.592485][ T2837]  usb_set_configuration+0x19c2/0x1f10
[  557.597971][ T2837]  usb_generic_driver_probe+0x91/0x150
[  557.603452][ T2837]  usb_probe_device+0x159/0x270
[  557.608327][ T2837]  really_probe+0x2cb/0x960
[  557.612853][ T2837]  __driver_probe_device+0x198/0x280
[  557.618189][ T2837]  driver_probe_device+0x54/0x3e0
[  557.623235][ T2837]  __device_attach_driver+0x2e9/0x4a0
[  557.628636][ T2837]  bus_for_each_drv+0x183/0x210
[  557.633507][ T2837]  __device_attach+0x2a2/0x400
[  557.638293][ T2837]  device_initial_probe+0x1a/0x20
[  557.643338][ T2837]  bus_probe_device+0xc0/0x1f0
[  557.648123][ T2837]  device_add+0xb4d/0xef0
[  557.652536][ T2837]  usb_new_device+0xa70/0x1520
[  557.657325][ T2837]  hub_event+0x2850/0x4350
[  557.661768][ T2837]  process_one_work+0x71f/0xc40
[  557.666638][ T2837]  worker_thread+0xa29/0x11f0
[  557.671333][ T2837]  kthread+0x281/0x320
[  557.675420][ T2837]  ret_from_fork+0x1f/0x30
[  557.679865][ T2837] 
[  557.682202][ T2837] Freed by task 19:
[  557.686015][ T2837]  kasan_set_track+0x4b/0x70
[  557.690720][ T2837]  kasan_save_free_info+0x31/0x50
[  557.695778][ T2837]  ____kasan_slab_free+0x132/0x180
[  557.700922][ T2837]  __kasan_slab_free+0x11/0x20
[  557.705725][ T2837]  slab_free_freelist_hook+0xc2/0x190
[  557.711130][ T2837]  __kmem_cache_free+0xb7/0x1b0
[  557.716014][ T2837]  kfree+0x6f/0xf0
[  557.719762][ T2837]  kvfree+0x35/0x40
[  557.723611][ T2837]  netdev_freemem+0x3f/0x60
[  557.728153][ T2837]  netdev_release+0x7f/0xb0
[  557.732688][ T2837]  device_release+0xa4/0x1d0
[  557.737303][ T2837]  kobject_put+0x19d/0x280
[  557.741741][ T2837]  put_device+0x1f/0x30
[  557.745920][ T2837]  free_netdev+0x392/0x490
[  557.750360][ T2837]  usbnet_disconnect+0x25a/0x3b0
[  557.755321][ T2837]  usb_unbind_interface+0x223/0x8d0
[  557.760556][ T2837]  device_release_driver_internal+0x508/0x820
[  557.766654][ T2837]  device_release_driver+0x19/0x20
[  557.771797][ T2837]  bus_remove_device+0x2ee/0x350
[  557.776762][ T2837]  device_del+0x6a4/0xeb0
[  557.781106][ T2837]  usb_disable_device+0x3a8/0x750
[  557.786160][ T2837]  usb_disconnect+0x31e/0x860
[  557.790860][ T2837]  hub_event+0x1a78/0x4350
[  557.795305][ T2837]  process_one_work+0x71f/0xc40
[  557.800179][ T2837]  worker_thread+0xd2e/0x11f0
[  557.804874][ T2837]  kthread+0x281/0x320
[  557.808968][ T2837]  ret_from_fork+0x1f/0x30
[  557.813493][ T2837] 
[  557.815829][ T2837] Last potentially related work creation:
[  557.821553][ T2837]  kasan_save_stack+0x3a/0x60
[  557.826264][ T2837]  __kasan_record_aux_stack+0xb6/0xc0
[  557.831664][ T2837]  kasan_record_aux_stack_noalloc+0xb/0x10
[  557.837504][ T2837]  insert_work+0x51/0x300
[  557.841866][ T2837]  __queue_work+0x9b1/0xd30
[  557.846390][ T2837]  queue_work_on+0xd2/0x140
[  557.850916][ T2837]  usbnet_link_change+0x189/0x1b0
[  557.855964][ T2837]  usbnet_probe+0x1d55/0x2780
[  557.860667][ T2837]  usb_probe_interface+0x610/0xaf0
[  557.865800][ T2837]  really_probe+0x2cb/0x960
[  557.870377][ T2837]  __driver_probe_device+0x198/0x280
[  557.875676][ T2837]  driver_probe_device+0x54/0x3e0
[  557.880729][ T2837]  __device_attach_driver+0x2e9/0x4a0
[  557.886122][ T2837]  bus_for_each_drv+0x183/0x210
[  557.891004][ T2837]  __device_attach+0x2a2/0x400
[  557.895783][ T2837]  device_initial_probe+0x1a/0x20
[  557.900827][ T2837]  bus_probe_device+0xc0/0x1f0
[  557.905707][ T2837]  device_add+0xb4d/0xef0
[  557.910062][ T2837]  usb_set_configuration+0x19c2/0x1f10
[  557.915547][ T2837]  usb_generic_driver_probe+0x91/0x150
[  557.921123][ T2837]  usb_probe_device+0x159/0x270
[  557.926025][ T2837]  really_probe+0x2cb/0x960
[  557.930551][ T2837]  __driver_probe_device+0x198/0x280
[  557.935859][ T2837]  driver_probe_device+0x54/0x3e0
[  557.940906][ T2837]  __device_attach_driver+0x2e9/0x4a0
[  557.946292][ T2837]  bus_for_each_drv+0x183/0x210
[  557.951160][ T2837]  __device_attach+0x2a2/0x400
[  557.955933][ T2837]  device_initial_probe+0x1a/0x20
[  557.960963][ T2837]  bus_probe_device+0xc0/0x1f0
[  557.965734][ T2837]  device_add+0xb4d/0xef0
[  557.970102][ T2837]  usb_new_device+0xa70/0x1520
[  557.974875][ T2837]  hub_event+0x2850/0x4350
[  557.979307][ T2837]  process_one_work+0x71f/0xc40
[  557.984170][ T2837]  worker_thread+0xa29/0x11f0
[  557.988885][ T2837]  kthread+0x281/0x320
[  557.992962][ T2837]  ret_from_fork+0x1f/0x30
[  557.997386][ T2837] 
[  557.999910][ T2837] The buggy address belongs to the object at ffff88811fe78000
[  557.999910][ T2837]  which belongs to the cache kmalloc-4k of size 4096
[  558.014228][ T2837] The buggy address is located 3312 bytes inside of
[  558.014228][ T2837]  4096-byte region [ffff88811fe78000, ffff88811fe79000)
[  558.027681][ T2837] 
[  558.030012][ T2837] The buggy address belongs to the physical page:
[  558.036420][ T2837] page:ffffea00047f9e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11fe78
[  558.046677][ T2837] head:ffffea00047f9e00 order:3 compound_mapcount:0 compound_pincount:0
[  558.055030][ T2837] flags: 0x4000000000010200(slab|head|zone=1)
[  558.061122][ T2837] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043380
[  558.069715][ T2837] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  558.078299][ T2837] page dumped because: kasan: bad access detected
[  558.084725][ T2837] page_owner tracks the page as allocated
[  558.090438][ T2837] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1003, tgid 997 (syz.1.159), ts 74501436822, free_ts 74190723024
[  558.112852][ T2837]  post_alloc_hook+0x1f5/0x210
[  558.117637][ T2837]  prep_new_page+0x1c/0x110
[  558.122152][ T2837]  get_page_from_freelist+0x2c7b/0x2cf0
[  558.127734][ T2837]  __alloc_pages+0x1c3/0x450
[  558.132336][ T2837]  alloc_slab_page+0x6e/0xf0
[  558.136938][ T2837]  new_slab+0x98/0x3d0
[  558.141018][ T2837]  ___slab_alloc+0x6bd/0xb20
[  558.145615][ T2837]  __slab_alloc+0x5e/0xa0
[  558.149954][ T2837]  __kmem_cache_alloc_node+0x203/0x2c0
[  558.155419][ T2837]  __kmalloc_node_track_caller+0xa0/0x1e0
[  558.161156][ T2837]  krealloc+0x6f/0x110
[  558.165225][ T2837]  copy_verifier_state+0x6bb/0xab0
[  558.170349][ T2837]  push_stack+0x19b/0x4f0
[  558.174694][ T2837]  do_check+0x9620/0xf060
[  558.179037][ T2837]  do_check_common+0x11ae/0x1950
[  558.183982][ T2837]  bpf_check+0x3de0/0x10ca0
[  558.188547][ T2837] page last free stack trace:
[  558.193226][ T2837]  free_unref_page_prepare+0x742/0x750
[  558.198783][ T2837]  free_unref_page+0x8f/0x530
[  558.203471][ T2837]  __free_pages+0x67/0x100
[  558.207900][ T2837]  __free_slab+0xca/0x1a0
[  558.212248][ T2837]  __unfreeze_partials+0x160/0x190
[  558.217461][ T2837]  put_cpu_partial+0xa9/0x100
[  558.222169][ T2837]  __slab_free+0x1c4/0x280
[  558.226600][ T2837]  ___cache_free+0xbf/0xd0
[  558.231035][ T2837]  qlist_free_all+0xc6/0x140
[  558.235726][ T2837]  kasan_quarantine_reduce+0x14a/0x170
[  558.241193][ T2837]  __kasan_slab_alloc+0x24/0x80
[  558.246058][ T2837]  slab_post_alloc_hook+0x4f/0x2d0
[  558.251182][ T2837]  kmem_cache_alloc+0x16e/0x330
[  558.256039][ T2837]  vm_area_dup+0x27/0x280
[  558.260382][ T2837]  __split_vma+0x1d2/0x930
[  558.264810][ T2837]  split_vma+0x7c/0xd0
[  558.268896][ T2837] 
[  558.271251][ T2837] Memory state around the buggy address:
[  558.276899][ T2837]  ffff88811fe78b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  558.284966][ T2837]  ffff88811fe78c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  558.293033][ T2837] >ffff88811fe78c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  558.301090][ T2837]                                                              ^
[  558.308982][ T2837]  ffff88811fe78d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  558.317058][ T2837]  ffff88811fe78d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  558.325134][ T2837] ==================================================================
[  558.333193][ T2837] Disabling lock debugging due to kernel taint
[  558.350898][ T7693] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  558.399811][   T28] audit: type=1400 audit(1760158780.423:8304): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  558.423347][ T7712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1852'.
[  558.452925][   T28] audit: type=1400 audit(1760158780.423:8305): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  558.545952][   T28] audit: type=1400 audit(1760158780.423:8306): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  558.597007][   T28] audit: type=1400 audit(1760158780.423:8307): avc:  denied  { add_name } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  558.609498][ T6826] usb 2-1: 0:2 : does not exist
[  558.645201][   T28] audit: type=1400 audit(1760158780.423:8308): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  558.670513][ T6826] usb 2-1: USB disconnect, device number 20
[  558.706714][   T28] audit: type=1400 audit(1760158780.423:8309): avc:  denied  { append open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  558.748261][   T28] audit: type=1400 audit(1760158780.423:8310): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  558.879178][ T4692] udevd[4692]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  559.381177][  T293] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  559.387639][  T293] cdc_ncm 5-1:1.0: dwNtbInMaxSize=8 is too small. Using 2048
[  559.395334][  T293] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  559.585777][  T293] cdc_ncm 5-1:1.0: setting tx_max = 48
[  559.596104][  T293] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  559.611441][  T293] usb 5-1: USB disconnect, device number 29
[  559.620194][  T293] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)