last executing test programs:

20.741642482s ago: executing program 2 (id=3371):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00', {}, 0x19, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2de, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x7, 0x0, 0x9, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x0)
r1 = dup(r0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$uinput_user_dev(r1, &(0x7f0000001100)={'syz1\x00', {0x10, 0x0, 0x200}, 0x0, [0x0, 0x0, 0xa, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1000, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6bb], [0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400]}, 0x45c)

20.675890849s ago: executing program 2 (id=3373):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_open_procfs$namespace(r0, &(0x7f0000000340)='ns/uts\x00')

19.910039238s ago: executing program 2 (id=3380):
r0 = syz_btf_id_by_name$bpf_lsm(&(0x7f0000000500)='bpf_lsm_task_free\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x1d, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="3f7914a4844eb6c1f8000000000000009580"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

19.831514247s ago: executing program 2 (id=3383):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x20)

19.80705556s ago: executing program 2 (id=3384):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getgroups(0x2, &(0x7f0000000300)=[0xee00, 0x0])

19.730651028s ago: executing program 2 (id=3386):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a"], 0x4c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

10.566748158s ago: executing program 4 (id=3417):
r0 = socket$inet(0x2, 0x3, 0x8)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f00000005c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x80, 0x1c, {0x7, 0x1ff, 0xb2, 0x4, 0x5, 0x800, 0x0, 0x9, 0x81, 0x7, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000002380)=0x3)
mmap(&(0x7f000024b000/0x4000)=nil, 0x4000, 0xb635773f06ebbee8, 0x8030, r2, 0x2c893000)
syz_clone(0x49004800, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mremap(&(0x7f000024b000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00007d5000/0x3000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
pipe(&(0x7f0000000000))
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
getsockopt$MRT(r0, 0xff00, 0xce, 0x0, 0x0)

9.100218588s ago: executing program 1 (id=3419):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x14552, &(0x7f0000000240)=ANY=[], 0x1, 0x1210, &(0x7f000000a400)="$eJzs3E9rHGUcB/Bft1sbU/NHrdX2oA968TQ0OXgSJEgKkgWlNkIrCFMz0SXjbsgsgRWx9eTV1yEevRXEN5CLJ1+At1w89iCOONu1puwqe2iW6udzmR/8ni/zPLuwMMs8z/Gb33y2t1tlu/kgWmfORGs/It1PkaIVYy9vja43b21tdDqb11O6tnFj7Y2U0vIrP3z4xXev/ji48MH3y/fOx9HqR8e/rv9ydOno8vHvNz7tVqlbpV5/kPJ0u98f5LfLIu10q70spffKIq+K1O1VxcGJ/m7Z398fpry3s7S4f1BUVcp7w7RXDNOgnwYHw5R/knd7KcuytLQYTHXu34dsf3u/ruuIuj4XT0Vd1/XTsRgX4plYiuW4GxHPxnPxfFyMF+JSvBgvxeVm1GlMHwAAAAAAAAAAAAAAAAAAAP4//mn//0qs2v8PAAAAAAAAAAAAAAAAAAAAp+D9m7e2NjqdzespLUSUXx9uH26PrqP+xm50o4wirsZK/BbN7v+RUX3tnc7m1dRYja/KOw/ydw63z57MrzXHCTzIt5veOL82yqeT+fOx+Pf8eqzExcn3X5+YX4jXX2uON/hTEVmsxE8fRz/K2Gnu/TD/5VpKb7/beSR/pRkHAAAA/wVZ+svE5/csm9Yf5Wf4f+CR5+t2XGnPd+1EVMPP9/KyLO6Oi4OmWBgX5RNW/BwzDL73mKbRekwLbMW8P17Fk1a087I+GzF7fN6/TJyGh1/6vGcCAAAAAAAAAADALKa8/Retqa2ZinZMeLPsrfksFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5gB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQwUAAP//PLrRLA==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r2 = getuid()
r3 = geteuid()
mount$9p_xen(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="7472616e733d78656e2c76657273696f6e3d3970323030302e752c6c6f6f73652c756e616d653d24401b2c63616368653d6e6f6e652c", @ANYRESDEC=r2, @ANYBLOB=',apprai', @ANYBLOB])
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@loopback, @in=@multicast1, 0x4e20, 0x0, 0x4e24, 0x7f, 0x2, 0x60, 0x0, 0x2f, 0x0, r3}, {0x6, 0x5, 0x77fc, 0x1b4d, 0x7, 0x2, 0x2, 0x11}, {0x0, 0x6, 0x1ff, 0xffffffff}, 0x9, 0x0, 0x3, 0x1, 0x1}, {{@in6=@local, 0x4d4, 0x3c}, 0x2, @in=@multicast2, 0x3504, 0x4, 0x2, 0x8, 0x4870000, 0x9, 0x7}}, 0xe8)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x440000a0)
ioctl$FITRIM(r1, 0x40047211, &(0x7f0000000100)={0x0, 0x0, 0x4000000000})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r5, 0x0, 0x1, &(0x7f00000000c0)=0x5, 0x4)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r6, 0x0, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYBLOB="010000000000000000003500000008000300", @ANYRES32=r10, @ANYBLOB], 0x50}}, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000480)={0x0, <r11=>0x0}, &(0x7f00000000c0)=0x839352b8218490eb)
syz_fuse_handle_req(r6, 0x0, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x78, 0x0, 0x0, {0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4009, 0x0, r11}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r12, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r12, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r12, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r13=>0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000200)=0x6, 0x8)
io_submit(r13, 0x0, 0x0)

9.100050498s ago: executing program 3 (id=3420):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

7.488553624s ago: executing program 0 (id=3421):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0xfffffffffffffef1, {0xf000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c0f000000c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576648eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af095a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0714b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb6ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b40867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d0400000000000000a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f710100ab8d0b545c334014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b57fe072d3218983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000001600)={{0x0, 0x0, 0x80}})

7.487855964s ago: executing program 1 (id=3422):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000002540)={[{@nodioread_nolock}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@usrjquota}, {@data_journal}, {@nomblk_io_submit}]}, 0x83, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SCROLLCONSOLE(r1, 0x4b66, &(0x7f00000002c0)={0xd, 0x4})
r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x1e95c2, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x150d, &(0x7f0000003040)="$eJzs3AuYjtX6MPD7Xms9DA29TXIY1lr3w5sGy5Akh4QckiTZkuSUEJokSUiMs6QhCTlOksMQksM0Jo3z+ZBzkiRNkoSEJOu7Zu/21967/f/39f/3fa7vP/fvup7rXff7PPd61pp73nmf9cz1vt/0Hlu/ZYM6zYkI/lvwbw/JABADACMB4HoACACgclzluJz9+SQm//dOwv5cD6Vd6xGwa4nrn7tx/XM3rn/uxvXP3bj+uRvXP3fj+uduXH/GcrNd84vdwFvu3fj+f27G7///g2SXn/bFlvI39fkDKQW4/rkav/5zN65/7sb1z924/rkb1z934/rnblx/xnKz//q9Y/7fwf+E7Vr//jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYyx0u+V8pAPh7+1qPizHGGGOMMcYYY38en/daj4AxxhhjjDHGGGP/9yEIkKAggDyQF2IgH+SH6yAWCkBBuB4icAPEwY1QCG6CwlAEikIxiIfiUAI0GLBAEEJJKAVRuBlKwy2QAGWgLJQDB+UhESpARbgVKsFtUBluhypwB1SFalAdasCdUBPuglpQG+rA3VAX6kF9aAD3QEO4FxrBfdAY7ocm8AA0hQehGfwFmsND0AIehpbwCLSCR6E1tIG20A7a/5fyX4D+8CIMgIGQDINgMAyBoTAMhsMIGAkvwSh4GUbDK5ACY2AsvArj4DUYD6/DBJgIk+ANmAxTYCpMg+kwA1LhTZgJb8EseBtmwxyYC/MgDebDAngHFsIiWAzvwhJ4D5bCMlgOKyAd3ocMWAmZ8AGsgg8hC1bDGlgL62A9bICNsAk2wxbYCttgO+yAnbALPoLdsAf2wj7YDwfgIHwMh+ATOAyfwhH47A/mX/yX/D4ICChQoEKFeTAPxmAM5sf8GIuxWBALYgQjGIdxWAgLYWEsjEWxKMZjPJbAEmjQICFhSSyJUYxiaSyNCZiAZbEsOnSYiIlYEW/FSlgJK2NlrIJVsCpWw2pYA2tgTayJtbAW1sE6WBfrYn2sj/fgPXgvNsJG2BgbYxNsgk2xKTbDZtgcm2MLbIEtsSW2wlbYGltjW2yL7bE9dsAO2BE7YmfsjF2wC3bDbpiESdgdu2MP7IE9sSf2wl7YG3tjH+yLffEFfAFfxBdxINYVg3AwDsahOBSH4wgcgS/hKHwZX8ZXMAXH4Fh8FV/F2gBwASfgRJyEk7CmmIJTcRqSmIGpmIozcSbOwlk4G+fgHJyHaTgfF+ACXIiLcBG+i0vwPXwPl+EyXIHpmI4ZuBIzMRNX4UXMwtW4BtfiOlyP63AjbsKNuAW34hbcjttxJ+7Ej/Aj3IN7cB/uwwOoAPBj/AQ/wRQ8gkfwKB7FY3gMj+NxzMZsPIEn8CSexFN4Ck/jaTyDZ/EcnsXzeB4v4EW8hJfwMl7GK/hc/FctDpTZnAIihxJK5BF5RIyIEflFfhErYkVBUVBERETEiThRSBQShUVhUVQUFfEiXpQQJYQRRpAIRUlRUkRFVJQWpUWCSBBlRVnhhBOJIlFUFBVFJVFJVBa3iyriDlFVVBOdXA1RQ9QUnV0tUVvUEXVEXVFP1BcNRAPRUDQUjUQj0Vg0Fk1EE9FUPCiaiUE4HB8SOZVpKcZgKzEWW4s2oq1oJ17Dx0QHMR47ik6is3hCTMQJ2E10cEniKdFdTMUe4hkxDZ8VvcQM7C2eF31EX9FPvCD6i45ugBgoZuMgMVjMw6FimBguRoiFWE/kVKy+eEWkiDFirHhVrMDXxHjxupggJopJ4g0xWUwRU8U0MV3MEKniTTFTvCVmibfFbDFHzBXzRJqYLxaId8RCsUgsFu+KJeI9sVQsE8vFCpEu3hcZYqXIFB+IVeJDkSVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix1ip9glPhK7xR6xV+wT+8UBcVB8LA6JT8Rh8ak4Ij4TR8Xn4pj4QhwXX4ps8ZU4Ib4WJ8U34pT4VpwW34kz4qw4J74X58UP4oK4KC6JH8Vl8ZO4In4WV4UXIFEKKaWSgcwj88oYmU/ml9fJWFlAFpTXy4i8QcbJG2UheZMsLIvIorKYjJfFZQmppZFWkgxlSVlKRuXNsrS8RSbIMrKsLCedLC8TZQVZUd4qK8nbZGV5u6wi75BVZTVZXdaQd8qa8i5ZS9aWdeTdsq6sJ+vLBvIe2VDeKxvJ+2Rjeb9sIh+QTeWDspn8i2wuH5It5MOypXxEtpKPytayjWwr28n28jHZQT4uO8pOsrN8QnaRXWU3+aRMkk/J7vJp2UM+I3vKZ2Uv+ZzsLZ+XfWRf2U/+LK9KLwfIgTJZDpKD5RA5VA6Tw+UIOVK+JEfJl+Vo+YpMkWPkWPmqHCdfk+Pl63KCnCgnyTfkZDlFTpXT5HQ5Q6bKN+VM+ZacJd+Ws+UcOVfOk2lyvhz+S0+L/w/y3/o3+aP/evadcpf8SO6We+ReuU/ulwfkQXlQHpKH5GF5WB6RR+RReVQek8fkcXlcZstseUKekCflSXlKnpKn5Wl5Rp6VP8rv5Xn5g7wgL8qL8kd5WV6WV375GYBCJZRUSgUqj8qrYlQ+lV9dp2JVAVVQXa8i6gYVp25UhdRNqrAqooqqYipeFVcllFZGWUUqVCVVKRVVN+MvFxSqrCqnnCqvElWFP5KvSqtbVIIq80/5vze+9qq96qA6qI6qo+qsOqsuqovqprqpJJWkuqvuqofqoXqqnqqX6qV6q96qj+qj+ql+qr/qrwaoASpZJavBaogaqoap4WqEGqleUqPUKDVajVYpKkWNVWPVODVOjVfj1QQ1QU1Sk9RkNVlNVVPVdDVdpapUNVPNVLPULDVbzVZz1VyVptLUArVALVQL1WK1WC1RS9RStVQtV8tVukpXGSpDZapMtUqtUllqtVqt1qq1ar1arzaqjWqz2qy2qq1qu9qustQutUvtVrvVXrVX7Vf71UF1UB1Sh9RhdVgdUUfUUXVUHVPH1HF1XGWrbHVCnVAn1Ul1Sp1Sp9VpdUadUefUOXVenVcX1AV1SV1Sl9VldUVdUVfV1ZzLvkAEIlCBCvIEeYKYICbIH+QPYoPYoGBQMIgEkSAuiAsKBTcFhYMiQdGgWBAfFA9KBDowgQ0oCIOSQakgGtwclA5uCRKCMkHZoFzggvJBYlAhqBjcGlQKbgsqB7cHVYI7gqpBtaB6UCO4M6gZ3BXUCmoHdYK7g7pBvaB+0CC4J2gY3Bs0Cu4LGgf3B02CB4KmwYNBs+AvQfPgoaBF8HDQMngkaBU8GrQO2gRtg3ZB+z+1f+8vFHncDdADdbIepAfrIXqoHqaH6xF6pH5Jj9Iv69H6FZ2ix+ix+lU9Tr+mx+vX9QQ9UU/Sb+jJeoqeqqfp6XqGTtVv6pn6LT1Lv61n6zl6rp6n0/R8vUC/oxfqRXqxflcv0e/ppXqZXq5X6HT9vs7QK3Wm/kCv0h/qLL1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1d79A79S79kd6t9+i9ep/erw/og/pjfUh/og/rT/UR/Zk+qj/Xx/QX+rj+Umfrr/QJ/bU+qb/Rp/S3+rT+Tp/RZ/U5/b0+r3/QF/RFfUn/qC/rn/QV/bO+qn3OxX3O27tRRpk8Jo+JMTEmv8lvYk2sKWgKmoiJmDgTZwqZQqawKWyKmqIm3sSbEqaEyUGGTElT0kRN1JQ2pU2CSTBlTVnjjDOJJtFUNBVNJVPJVDaVTRVTxVQ1VU11U93cae40d5m7TG1T29xt7jb1TD3TwDQwDU1D08g0Mo1NY9PENDFNTVPTzDQzzU1z08K0MC1NS9PKtDKtTWvT1rQ17U1708F0MB1NR9PZdDZdTBfTzXQzSSbJdDfdTQ/Tw/Q0PU0v08v0Nr1NH9PH9DP9TH/T3wwwA0yySTaDzWAz1Aw1w81wM9KMNKPMKDPajDYpJsWMNWPNODPOjDfjzQQz0Uwyb5jJZoqZaqaZ6WaGSTWpZqaZaWaZWWa2mW3mmrkmzaSZBWaBWWgWmsVmsVlilpilZqlZbpabdJNuMkyGyTSZZpVZZbJMlllj1ph1Zp3ZYDaYTWaT2WK2mG1mm9lhdphdZpfZbXabvWav2W/2m4PmoDlkDpnD5rA5Yo6Yo+aoRwBz3Bw32SbbnDAnzElz0pwyp8xpc9qcMWfMOXPOnDfnzQVzwVwyl8xl85O5Yn42V403MTafzW+vs7G2gC1or7f/Ghe1xWy8LW5LWG0L2yL/FBtrbYItY8v+fYlpK9iEmJzHctbZ8jbRVrBVbTVb3dawd9qa9i5b6zdxQ3uvbWTvs43t/baBveef4ib2AdvUPmKb2Udtc9vGtrDtbEv7iG1lH7WtbRvb1razXWxX280+aZPsU7a7ffo3cYZdaTfZzXaL3WoP2U/sJfujPWm/sZftT3aAHWhH2pfsKPuyHW1fsSl2zG/iSfYNO9lOsVPtNDvdzvhNPNfOs2l2vl1g37EL7aLfxOn2fbvEZtqldpldblf8Nc4ZU6b9wK6yH9osu9qusWvtOrvebrAb//dY19rtdofdaQ/aj+1uu8futfvsfnvgr3HOPA7bT+0R+5k9Yb+2x+wX9rg9ZbPtV3+Nc+Z3yn5rT9vv7Bl71p6z39vz9gd7wV7Mmb/Pmfv39md71XoLhCRIkqKA8lBeiqF8lJ+uo1gqQAXpeorQDRRHN1IhuokKUxEqSsUonopTCdJkyBJRSCWpFEXpZipNt1AClaGyVI4cladEqkAV6VaqRLdRZbqdqtAdVJWqUXWqQXdSTbqLalFtqkN3U12qR/WpAd1DDeleakT3UWO6n5rQA9SUHqRm9BdqTg9RC3qYWtIj1IoepdbUhtpSO2pPj1EHepw6UifqTE9QF+pK3ehJSqKnqDs9TT3oGepJz1Iveo560/PUh/pSP3qB+tOLNIAGUjINosE0hIbSMBpOI2gkvUSj6GUaTa9QCo2hsfQqjaPXaDy9ThNoIk2iN2gyTaGpNI2m0wxKpTdpJr1Fs+htmk1zaC7NozSaTwvoHVpIi2gxvUtL6D1aSstoOa2gdHqfMmglZdIHtIo+pCxaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSLvqIdtMe2kv7aD8doIP0MR2ifL+84D6jo/Q5HaMv6Dh9Sdn0FZ2gr+kkfUOn6Fs6Td/RGTpL5+h7Ok8/0AW6SJfoR7pMP9EV+pmukicIMRShDFUYhHnCvGFMmC/MH14XxoYFwoLh9WEkvCGMC28MC4U3hYXDImHRsFgYHxYPS4Q6NKENKQzDkmGpMBreHJYObwkTwjJh2bBc6MLyYWJYIawY3hpWCm8LK4e3h1XCO8KqYbXwkftrhHeGNcO7wlph7bBOeHdYN6wX1g8DAGgY3hs2Cu8LG4f3h5XCB8Km4YMh/PJ5lRbhw2HL8JGwVfho2DpsE7YN24Xtw8fCDuHjYcewU9g5fCLsEnYNu4VPhknhU2H38Onf3Z8cDgoHh0PCIaH398nl0RXR9Oj70Yzoymhm9IPoquiH0azo6uia6Nrouuj66Iboxuim6ObolujW6Lbo9uiO6M6o9w3ygkMnnHTKBS6Py+tiXD6X313nYl0BV9Bd7yLuBhfnbnSF3E2usCviirpiLt4VdyWcdsZZRy50JV0pF3U3u9LuFpfgyriyrpxzrrxLdO1ce9fedXCPu46uk+vsnnBPuK6uq3vSPemect3d066He8b1dM+6Xu4595x73vVxfV0/94Lr7150A9xAl+yS3WA32A11Q91wN9yNdCPdKDfKjXajXYpLcWPdWDfOjXPj3Xg3wU1wk9wkN9lNdlPdVDfdTXepLtXNdDPdLDfL5VRprpvr0lyaW+AWuIVuoVvsFrslCUvcUrfULXfLXbpLdxkuw2W6TLfKrXJZLsutcWvcOrfObXAb3Ca3yW1xW9w2t83tcDvcLrfL7Xa73V631+13+91Bd9AdcofcYXfYHXFH3FF31B1zx9xx96XLdl+5E+5rd9J94065b91p95074866c+57d9794C64i+6S+9Fddj+5K+5nd9V5lxp5MzIz8lZkVuTtyOzInMjcyLxIWmR+ZEHkncjCyKLI4si7kSWR9yJLI8siyyMrIumR9yMZkZWRzMgHkVWRDyNZkdWRNZG1kXWR9Qp88d2hL+lL+ai/2Zf2t/gEX8aX9eW88+V9oq/gK/pbfSV/m6/sb/dV/B2+qq/mq/tHfWvfxrf17Xx7/5jv4B/3HX0n39k/4bv4rr6bf9In+ad8d/+07+Gf8T39s76Xf8739s/7Pr6v7+df8P39i36AH+iT/SA/2A/xQ/0wP9yP8CP9S36Uf9mP9q/4FD/Gj/Wv+nH+NT/ev+4n+Il+kn/DT/ZT/FQ/zU/3M3yqf9PP9G/5Wf5tP9vP8XP9PJ/m5/sF/h2/0C/yi/27fol/zy/1y/xyv8Kn+/d9hl/pM/0HfpX/0Gf51X6NX+vX+fV+g9/oN/nNfovf6rf57X6H3+l3+Y/8br/H7/X7/H5/wB/0H/tD/hN/2H/qj/jP/FH/uT/mv/DH/Zc+23/lT/iv/Un/jT/lv/Wn/Xf+jD/rz/nv/Xn/g7/gL/pL/kd/2f/kr/if/dU/+Jm1en/mLXTGGGOMsf+PDPmd/YP+zXMKAMQv7Z+89wX2FMv+x/0SALYV/lt7mIjvEgGApwb2fujvW926ycnJvxybJSEotQwAIv9ygl/i1dAZukISdIKK/3Z8w0Tfy/Q7/UdvB8j/Dzkx8Gv8a/+f/wf9P/bEpIwq4aW4/6T/ZQAJpX7NyVmF/z1eDZ1zZgOdoNJ/0H+RDr8z/nxfpAJ0/IecWADomO9fx58Ij8PTkPRPRzLGGGOMMcYYY38zTFTv+Xvr55z1ebz6NScv/Br/3vqcMcYYY4wxxhhj196zffs9+VhSUqee3OAGN3JZo+t/csy1/svEGGOMMcYY+7P9etH/63P5ruWAGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxXOj/xTeNXes5MsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9fa/woAAP//xvg1gg==")
mkdir(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)
r4 = socket(0x80000000000000a, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x3800}]}, 0x24}}, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x108)
close(r4)
preadv(r2, 0x0, 0x0, 0x0, 0x0)

7.487513624s ago: executing program 3 (id=3423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x8, 0xc, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

7.486528735s ago: executing program 4 (id=3424):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000380)={0x0, 0x0, 0x0, 0xc, 0x0, 0xd0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

7.395328535s ago: executing program 0 (id=3425):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)

5.735976727s ago: executing program 3 (id=3426):
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20)

5.735660417s ago: executing program 0 (id=3427):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0x0, 0x296, &(0x7f0000000540)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0)
mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

5.735441267s ago: executing program 1 (id=3428):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000240)={0x80000, 0x0, [0x8, 0xc24c, 0x0, 0x8, 0x8, 0x4e4, 0xe30351e, 0x200]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.735234287s ago: executing program 4 (id=3429):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000300)="89e7ee2c7cdad9b4b473", 0xa}, {&(0x7f0000000100)="000000bbf7b4da8309fb", 0xa}], 0x2)

3.924341146s ago: executing program 0 (id=3430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000050000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000030000000500050008000000180001801400020073797a5f74756e"], 0x34}}, 0x0)

3.923944436s ago: executing program 1 (id=3431):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xcadbd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561e"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdce09000125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2b2f0ed86b00000000fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c7070800000000000000433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c6055bb164ab413d5467ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d7ab3753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c8c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06db539f97580e079175426c088a0208040982a000000000000000000000000001aad0b6d70c42c3131006d9996b4c651ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04de1d9f34335d8fcb9205da65b43831c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23d040000000000000033f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d74f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000000000000000000000000000000000915c2cde78db002a20e370600f56b3803786ffff268fa1782c240a1d3b62bb5c9c5712bc58a0f276f5224b6efaceab36d1468b0800000000000000cbefec08ac7cb62a9f6abcc97daf83edafe4409ecba3050a321a180af12bc59b1b2f1a9cfdf4bf2d26449544d82fae6473443c68e11c33b531896b7b7ebd03ed5620880ac1a33d3a6fa59d77e98a17d594eaea287f095e0593ac101efc3ad591249a4b0f090c0be8866b80f686fb8049c942c93b240c1e13ffba1f5220b5d08456614329cb66f71cbaefaedabdd0e9754f821cf88cfe247b85fea737bb72e759168acbef4cea2e21bb3fb18b8612183b386d3285984b96e22bf82be189395475b18c27437b73a81ff72818cdd291e906a8e2933237473494d4ddea11f7972eeb0fbee7e8aa90818fa847b700b4225ebb3c662c06e33dc5b94df2b35bc1647d87002b6106f7d4866ce7d68194dd00"/4166], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\x8aSpA\xd4\x98\x85D\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97\xe7\xe6\x97\xf9\xb3\xf6\xb9\v\xb5$\xee\x84\x1cn,B\xd5?\xe5E:+Pm\x1d\xb4\xb8', 0x0)
pipe2(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
splice(r7, 0x0, r6, &(0x7f0000000140), 0x4, 0x0)
write$uinput_user_dev(r8, &(0x7f00000001c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffff5], [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [], [0xfffffffc]}, 0x45c)
lsetxattr$system_posix_acl(&(0x7f00000000c0)='.\x00', &(0x7f0000000440)='system.posix_acl_access\x00', &(0x7f0000000640)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=r5, @ANYRES8=r1, @ANYRESHEX=r4, @ANYBLOB="02000000", @ANYRES8=r5, @ANYBLOB, @ANYRES32=0x0, @ANYRESOCT=r2, @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYRES8=0x0], 0x5c, 0x7)

3.923541416s ago: executing program 3 (id=3432):
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB, @ANYBLOB, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',allow_othe'], 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xf, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xffffffffffffffc7)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0xfff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
listen(r3, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @ipv4={'\x00', '\xff\xff', @private}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

3.923383096s ago: executing program 4 (id=3433):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002180)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe91ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bfca3958f2206cdc7095682c14f10ba1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b8ee8d414e757b6cce3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b5e749bf5271efd93ce76e67758fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29142a369b14607b5e48987541ed2cb5a3512a877da93174aa5bf4ee9fbf1bd0f42d221d7cbfec3feff2ef0a1d3316421ee72754aea5b5abb253295c2d87aeb468bd4f73d391c07a4831b4b0bf962e6cfa0f0445ba37524c8c062c4787f9bff922b012e833c08ff0c365c289657b88ff8aa4c26260956f6e9b640f90cacb464007c3717fd9ec6d618bd3ff950b9dc4d7f9c94205db3b47bdded6a47911088f1a1d06649c3ac08c7f6194604786d0a1fe96667fcf082caac73dda1b9c0dda7dd90c38107b8a016132b63ec21a988cc2788efc9d5f6fbfd7ddbe800a5382bbc4b2624a4b9976b2c5f4c611e88370a5dff77de5d0960a3bd91321a8e0b27a48cbc2607a4c6c406cd4ac5d5a18ba185ad620beeb77f1c6bc1697151600bd3491d5a8358ef635d50d54af5b24d11d52eb75c970ab41ee0afbd2a01d249fabacc95695efc923da1800f1439d385bbb00ac0d7c8043f4e2661ffec2eafbac5b483885d76ff5b2358986923a5fa8aad707a0aba60e4fae6dd3decf94ead2dfb52fd0be70d5d14a5f6c6a6786b0ce6a5eeeae8fb8c6ed627c348d9bf64a7aa47e02b8dd67c12141bfd5efb2b05501f57bcf3f0660dd63cb4f4912fd386647f9a9e32f5e7f00f21063f4d262bc29e8a4edd8cba7ee7fd9cf4a21cb93a9eb232acbce357044d3c99154e4ba0ed25e2ecbad23b08b2073a8a7de2c6dac3cfcab3fd33b082ddc278776963c5ad1fa244360716dc571d6e95a767ad6bf69d4c8d132155ad94b610d4a42161e7532dd5fe80556dc149d70f002ce4006bbac4549e4b48f8360e1b2353cf636ca348db1c5e8335066efe415560683c7b5eadcffe56a58093756d20609a1ea83831a430818d1e5090b2608290469eede3f81e0e4f402b63c2b54374af37aafcae614bb3936cf952f2f944f5740c4c2c629a7935eb86abb14cfcdde8b371119f1ccda5850d8c6194775b8a5f8de7000000000000a1c7e2233be2fe4254f6a9c1fc414252a4ceefd417f37b4a1507da7b4d870f3fea9757a8c24e6a72e9e3a41da13496e27952b373c776a939540527c01661ed7d0026ad4b6ee543cfac2b7f48916212dddb2eca1e2ab0861ab94a693f6b9fc9a9c2ec231588ecef2907c47fe1344eee20d3c1024ebbfbe50d6bf4543db64f8cc0d82c532d75479ad8afe72cffbd569f448d6f2f88d88b9f12ce5b56cb0731ee8e5c70598f5608726a0a5a7d57352a996722"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r0, 0x4)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000200)="fa82", 0x2700}], 0x1}, 0x0)

2.011561888s ago: executing program 0 (id=3434):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
syz_open_procfs(0x0, &(0x7f0000000240)='timerslack_ns\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000008200", @ANYRES32=r2, @ANYBLOB="5400238008000b00040000000500060007000000050011000000000008001c000d00000008001500b000000005001e"], 0x70}, 0x1, 0x0, 0x0, 0x24040000}, 0x40)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102400, 0x19000)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000540)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015001100511b48013d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586162c17600674290ca9d8d6413b8199e34f67ceaaa78710f9f8aba4765c91382f497585ca39c595b21afa6bce62b5ab0d44e9c32ad6f0349d92962a58d39494a19a9183362382792ac85578d3de07b7e155cf4ee5e3dd51212d2831bd8e2655b2fbd88791e4c66c832a774919b28b8a62711f0f156e636804e1d3f44a5ff3d63a3a51f0c7ec0c8c25e072194ddd83aa155a537e15c0d91f502deef03f83e826718705c9aef9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)={0x24, r5, 0x1, 0x400000, 0xffffffff, {{0x2}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x2f}]}, 0x24}, 0x1, 0x6c00}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x18, &(0x7f0000000280)={0x3, &(0x7f0000000140)=[{0x1, 0x0, 0x0, 0x20000000}, {0x101, 0x0, 0x4, 0x2}, {0x6, 0x4, 0x0, 0x4000000}]})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x29, 0x0, 0x0)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0)

2.010862327s ago: executing program 1 (id=3435):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_SET_PROPBIT(r0, 0x5501, 0x0)

2.010407638s ago: executing program 3 (id=3436):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c64656275672c6572726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d72656c617865642c757466383d302c726f6469722c726f6469722c00bd11a3d82e3cc8e94a1ac3169cb253bc51dceb1a3c8675eef705933dac0549813c420584251b8849a95afa9de1a80dcc7f9d4e26116050410b89f88108d551843f6115dded9b54fcb36a3a7bab7fb11d2c7265fa11a3ff2f3ca1c0df2142ff9ce532341817f2bb2fef3428793728d4daa090c5becbb74d00c95f965afa83e5bb562620ea9e99853533ca4ef0702dad548503917329f0f431d87efa28137d3f0e0fa2906cb9e236094a2d7a9ce877c1d8509500"/315], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==")
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xb, 0xc, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
setsockopt$inet6_int(r3, 0x29, 0x3e, &(0x7f0000000040)=0x3, 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=r1, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000032e2ccec7c16cd70eb754fd3f4bd5e6bceacd4ec62b2d7f915e89f84fc3cabeadfd52d61c656f7f575c47af60491faca677a3837687a87fa3cd3d47c1de9d9613aaf0b02ed9282a4f5ac086ce72f57463f9402e7f9a522e6786fee343d9c12871cc58c3ba26f873458ac953536a0d47a52397078f79fb5759342bb43690502f437c3c2fdf4712142e72459b7afbd60ec4ddd744b110c681bf7a12805c722e983fb49dfa480b1fc"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00'], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='qdisc_enqueue\x00', r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r5}, 0x0, &(0x7f00000003c0)=r4}, 0x20)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2800480, &(0x7f00000001c0), 0x1, 0x774, &(0x7f00000007c0)="$eJzs3d1rW+UfAPDvSdt17fb7tYKg86ogaGEstbNuCl5MvBDBwUCv3UKaldm0GU061lJwQwRvBBUvBL3ZtS/zzltfbvW/8EI2pnbDiRdSOWmyZWvSpWuTDPL5wNM+zzkneZ5vnnOe8yTnkATQtybSP5mIQxHxURIxVlueRMRQNTcYcWJzu9vra/k0JbGx8eYfSXWbW+tr+Wh4TOpArfBkRPz4fsThzNZ6yyur87lisbBUK09VFs5PlVdWj5xbyM0V5gqLx6ZnZo4ef+H4sb2L9a9fVg9e//i1Z7858c97T1z98KckTsTB2rrGOPbKREzUXpOh9CW8x6t7XVmPJb1uAA8lPTQHNo/yOBRjMVDNtTDSzZYBAJ3ybkRsAAB9JnH+B4A+U/8c4Nb6Wr6eevuJRHfdeCUi9m/GX7++ublmsHbNbn/1OujoreSeKyNJRIzvQf0TEfHFd29/labo0HVIgGYuXY6IM+MTW8f/ZMs9Czv1XBvbTNxXNv5B93yfzn9ebDb/y9yZ/0ST+c9wk2P3YTz4+M9c24NqWkrnfy833Nt2uyH+mvGBWul/1TnfUHL2XLGQjm3/j4jJGBpOy9Pb1DF589+brdY1zv/+/OSdL9P60/93t8hcGxy+9zGzuUpuNzE3unE54qnBZvEnd/o/aTH/PdVmHa+/9MHnrdal8afx1tPW+Dtr40rEM037/+4dbcm29ydOVXeHqfpO0cS3v3422qr+xv5PU1p//b1AN6T9P7p9/ONJ4/2a5Z3X8fOVsR9arXtw/M33/33JW9X8vtqyi7lKZWk6Yl/yxtblR+8+tl6ub5/GP/l08+N/u/0/fU94ps34B6///vXDx99ZafyzO+r/nWeu3p4faFV/e/0/U81N1pa0M/6128DdvHYAAAAAAAAAAAAAAAAAAAAAAAAA0K5MRByMJJO9k89kstnN3/B+PEYzxVK5cvhsaXlxNqq/lT0eQ5n6V12ONXwf6nTt+/Dr5aP3lZ+PiMci4tPhkWo5my8VZ3sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHGjx+/+p34Z73ToAoGP297oBAEDXOf8DQP/Z2fl/pGPtAAC6x/t/AOg/zv8A0H+c/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiwUydPpmnj7/W1fFqevbCyPF+6cGS2UJ7PLizns/nS0vnsXKk0Vyxk86WFlk90afNfsVQ6PxOLyxenKoVyZaq8snp6obS8WDl9biE3VzhdGOpaZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQvvLK6nyuWCws7SaTPtFePI+MjMwjkmkcJUZ6Nj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPOr+CwAA///vXCkU")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xc8c5f2636bb6c658, 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0xffffffffffffffff, 0x0, 0x4)
write$binfmt_misc(r3, &(0x7f0000000040), 0xfe46)
socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

2.010156388s ago: executing program 4 (id=3437):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0xa, 0x300)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000580)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x81, 0x23a, &(0x7f0000000680)="$eJzs3TFoM2UcBvDnLsmn/QzyqYsgqCAiWih1E1zqJBSkFBFBhYqIi9IKtcWtdXJx0Fmlk0sRNztLl+KiCE5VO9RF0OJgcdAhklxrK41om5iT734/OHKXvO/7f4+7502WIwEa60aSuSStJNNJOkmK8w3ur7YbJ4dbU3tLSa/39M/FoF11XDntd1uSzSSPJdkti7zaTtZ3nj/8df/Jh95Z6zz40c5zUxM9yRNHhwdPHX+48Pan84+uf/n1jwtF5tL9y3mNXzHkvXaR3PlfFPufKNp1z4B/Y/HNT77p5/6uJA8M8t9Jmerivbt6bbeTRz74u77v/fTVPZOcKzB+vV6n/x242QMap0zSTVHOJKn2y3JmpvoN/23revnayuob06+srC2/XPdKBYxLN73ibP8s/z+0qvwDN69ucvDM4vZ3/f3jVt2zASapn//pFzcejvxD48g/NJf8Q3PJPzSX/ENzyT80l/xDc8k/NJf8Q3PJPzTX+fwDAM3Su6XuJ5CButS9/gAAAAAAAAAAAAAAAAAAABdtTe0tnW6X7HrrVWt+/n5y9ESS9rD6rcH/EZ8Of/2Xot/sT0XVbSQv3DfiACP6uOanr2//fqzDXbtshy/uHWv9S9tYTjbfSjLbbl+8/4qT++/q7viHzzsvjVhgRI8/W2/937frrT+/n3zWX39mh60/Ze4evA5ff7r96zdi/dd/G3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuaPAAAA///dXGuS")
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140))
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x19e6}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x205})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.87219ms ago: executing program 0 (id=3438):
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x30, 0x0, 0x0, 0xee01}, {}, {}, 0x4}}, 0xb8}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x30, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001d0001"], 0xb8}}, 0x0)

3.43978ms ago: executing program 1 (id=3439):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000600)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x81)
r3 = syz_open_procfs(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000300)={0x2, {{0x2, 0x0, @multicast1}}}, 0x88)
symlinkat(&(0x7f0000000080)='./file0/../file0\x00', r4, &(0x7f00000001c0)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r5 = socket$igmp(0x2, 0x3, 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r3)
sendmsg$ETHTOOL_MSG_WOL_SET(r3, 0x0, 0x1)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @remote}})

1.02076ms ago: executing program 3 (id=3440):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000540)={0x2, 0x1})

0s ago: executing program 4 (id=3441):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000c40)={[{@noload}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80000}}, {@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x7f}, 0x0}, {@usrjquota}, {@noload}, {@jqfmt_vfsv1}, {@data_ordered}, {@nolazytime}, {@noauto_da_alloc}, {@nodiscard}], [], 0x2c}, 0x1, 0x4f9, &(0x7f0000000200)="$eJzs3ElvHFUeAPB/te04zjL2ZNYsM+mZzAgLRBw764FDgkDKBQkJhMLR2E4U4iQoNlISWcRBKEgcQPkELDckPgEnuCBAHEBcibgipAj5ksABFarqatN2ub2l7cbx7yd151XVq37v31Uv/ZZuB7BpVbOnJGJHRHwXEb21zbkZqrV/7s9Mjfw8MzWSRJo+91OS57s3MzVSz1o/b3ux0V+JqLyRxN5ysd0T165fGB4fH7tS7BiYrBSpi8Pnxs6NXRo6ceLI4Z7jx4aOtiTOrE739rx2ed/u0y/efmbkzO2Xvvgoq29aHG+Mo6Yvf96y7BI6SnuqUZ37Xjb4//KrviHsbEgnndlzpX2VYdmyuza7XF15+++Njnyrpjeefr2tlQPWVJqmaXdp7+xn2XTaKElqJ6TpzRR4CCTR7hoA7VH/oL83k41Up0bK4+CH291TkY+AsrjvF4/akc58BFvtq42Nutao/L9GxJnpX97NHrHgPAQAQGt9cipiW9HvqD9qRyrx94Z8fyrWhvoi4s8RsSsi/lL0X/4Wkef9R0T8s+GcHctYBajO2y73f77pKRKN3dWWyfp/TxRrW3P7f7M17+sotnbm8XclZ8+Pjx0q3pP+6OrOtgfLLz07rfbpU9++06z8akP/L3tk5df7gkU9fuycN0E3Ojw5/KBx1929mb+xN8rxJ9GZ1FMRuyNizypeP3vPzj/64b5mx+fEn8VZiv/t5i/euYoKzZO+H/FI7fpPx7z4o1j/S/L1yYuvDExcu/74+cb1ycHjx4aODmyN8bFDA/W7ouzLr289WyRLw4hFrn+9aazpQlp2/bcteP/Prlz2ZanZ9dqJlZdx686bTcc0q73/tyTP5+n6+uzV4cnJK4MRW5Lp8v6h38+9OtwzJ38Wf/+Bhdv/rohf3yvO2xsR2U38r4j4d0TsL+r+n4j4b0QcWCT+z5/838vNhpBLx7+2svhHV3T9myVOfhWx8KGOC599XCr4rWop/q5odv2P5Kn+Ys/o8OTWpeJarKaNiQd+AwEAAGAD2J/P0yaVg8VE046oVA4ejNg+O4MyMfnY2cuvXhqtzef2RVelPtPV2zAfOljMDWfb2VlDDdvZ8cP5vHGapmlPtp2N38d3tjd02PS2N2n/mR/KP2kBHjYrWkdr9os2YEOa3/7vLPvM1n8hA1hfLfgeDbBBaf+weS27/a/Vr+CAtlmo/d+IuN+GqgDrbKH2/0Jpz8l1qQuwvoz/YfNaffv3ZQDY6Hz+w6a0rB/JryKx6/QieZLOtSm0eaISi/8VgL6I+p56n2bxF/y+EtGaGna0NNKeOde0smCerdGKsqKyZJ7OFfwhhvVNVP4Y1agluiNiibt39ma7UU9cX+uK5Y3gg/b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDgfgsAAP//RUTTKw==")
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2204812, &(0x7f0000001c80)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@dioread_lock}, {@lazytime}]}, 0xd, 0x4d2, &(0x7f0000002d00)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
write$uinput_user_dev(r1, &(0x7f00000007c0)={'syz1\x00', {0x13, 0x4, 0x4, 0x6}, 0x27, [0x3, 0x430, 0x7, 0x6, 0x8, 0x2, 0x7, 0x0, 0x5, 0x80000001, 0x1, 0x1, 0x3, 0x401, 0x9, 0x8, 0x2, 0xb67, 0xc2df, 0x93a, 0x884, 0x41, 0x5, 0x800, 0x7ad, 0x6, 0x10003, 0x40, 0x0, 0x58, 0x9, 0xcba, 0x5, 0x4, 0x0, 0x7, 0x80000001, 0x5, 0x6, 0x5, 0x24, 0x8, 0x9, 0x4, 0x5, 0x5, 0x5, 0x5, 0x4, 0x8, 0x0, 0x9, 0x10001, 0x7, 0x5b6b, 0x7, 0x3fe0000, 0x80, 0x7, 0xf, 0xeb5, 0x4, 0x800, 0xd9], [0x2509, 0x400, 0x64, 0x1, 0x9, 0xfffffffc, 0x401, 0x7, 0x2, 0x7, 0xfffffffd, 0x5, 0x7, 0x400, 0xf38, 0xd51, 0x9, 0x50592a5, 0x6, 0xbc92, 0x1, 0x3, 0xc, 0x10001, 0xc, 0x6, 0x6, 0x101, 0x1ff, 0xc1e, 0x0, 0x5, 0x37d00f32, 0x2, 0x0, 0x7f, 0x0, 0xc, 0x6, 0x18cb8, 0x6, 0x10001, 0x6, 0x1000000, 0x2, 0x800, 0x10001, 0x0, 0x1, 0xf8f, 0x9, 0x37f87958, 0x8, 0x1ff, 0x4, 0xa30a, 0x5, 0x7, 0xe, 0x7, 0x7f, 0x13, 0x4, 0x1000], [0xfc43, 0x4, 0x10001, 0x10000, 0x6, 0x2, 0x5, 0x0, 0x0, 0xffffffff, 0x4, 0x8, 0xfffff800, 0x8, 0x30000, 0x7ff, 0x3ff, 0x7, 0x77, 0x5, 0x556b, 0x704c, 0x0, 0x8000, 0x100, 0x5, 0xc8285b93, 0x6f4c, 0xc, 0x387a, 0x2, 0x4, 0x3, 0xec, 0x4, 0x4, 0x1, 0x3ff, 0x0, 0x9, 0x8, 0x1, 0x6, 0x2a, 0x3e5293, 0x8, 0xd, 0x400, 0x7, 0x20006, 0xed, 0x3, 0x1, 0x1ff, 0xc78b, 0x7, 0xa, 0x1, 0xa232, 0x3, 0x4, 0x2, 0x7fffffff, 0xd4], [0x3, 0x7, 0x6, 0x3, 0x7ff, 0x5702, 0x20c2, 0x5f0, 0x200, 0xe3b, 0x7fff, 0x2, 0x93, 0x932, 0x800, 0x9, 0x31b, 0x5, 0x0, 0x2, 0x8, 0xcdf, 0x9, 0x61, 0x57f, 0x3, 0x10000, 0x1, 0x5435e849, 0x1085670e, 0x9, 0x10001, 0x2, 0x8, 0xfffffff9, 0x10, 0x9, 0x1, 0x7, 0xf, 0x40, 0xd583, 0x1, 0x1000, 0xd7b, 0xa4e1, 0x1, 0x4, 0xa, 0x3, 0x1, 0x2, 0xffffffc1, 0xfffffff7, 0x4, 0x7, 0x8001, 0x40, 0x8, 0xfffffffc, 0x0, 0x1, 0x5, 0x6]}, 0x45c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r2 = add_key$keyring(&(0x7f0000000140), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, &(0x7f0000000700)=@secondary)
open(0x0, 0x34117e, 0x104)
open(0x0, 0x14113e, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r0, @ANYRES32=0x0, @ANYBLOB="000000000000000120001280080001002380e8c927c7"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e0100000841"], 0x0)

kernel console output (not intermixed with test programs):

/0x20
[  997.871129][T16397]  ? fput_many+0x160/0x1b0
[  997.875385][T16397]  ? __ia32_sys_read+0x90/0x90
[  997.879980][T16397]  __secure_computing+0xf0/0x300
[  997.884755][T16397]  syscall_enter_from_user_mode+0xd5/0x1b0
[  997.890396][T16397]  do_syscall_64+0x1e/0xb0
[  997.894647][T16397]  ? clear_bhb_loop+0x35/0x90
[  997.899161][T16397]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  997.904888][T16397] RIP: 0033:0x7efec1aa4ff9
[  997.909144][T16397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  997.928583][T16397] RSP: 002b:00007efec071e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  997.936831][T16397] RAX: ffffffffffffffda RBX: 00007efec1c5cf80 RCX: 00007efec1aa4ff9
[  997.944640][T16397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280
[  997.952453][T16397] RBP: 00007efec071e090 R08: 0000000000000000 R09: 0000000000000000
[  997.960262][T16397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  997.968073][T16397] R13: 0000000000000000 R14: 00007efec1c5cf80 R15: 00007fff806cd4e8
[  997.975889][T16397]  </TASK>
[  997.989133][T16397] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  998.009291][T16397] audit: out of memory in audit_log_start
[  998.014860][   T30] audit: type=1326 audit(1729708148.229:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[  998.089815][   T30] audit: type=1326 audit(1729708148.229:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[  998.127368][T16401] loop4: detected capacity change from 0 to 40427
[  998.134956][   T30] audit: type=1326 audit(1729708148.229:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[  998.159075][   T30] audit: type=1326 audit(1729708148.229:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[  998.165502][T16399] loop2: detected capacity change from 0 to 40427
[  998.182724][   T30] audit: type=1326 audit(1729708148.229:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[  998.239179][T16401] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  998.245975][T16401] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  998.265496][   T30] audit: type=1326 audit(1729708148.229:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16396 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efec1aa3990 code=0x7ffc0000
[  998.279146][T16399] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  998.295905][T16399] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  998.312206][T16401] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  998.346051][T16399] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  998.380532][T16401] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  998.390416][T16401] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  998.420634][T16408] loop3: detected capacity change from 0 to 40427
[  998.435313][T16399] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  998.442200][T16399] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  998.495906][T16408] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  998.502090][T16408] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  998.547519][T16410] loop1: detected capacity change from 0 to 40427
[  998.570659][T16410] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  998.579816][T16410] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  998.590356][T16408] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  998.616084][T16410] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  999.065666][T16408] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  999.072596][T16408] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  999.125357][T16418] loop0: detected capacity change from 0 to 40427
[  999.133441][T16410] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  999.140508][T16410] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  999.213432][T16418] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  999.240287][T16418] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  999.277951][T15580] attempt to access beyond end of device
[  999.277951][T15580] loop3: rw=2049, want=45104, limit=40427
[  999.456147][T16418] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  999.509031][T16418] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  999.516240][T16418] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  999.812806][T16443] loop1: detected capacity change from 0 to 40427
[  999.885792][T16443] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  999.891990][T16443] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  999.900109][  T301] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  999.911245][T16445] loop4: detected capacity change from 0 to 40427
[  999.923306][T16445] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  999.930277][T16445] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  999.935868][T16443] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  999.967366][T16445] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  999.978459][T16443] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  999.985350][T16443] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  999.995218][T10351] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1000.029523][T16445] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1000.038294][T16445] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1000.163327][T16460] 9pnet: Unknown protocol version 9p20\++}
[ 1000.169264][T16460] bridge0: port 3(syz_tun) entered blocking state
[ 1000.175741][T16460] bridge0: port 3(syz_tun) entered disabled state
[ 1000.182318][T16460] device syz_tun entered promiscuous mode
[ 1000.787236][T16460] bridge0: port 3(syz_tun) entered blocking state
[ 1000.793516][T16460] bridge0: port 3(syz_tun) entered forwarding state
[ 1000.968696][T14892] attempt to access beyond end of device
[ 1000.968696][T14892] loop4: rw=2049, want=45104, limit=40427
[ 1000.968713][T15606] attempt to access beyond end of device
[ 1000.968713][T15606] loop1: rw=2049, want=45104, limit=40427
[ 1001.025176][T10351] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1001.065238][  T301] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1001.074891][  T301] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1001.105074][  T301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1001.175670][  T301] aiptek 3-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1001.205133][T10351] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1001.213989][T10351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1001.222032][T10351] usb 4-1: Product: syz
[ 1001.226134][T10351] usb 4-1: Manufacturer: syz
[ 1001.230526][T10351] usb 4-1: SerialNumber: syz
[ 1001.235085][ T9429] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1001.242927][T10351] usb 4-1: config 0 descriptor??
[ 1001.405103][  T330] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1001.411332][  T753] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[ 1001.545538][  T385] usb 3-1: USB disconnect, device number 29
[ 1001.745240][T10351] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[ 1001.752562][T10351] usb 4-1: USB disconnect, device number 33
[ 1001.845157][  T753] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[ 1001.856321][  T753] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[ 1001.867387][  T753] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1001.876195][  T753] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1001.895139][T16469] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 1001.965127][  T330] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1001.975192][  T330] usb 5-1: too many endpoints for config 17 interface 0 altsetting 255: 255, using maximum allowed: 30
[ 1001.986017][  T330] usb 5-1: config 17 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1001.999102][  T330] usb 5-1: config 17 interface 0 has no altsetting 0
[ 1002.005598][  T330] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1002.014439][  T330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.066258][  T330] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1002.215109][  T753] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[ 1002.223044][  T753] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input344
[ 1002.233662][  T753] usb 2-1: USB disconnect, device number 32
[ 1002.266170][T16477] FAULT_INJECTION: forcing a failure.
[ 1002.266170][T16477] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.278901][T16477] CPU: 0 PID: 16477 Comm: syz.3.3212 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1002.288685][T16477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1002.298744][T16477] Call Trace:
[ 1002.301865][T16477]  <TASK>
[ 1002.304643][T16477]  dump_stack_lvl+0x151/0x1c0
[ 1002.309157][T16477]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1002.314624][T16477]  ? finish_task_switch+0x167/0x7b0
[ 1002.319660][T16477]  dump_stack+0x15/0x20
[ 1002.323652][T16477]  should_fail+0x3c6/0x510
[ 1002.327907][T16477]  __should_failslab+0xa4/0xe0
[ 1002.332505][T16477]  ? getname_flags+0xba/0x520
[ 1002.337019][T16477]  should_failslab+0x9/0x20
[ 1002.341472][T16477]  slab_pre_alloc_hook+0x37/0xd0
[ 1002.346246][T16477]  ? getname_flags+0xba/0x520
[ 1002.350755][T16477]  kmem_cache_alloc+0x44/0x200
[ 1002.355356][T16477]  getname_flags+0xba/0x520
[ 1002.359695][T16477]  user_path_at_empty+0x2d/0x1a0
[ 1002.364473][T16477]  __x64_sys_llistxattr+0x105/0x230
[ 1002.369503][T16477]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1002.374971][T16477]  ? __ia32_sys_listxattr+0x230/0x230
[ 1002.380332][T16477]  ? syscall_enter_from_user_mode+0x19/0x1b0
[ 1002.386138][T16477]  x64_sys_call+0x530/0x9a0
[ 1002.390475][T16477]  do_syscall_64+0x3b/0xb0
[ 1002.394729][T16477]  ? clear_bhb_loop+0x35/0x90
[ 1002.399249][T16477]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1002.404969][T16477] RIP: 0033:0x7f0cf48c7ff9
[ 1002.409222][T16477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1002.428664][T16477] RSP: 002b:00007f0cf3541038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[ 1002.436912][T16477] RAX: ffffffffffffffda RBX: 00007f0cf4a7ff80 RCX: 00007f0cf48c7ff9
[ 1002.444720][T16477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280
[ 1002.452531][T16477] RBP: 00007f0cf3541090 R08: 0000000000000000 R09: 0000000000000000
[ 1002.460342][T16477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1002.468153][T16477] R13: 0000000000000000 R14: 00007f0cf4a7ff80 R15: 00007ffc2ea1a8d8
[ 1002.475969][T16477]  </TASK>
[ 1002.837834][T16484] loop2: detected capacity change from 0 to 512
[ 1002.858939][T16479] loop3: detected capacity change from 0 to 40427
[ 1002.906860][T16484] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1002.917774][T16484] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038 (0x7fffffff)
[ 1002.927808][T16479] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1002.935088][T16479] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1002.946551][T16479] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1002.946769][   T30] kauditd_printk_skb: 15 callbacks suppressed
[ 1002.946781][   T30] audit: type=1326 audit(1729708153.499:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb4686ff9 code=0x7ffc0000
[ 1002.974329][T16479] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1002.988197][   T30] audit: type=1326 audit(1729708153.539:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bb4686ff9 code=0x7ffc0000
[ 1002.994251][T16479] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1003.016603][   T30] audit: type=1326 audit(1729708153.539:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb4686ff9 code=0x7ffc0000
[ 1003.047018][   T30] audit: type=1326 audit(1729708153.539:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bb4686ff9 code=0x7ffc0000
[ 1003.070188][   T30] audit: type=1326 audit(1729708153.539:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb4686ff9 code=0x7ffc0000
[ 1003.093683][   T30] audit: type=1326 audit(1729708153.539:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1bb4685990 code=0x7ffc0000
[ 1003.117086][   T30] audit: type=1326 audit(1729708153.539:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1bb4686bfb code=0x7ffc0000
[ 1003.140481][   T30] audit: type=1326 audit(1729708153.539:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1bb4686bfb code=0x7ffc0000
[ 1003.163656][   T30] audit: type=1326 audit(1729708153.539:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1bb4686bfb code=0x7ffc0000
[ 1003.187290][   T30] audit: type=1326 audit(1729708153.539:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.2.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1bb4686bfb code=0x7ffc0000
[ 1003.295065][ T2504] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1003.395635][T16495] loop0: detected capacity change from 0 to 40427
[ 1003.435845][T16495] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1003.442060][T16495] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1003.452767][T16495] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1003.482130][T16495] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1003.489110][T16495] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1003.563979][T15631] attempt to access beyond end of device
[ 1003.563979][T15631] loop0: rw=2049, want=45104, limit=40427
[ 1003.693470][T16505] loop0: detected capacity change from 0 to 16
[ 1003.699995][T16484] fuse: Bad value for 'fd'
[ 1003.706915][T16484] UDC core: couldn't find an available UDC or it's busy: -16
[ 1003.714300][T16484] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1003.778412][T16505] erofs: (device loop0): erofs_read_inode: unsupported chunk format 7fff of nid 36
[ 1003.816107][ T2504] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1003.885151][ T2504] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1003.893028][ T2504] usb 3-1: can't read configurations, error -71
[ 1004.179972][  T301] usb 5-1: USB disconnect, device number 13
[ 1004.216693][T16511] loop0: detected capacity change from 0 to 40427
[ 1004.246361][T16511] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1004.253622][T16511] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1004.291227][T16511] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1004.344253][T16511] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1004.354492][T16511] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1004.696881][T16514] loop1: detected capacity change from 0 to 40427
[ 1004.769314][T16527] syz.3.3223[16527] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1004.769386][T16527] syz.3.3223[16527] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1004.781830][T16527] syz.3.3223[16527] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1004.796236][T16514] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1004.829248][T16523] loop2: detected capacity change from 0 to 40427
[ 1004.836903][T16514] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1004.857821][T16514] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1004.879056][T16523] F2FS-fs (loop2): Invalid SB checksum offset: 0
[ 1004.897861][T16523] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1004.911413][T16514] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1004.921267][T16514] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1004.925174][  T301] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1005.010023][T16523] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1005.304899][T15606] attempt to access beyond end of device
[ 1005.304899][T15606] loop1: rw=2049, want=45104, limit=40427
[ 1005.316655][T16523] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1005.323501][T16523] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1005.460140][T16540] loop0: detected capacity change from 0 to 40427
[ 1005.466781][T16530] loop3: detected capacity change from 0 to 40427
[ 1005.498097][T16545] loop1: detected capacity change from 0 to 1024
[ 1005.516323][T16545] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5
[ 1005.516323][T16545] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1005.516323][T16545] 
[ 1005.516639][T16530] F2FS-fs (loop3): invalid crc value
[ 1005.543590][T16530] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1005.612733][T16530] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1005.742167][  T301] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1005.761736][T16545] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[ 1005.767529][T16540] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1005.777037][T16540] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1005.785186][T16540] F2FS-fs (loop0): Unrecognized mount option "0x0000000000000000ÿÿÿÿÿÿÿÿ" or missing value
[ 1005.905178][  T301] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1005.914401][  T301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1005.955163][  T301] usb 5-1: Product: syz
[ 1005.959717][  T301] usb 5-1: Manufacturer: syz
[ 1005.964397][  T301] usb 5-1: SerialNumber: syz
[ 1005.976824][  T301] usb 5-1: config 0 descriptor??
[ 1006.105463][T16552] overlayfs: failed to resolve './file1': -2
[ 1006.420516][T16540] loop0: detected capacity change from 0 to 40427
[ 1006.465538][T16559] FAULT_INJECTION: forcing a failure.
[ 1006.465538][T16559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1006.479163][T16540] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1006.485360][T16540] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1006.494566][T16559] CPU: 1 PID: 16559 Comm: syz.3.3227 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1006.504356][T16559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1006.514253][T16559] Call Trace:
[ 1006.517377][T16559]  <TASK>
[ 1006.520155][T16559]  dump_stack_lvl+0x151/0x1c0
[ 1006.524665][T16559]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1006.530137][T16559]  ? do_vfs_ioctl+0xbab/0x2a80
[ 1006.534737][T16559]  dump_stack+0x15/0x20
[ 1006.538725][T16559]  should_fail+0x3c6/0x510
[ 1006.542980][T16559]  should_fail_usercopy+0x1a/0x20
[ 1006.545091][  T330] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[ 1006.547838][T16559]  _copy_to_user+0x20/0x90
[ 1006.547860][T16559]  simple_read_from_buffer+0xc7/0x150
[ 1006.564679][T16559]  proc_fail_nth_read+0x1a3/0x210
[ 1006.569539][T16559]  ? proc_fault_inject_write+0x390/0x390
[ 1006.575002][T16559]  ? fsnotify_perm+0x269/0x5b0
[ 1006.579608][T16559]  ? security_file_permission+0x86/0xb0
[ 1006.584985][T16559]  ? proc_fault_inject_write+0x390/0x390
[ 1006.590455][T16559]  vfs_read+0x27d/0xd40
[ 1006.594448][T16559]  ? kernel_read+0x1f0/0x1f0
[ 1006.598874][T16559]  ? __kasan_check_write+0x14/0x20
[ 1006.603821][T16559]  ? mutex_lock+0xb6/0x1e0
[ 1006.608076][T16559]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1006.614496][T16559]  ? __fdget_pos+0x2e7/0x3a0
[ 1006.618923][T16559]  ? ksys_read+0x77/0x2c0
[ 1006.623087][T16559]  ksys_read+0x199/0x2c0
[ 1006.627170][T16559]  ? vfs_write+0x1110/0x1110
[ 1006.631592][T16559]  ? debug_smp_processor_id+0x17/0x20
[ 1006.636799][T16559]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1006.636959][T16558] loop1: detected capacity change from 0 to 40427
[ 1006.642701][T16559]  __x64_sys_read+0x7b/0x90
[ 1006.650596][T16540] F2FS-fs (loop0): Mismatch valid blocks 0 vs. 7
[ 1006.653289][T16559]  x64_sys_call+0x28/0x9a0
[ 1006.660729][T16540] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[ 1006.663705][T16559]  do_syscall_64+0x3b/0xb0
[ 1006.675770][T16559]  ? clear_bhb_loop+0x35/0x90
[ 1006.680281][T16559]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1006.686009][T16559] RIP: 0033:0x7f0cf48c6a3c
[ 1006.690265][T16559] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1006.709704][T16559] RSP: 002b:00007f0cf3520030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1006.717949][T16559] RAX: ffffffffffffffda RBX: 00007f0cf4a80058 RCX: 00007f0cf48c6a3c
[ 1006.725758][T16559] RDX: 000000000000000f RSI: 00007f0cf35200a0 RDI: 0000000000000005
[ 1006.733569][T16559] RBP: 00007f0cf3520090 R08: 0000000000000000 R09: 0000000000000000
[ 1006.741381][T16559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.749193][T16559] R13: 0000000000000000 R14: 00007f0cf4a80058 R15: 00007ffc2ea1a8d8
[ 1006.757006][T16559]  </TASK>
[ 1006.765166][  T301] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[ 1006.782768][  T301] usb 5-1: USB disconnect, device number 14
[ 1006.790448][T16558] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1006.805265][T16558] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1006.820378][T16558] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1006.851536][T16558] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1006.858540][T16558] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1007.025057][  T330] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1007.033941][  T330] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1007.045031][  T330] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1007.055033][  T753] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1007.175042][ T9429] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1007.225085][  T330] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1007.233972][  T330] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1007.241773][  T330] usb 3-1: Product: syz
[ 1007.245775][  T330] usb 3-1: Manufacturer: syz
[ 1007.250149][  T330] usb 3-1: SerialNumber: syz
[ 1007.415087][  T753] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1007.425915][ T9429] usb 1-1: Using ep0 maxpacket: 32
[ 1007.430858][  T753] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1007.439756][  T753] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1007.448245][  T753] usb 4-1: config 0 descriptor??
[ 1007.545080][ T9429] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1007.557863][ T9429] usb 1-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.00
[ 1007.566809][ T9429] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1007.568771][T16554] tipc: Started in network mode
[ 1007.577163][ T9429] usb 1-1: config 0 descriptor??
[ 1007.579434][T16554] tipc: Node identity 1, cluster identity 4711
[ 1007.590038][T16554] tipc: Node number set to 1
[ 1007.600833][T16554] UDC core: couldn't find an available UDC or it's busy: -16
[ 1007.608273][T16554] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1007.616246][ T9429] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1007.675044][T10351] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1007.735080][  T330] usb 3-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1007.743357][  T330] usb 3-1: found format II with max.bitrate = 0, frame size=2
[ 1007.750618][  T330] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1007.777292][  T330] usb 3-1: USB disconnect, device number 32
[ 1007.786166][T15614] udevd[15614]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1007.925517][  T753] keytouch 0003:0926:3333.008A: fixing up Keytouch IEC report descriptor
[ 1007.934757][  T753] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.008A/input/input346
[ 1008.019065][  T753] keytouch 0003:0926:3333.008A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[ 1008.045113][T10351] usb 2-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1008.055476][T10351] usb 2-1: too many endpoints for config 17 interface 0 altsetting 255: 255, using maximum allowed: 30
[ 1008.066389][T10351] usb 2-1: config 17 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1008.079480][T10351] usb 2-1: config 17 interface 0 has no altsetting 0
[ 1008.086017][T10351] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1008.094797][T10351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1008.140120][T10351] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1008.289385][T16584] loop4: detected capacity change from 0 to 40427
[ 1008.335630][T16584] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1008.341896][T16584] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1008.352670][T16584] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1008.382558][T16584] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1008.389499][T16584] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1009.159491][T16596] loop3: detected capacity change from 0 to 512
[ 1009.294424][   T26] usb 1-1: USB disconnect, device number 25
[ 1009.336063][T16598] loop0: detected capacity change from 0 to 1024
[ 1009.358417][T16596] EXT4-fs (loop3): bad geometry: block count 3825205504 exceeds size of device (256 blocks)
[ 1009.385894][T16598] EXT4-fs (loop0): inodes count not valid: 32 vs 12
[ 1009.535581][T16603] loop0: detected capacity change from 0 to 2048
[ 1009.582035][T16602] loop4: detected capacity change from 0 to 40427
[ 1009.608676][T16603] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1009.661277][T16602] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1009.667509][T16602] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1009.678923][T16602] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1009.679721][   T30] kauditd_printk_skb: 121 callbacks suppressed
[ 1009.679741][   T30] audit: type=1400 audit(1729708160.229:674): avc:  denied  { read } for  pid=16597 comm="syz.0.3235" name="ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1009.706632][T16602] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1009.718676][   T30] audit: type=1400 audit(1729708160.229:675): avc:  denied  { open } for  pid=16597 comm="syz.0.3235" path="/dev/ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1009.725414][T16602] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1009.748762][T10351] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[ 1010.155060][T10351] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1010.166053][T10351] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1010.176852][T10351] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1010.186643][T10351] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1010.190102][T16614] loop0: detected capacity change from 0 to 40427
[ 1010.199642][T10351] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1010.214501][T10351] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1010.222785][T10351] usb 3-1: config 0 descriptor??
[ 1010.295436][T16614] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1010.301677][T16614] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1010.311956][T16614] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1010.344708][T16614] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1010.351679][T16614] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1010.439216][  T753] usb 2-1: USB disconnect, device number 33
[ 1010.534039][T16600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3236'.
[ 1010.547150][T16600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3236'.
[ 1010.635045][ T9429] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1010.670266][ T2504] usb 4-1: USB disconnect, device number 34
[ 1010.795012][  T753] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1010.875041][T10351] usbhid 3-1:0.0: can't add hid device: -71
[ 1010.880772][T10351] usbhid: probe of 3-1:0.0 failed with error -71
[ 1010.888702][T10351] usb 3-1: USB disconnect, device number 33
[ 1011.005068][ T9429] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[ 1011.016170][ T9429] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[ 1011.027512][ T9429] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1011.036383][ T9429] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.055059][T16621] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1011.095023][ T2504] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1011.155039][  T753] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1011.164805][  T753] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1011.173931][  T753] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.215486][  T753] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1011.255012][   T26] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1011.306034][T16633] loop2: detected capacity change from 0 to 1024
[ 1011.435227][ T9429] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[ 1011.520345][T16633] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1011.523355][ T9429] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input348
[ 1011.609014][ T9429] usb 5-1: USB disconnect, device number 15
[ 1011.615002][    C1] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1012.631238][  T365] usb 2-1: USB disconnect, device number 34
[ 1012.715622][   T26] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1012.752405][ T2504] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1012.762903][ T2504] usb 4-1: too many endpoints for config 17 interface 0 altsetting 255: 255, using maximum allowed: 30
[ 1012.773802][ T2504] usb 4-1: config 17 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1012.786884][ T2504] usb 4-1: config 17 interface 0 has no altsetting 0
[ 1012.793380][ T2504] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1012.802246][ T2504] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.855445][ T2504] aiptek 4-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1012.925195][   T26] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1012.934073][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1012.941886][   T26] usb 1-1: Product: syz
[ 1012.945871][   T26] usb 1-1: Manufacturer: syz
[ 1012.950274][   T26] usb 1-1: SerialNumber: syz
[ 1012.955265][   T26] usb 1-1: config 0 descriptor??
[ 1013.034997][  T753] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1013.415082][   T26] snd-usb-audio: probe of 1-1:0.0 failed with error -2
[ 1013.425569][   T26] usb 1-1: USB disconnect, device number 26
[ 1013.445066][  T753] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1013.455091][  T753] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1013.463956][  T753] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1013.505771][  T753] aiptek 3-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1013.876569][  T753] usb 3-1: USB disconnect, device number 34
[ 1014.168267][T16653] loop1: detected capacity change from 0 to 40427
[ 1014.215786][T16653] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1014.221976][T16653] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1014.231462][T16657] loop0: detected capacity change from 0 to 40427
[ 1014.240503][T16653] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1014.261091][T16653] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1014.268007][T16653] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1014.275526][T16657] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1014.282994][T16657] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1014.329438][T16657] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1014.350124][T16657] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1014.357026][T16657] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1014.457489][   T26] usb 4-1: USB disconnect, device number 35
[ 1014.743758][T15606] attempt to access beyond end of device
[ 1014.743758][T15606] loop1: rw=2049, want=45104, limit=40427
[ 1014.980887][T16674] loop4: detected capacity change from 0 to 40427
[ 1015.001390][T16669] loop3: detected capacity change from 0 to 40427
[ 1015.021132][T16669] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1015.047137][T16669] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1015.060770][T16669] F2FS-fs (loop3): Unrecognized mount option "0x0000000000000000ÿÿÿÿÿÿÿÿ" or missing value
[ 1015.072697][T16674] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1015.080124][T16674] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1015.111882][T16674] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1015.167504][T16676] loop1: detected capacity change from 0 to 40427
[ 1015.174369][T16674] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1015.181511][T16674] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1015.248439][T16676] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1015.258551][T16676] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1015.269130][T16676] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1015.299532][T16676] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1015.306558][T16676] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1015.435067][   T26] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1015.601248][T16669] loop3: detected capacity change from 0 to 40427
[ 1016.079072][T16669] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1016.086603][T16669] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1016.096765][T16669] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 7
[ 1016.103271][T16669] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[ 1016.264995][   T26] usb 1-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1016.285389][   T26] usb 1-1: too many endpoints for config 17 interface 0 altsetting 255: 255, using maximum allowed: 30
[ 1016.304946][   T26] usb 1-1: config 17 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1016.325535][   T26] usb 1-1: config 17 interface 0 has no altsetting 0
[ 1016.335535][   T26] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1016.354509][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.362483][  T365] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[ 1016.415703][   T26] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1016.426932][T16700] loop1: detected capacity change from 0 to 40427
[ 1016.441434][T16698] loop4: detected capacity change from 0 to 40427
[ 1016.495332][T16698] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1016.502880][T16698] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1016.511319][T16700] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1016.519157][T16700] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1016.528364][T16698] F2FS-fs (loop4): invalid crc value
[ 1016.529800][T16700] F2FS-fs (loop1): invalid crc value
[ 1016.534727][T16698] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1016.539981][T16700] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1016.575081][T16698] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1016.581983][T16698] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1016.585012][T16700] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1016.589528][  T330] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1016.596339][T16700] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1016.621570][T16700] SELinux:  Context system_u:object_r:systemd_passwd_agent_exec_t:s0 is not valid (left unmapped).
[ 1016.632484][   T30] audit: type=1400 audit(1729708167.179:676): avc:  denied  { relabelto } for  pid=16699 comm="syz.1.3253" name="file0" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_agent_exec_t:s0"
[ 1016.855181][  T365] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1016.888279][  T365] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1016.961364][   T30] audit: type=1400 audit(1729708167.509:677): avc:  denied  { read } for  pid=16699 comm="syz.1.3253" dev="nsfs" ino=4026532378 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1016.974186][  T365] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1016.982329][   T30] audit: type=1400 audit(1729708167.509:678): avc:  denied  { open } for  pid=16699 comm="syz.1.3253" path="net:[4026532378]" dev="nsfs" ino=4026532378 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1017.018263][   T30] audit: type=1400 audit(1729708167.509:679): avc:  denied  { setopt } for  pid=16699 comm="syz.1.3253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1017.025116][  T365] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1017.063968][  T365] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1017.074119][  T365] usb 3-1: config 0 descriptor??
[ 1017.085137][  T330] usb 4-1: Using ep0 maxpacket: 32
[ 1017.204992][  T330] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1017.217695][  T330] usb 4-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.00
[ 1017.226513][  T330] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1017.234810][  T330] usb 4-1: config 0 descriptor??
[ 1017.275380][  T330] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1017.415014][  T365] usbhid 3-1:0.0: can't add hid device: -71
[ 1017.420849][  T365] usbhid: probe of 3-1:0.0 failed with error -71
[ 1017.431292][  T365] usb 3-1: USB disconnect, device number 35
[ 1018.054956][  T330] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1018.124951][ T2504] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1018.208929][  T365] usb 1-1: USB disconnect, device number 27
[ 1018.388355][T16730] loop2: detected capacity change from 0 to 40427
[ 1018.402439][T16732] loop0: detected capacity change from 0 to 40427
[ 1018.445011][  T330] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1018.445572][T16732] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1018.454713][  T330] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1018.460908][T16732] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1018.470125][  T330] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.483226][T16730] F2FS-fs (loop2): Invalid SB checksum offset: 0
[ 1018.491957][T16730] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1018.501237][T16732] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1018.502414][T16730] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1018.515011][ T2504] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1018.533587][  T330] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1018.538977][T16732] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1018.549191][T16732] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1018.564332][T16730] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1018.571464][T16730] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1019.237509][ T2504] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1019.246431][ T2504] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1019.254185][ T2504] usb 5-1: Product: syz
[ 1019.258371][ T2504] usb 5-1: Manufacturer: syz
[ 1019.262767][ T2504] usb 5-1: SerialNumber: syz
[ 1019.271395][ T2504] usb 5-1: config 0 descriptor??
[ 1019.281576][T15579] attempt to access beyond end of device
[ 1019.281576][T15579] loop2: rw=2049, want=45104, limit=40427
[ 1019.290601][  T365] usb 4-1: USB disconnect, device number 36
[ 1019.295622][T15631] attempt to access beyond end of device
[ 1019.295622][T15631] loop0: rw=2049, want=45104, limit=40427
[ 1019.422643][ T9429] usb 2-1: USB disconnect, device number 35
[ 1019.661570][T16754] loop2: detected capacity change from 0 to 1024
[ 1019.664968][  T365] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1019.680123][T16754] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[ 1019.680123][T16754] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1019.680123][T16754] 
[ 1019.719797][T16754] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[ 1019.735203][ T2504] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[ 1019.745919][ T2504] usb 5-1: USB disconnect, device number 16
[ 1019.790913][T16751] loop0: detected capacity change from 0 to 40427
[ 1019.885380][T16751] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1019.894931][T16751] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1019.905312][T16751] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1020.049997][T16760] overlayfs: failed to resolve './file1': -2
[ 1020.126610][T16751] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1020.133486][T16751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1020.178280][  T365] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1020.189188][  T365] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1020.200612][  T365] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1020.209521][  T365] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1020.218279][  T365] usb 4-1: config 0 descriptor??
[ 1020.426104][T15631] attempt to access beyond end of device
[ 1020.426104][T15631] loop0: rw=2049, want=45104, limit=40427
[ 1020.445841][T16766] loop4: detected capacity change from 0 to 40427
[ 1020.501338][T16766] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1020.507560][T16766] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1020.541890][T16766] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1020.566815][T16771] loop0: detected capacity change from 0 to 2048
[ 1020.578686][T16766] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1020.585847][T16766] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1020.656295][T16771] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1020.666767][T16771] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff)
[ 1020.667585][T16748] FAULT_INJECTION: forcing a failure.
[ 1020.667585][T16748] name failslab, interval 1, probability 0, space 0, times 0
[ 1020.688886][T16748] CPU: 1 PID: 16748 Comm: syz.3.3261 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1020.698601][T16748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1020.708496][T16748] Call Trace:
[ 1020.711618][T16748]  <TASK>
[ 1020.714395][T16748]  dump_stack_lvl+0x151/0x1c0
[ 1020.718914][T16748]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1020.724376][T16748]  ? __kasan_check_write+0x14/0x20
[ 1020.729322][T16748]  ? proc_fail_nth_write+0x20b/0x290
[ 1020.734445][T16748]  dump_stack+0x15/0x20
[ 1020.738437][T16748]  should_fail+0x3c6/0x510
[ 1020.742690][T16748]  __should_failslab+0xa4/0xe0
[ 1020.747290][T16748]  ? sock_alloc_inode+0x1b/0xb0
[ 1020.751976][T16748]  should_failslab+0x9/0x20
[ 1020.756317][T16748]  slab_pre_alloc_hook+0x37/0xd0
[ 1020.761090][T16748]  ? sock_alloc_inode+0x1b/0xb0
[ 1020.765775][T16748]  kmem_cache_alloc+0x44/0x200
[ 1020.770378][T16748]  ? sockfs_init_fs_context+0xb0/0xb0
[ 1020.775584][T16748]  sock_alloc_inode+0x1b/0xb0
[ 1020.780098][T16748]  ? sockfs_init_fs_context+0xb0/0xb0
[ 1020.785305][T16748]  new_inode_pseudo+0x64/0x220
[ 1020.789905][T16748]  do_accept+0x162/0x6f0
[ 1020.793985][T16748]  ? __kasan_check_write+0x14/0x20
[ 1020.798932][T16748]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1020.804140][T16748]  ? __ia32_sys_listen+0x70/0x70
[ 1020.808916][T16748]  __sys_accept4+0x108/0x180
[ 1020.813338][T16748]  __x64_sys_accept4+0x9a/0xb0
[ 1020.817940][T16748]  x64_sys_call+0x798/0x9a0
[ 1020.822279][T16748]  do_syscall_64+0x3b/0xb0
[ 1020.826530][T16748]  ? clear_bhb_loop+0x35/0x90
[ 1020.831044][T16748]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1020.836774][T16748] RIP: 0033:0x7f0cf48c7ff9
[ 1020.841030][T16748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1020.860469][T16748] RSP: 002b:00007f0cf3541038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1020.868711][T16748] RAX: ffffffffffffffda RBX: 00007f0cf4a7ff80 RCX: 00007f0cf48c7ff9
[ 1020.876531][T16748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1020.884335][T16748] RBP: 00007f0cf3541090 R08: 0000000000000000 R09: 0000000000000000
[ 1020.892144][T16748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1020.899956][T16748] R13: 0000000000000000 R14: 00007f0cf4a7ff80 R15: 00007ffc2ea1a8d8
[ 1020.907773][T16748]  </TASK>
[ 1021.142362][T16781] loop2: detected capacity change from 0 to 1024
[ 1021.175337][T16783] loop1: detected capacity change from 0 to 512
[ 1021.229712][   T30] audit: type=1400 audit(1729708171.779:680): avc:  denied  { wake_alarm } for  pid=16747 comm="syz.3.3261" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1021.265001][T16783] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1021.285532][T16781] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1021.294644][T16783] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038 (0x7fffffff)
[ 1021.326467][   T30] audit: type=1326 audit(1729708171.879:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1021.352376][   T30] audit: type=1326 audit(1729708171.899:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1021.374957][  T365] usbhid 4-1:0.0: can't add hid device: -71
[ 1021.381322][  T365] usbhid: probe of 4-1:0.0 failed with error -71
[ 1021.388878][  T365] usb 4-1: USB disconnect, device number 37
[ 1021.392896][   T30] audit: type=1326 audit(1729708171.899:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1021.418437][   T30] audit: type=1326 audit(1729708171.899:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1021.442046][   T30] audit: type=1326 audit(1729708171.899:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1021.567585][ T9429] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[ 1021.764915][ T2504] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1021.785078][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1021.785093][   T30] audit: type=1326 audit(1729708172.339:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efec1aa4bfb code=0x7ffc0000
[ 1021.820795][   T30] audit: type=1326 audit(1729708172.359:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efec1aa4bfb code=0x7ffc0000
[ 1021.932488][T16796] FAULT_INJECTION: forcing a failure.
[ 1021.932488][T16796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1021.934953][ T9429] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1021.945602][T16796] CPU: 0 PID: 16796 Comm: syz.0.3266 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1021.955917][ T9429] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1021.963645][T16796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1021.963658][T16796] Call Trace:
[ 1021.963664][T16796]  <TASK>
[ 1021.990035][T16796]  dump_stack_lvl+0x151/0x1c0
[ 1021.994549][T16796]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1022.000017][T16796]  dump_stack+0x15/0x20
[ 1022.004007][T16796]  should_fail+0x3c6/0x510
[ 1022.004918][ T9429] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1022.008259][T16796]  should_fail_usercopy+0x1a/0x20
[ 1022.024055][T16796]  _copy_to_user+0x20/0x90
[ 1022.028308][T16796]  simple_read_from_buffer+0xc7/0x150
[ 1022.033517][T16796]  proc_fail_nth_read+0x1a3/0x210
[ 1022.038378][T16796]  ? proc_fault_inject_write+0x390/0x390
[ 1022.043846][T16796]  ? fsnotify_perm+0x269/0x5b0
[ 1022.048447][T16796]  ? security_file_permission+0x86/0xb0
[ 1022.053823][T16796]  ? proc_fault_inject_write+0x390/0x390
[ 1022.059295][T16796]  vfs_read+0x27d/0xd40
[ 1022.063289][T16796]  ? kernel_read+0x1f0/0x1f0
[ 1022.067712][T16796]  ? __kasan_check_write+0x14/0x20
[ 1022.072659][T16796]  ? mutex_lock+0xb6/0x1e0
[ 1022.076915][T16796]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1022.083338][T16796]  ? __fdget_pos+0x2e7/0x3a0
[ 1022.087760][T16796]  ? ksys_read+0x77/0x2c0
[ 1022.091928][T16796]  ksys_read+0x199/0x2c0
[ 1022.096009][T16796]  ? vfs_write+0x1110/0x1110
[ 1022.100432][T16796]  ? __kasan_check_write+0x14/0x20
[ 1022.105382][T16796]  ? switch_fpu_return+0x15f/0x2e0
[ 1022.110329][T16796]  __x64_sys_read+0x7b/0x90
[ 1022.114668][T16796]  x64_sys_call+0x28/0x9a0
[ 1022.118919][T16796]  do_syscall_64+0x3b/0xb0
[ 1022.123173][T16796]  ? clear_bhb_loop+0x35/0x90
[ 1022.127688][T16796]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1022.133414][T16796] RIP: 0033:0x7f13338b0a3c
[ 1022.137668][T16796] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1022.157104][T16796] RSP: 002b:00007f133252b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1022.165348][T16796] RAX: ffffffffffffffda RBX: 00007f1333a69f80 RCX: 00007f13338b0a3c
[ 1022.173160][T16796] RDX: 000000000000000f RSI: 00007f133252b0a0 RDI: 0000000000000004
[ 1022.180971][T16796] RBP: 00007f133252b090 R08: 0000000000000000 R09: 0000000000000000
[ 1022.188784][T16796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1022.196595][T16796] R13: 0000000000000000 R14: 00007f1333a69f80 R15: 00007ffc97c844a8
[ 1022.204410][T16796]  </TASK>
[ 1022.240686][ T9429] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1022.249604][ T9429] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1022.262834][ T9429] usb 5-1: Product: syz
[ 1022.266774][ T9429] usb 5-1: Manufacturer: syz
[ 1022.271166][ T9429] usb 5-1: SerialNumber: syz
[ 1022.285118][   T30] audit: type=1326 audit(1729708172.839:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efec1aa4bfb code=0x7ffc0000
[ 1022.315031][   T30] audit: type=1326 audit(1729708172.869:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efec1aa4bfb code=0x7ffc0000
[ 1022.345138][   T30] audit: type=1326 audit(1729708172.899:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.368627][   T30] audit: type=1326 audit(1729708172.899:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.418838][   T30] audit: type=1326 audit(1729708172.899:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.442368][   T30] audit: type=1326 audit(1729708172.899:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.466189][   T30] audit: type=1326 audit(1729708172.899:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.489477][   T30] audit: type=1326 audit(1729708172.959:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16782 comm="syz.1.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1022.516971][T16783] fuse: Bad value for 'fd'
[ 1022.522175][T16783] UDC core: couldn't find an available UDC or it's busy: -16
[ 1022.529555][T16783] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1022.536958][  T301] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[ 1022.594587][T16791] UDC core: couldn't find an available UDC or it's busy: -16
[ 1022.601808][T16791] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1022.614973][ T2504] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1022.622456][  T330] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[ 1022.685290][ T2504] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1022.692662][ T2504] usb 2-1: can't read configurations, error -71
[ 1022.725012][ T9429] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1022.733291][ T9429] usb 5-1: found format II with max.bitrate = 0, frame size=2
[ 1022.740552][ T9429] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1022.768225][ T9429] usb 5-1: USB disconnect, device number 17
[ 1022.776077][T15614] udevd[15614]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1022.904929][  T301] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1022.913441][  T301] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1022.924135][  T301] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1022.995029][  T330] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1023.005620][  T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1023.016473][  T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1023.025918][  T330] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1023.038717][  T330] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1023.047532][  T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.056218][  T330] usb 3-1: config 0 descriptor??
[ 1023.094983][  T301] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1023.103819][  T301] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1023.117539][  T301] usb 1-1: Product: syz
[ 1023.121512][  T301] usb 1-1: Manufacturer: syz
[ 1023.125977][  T301] usb 1-1: SerialNumber: syz
[ 1023.126136][T16806] loop1: detected capacity change from 0 to 1024
[ 1023.206142][T16806] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1023.299453][T16802] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3267'.
[ 1023.308510][T16802] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3267'.
[ 1023.483502][T16800] UDC core: couldn't find an available UDC or it's busy: -16
[ 1023.491446][T16800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1023.574989][T10524] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1023.615015][  T330] usbhid 3-1:0.0: can't add hid device: -71
[ 1023.620753][  T330] usbhid: probe of 3-1:0.0 failed with error -71
[ 1023.627614][  T330] usb 3-1: USB disconnect, device number 36
[ 1023.645189][  T301] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1023.653405][  T301] usb 1-1: found format II with max.bitrate = 0, frame size=2
[ 1023.660732][  T301] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1023.686907][  T301] usb 1-1: USB disconnect, device number 28
[ 1023.954964][T10524] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[ 1023.966276][T10524] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[ 1023.977634][T10524] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1023.986572][T10524] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.015251][T16808] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1024.131054][T16824] FAULT_INJECTION: forcing a failure.
[ 1024.131054][T16824] name failslab, interval 1, probability 0, space 0, times 0
[ 1024.143521][T16824] CPU: 0 PID: 16824 Comm: syz.0.3272 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1024.153277][T16824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1024.163172][T16824] Call Trace:
[ 1024.166296][T16824]  <TASK>
[ 1024.169074][T16824]  dump_stack_lvl+0x151/0x1c0
[ 1024.173597][T16824]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1024.179054][T16824]  ? __kasan_check_read+0x11/0x20
[ 1024.183913][T16824]  ? preempt_schedule_irq+0xe7/0x140
[ 1024.189037][T16824]  ? __cond_resched+0x20/0x20
[ 1024.193546][T16824]  ? __schedule+0xcd4/0x1590
[ 1024.197975][T16824]  dump_stack+0x15/0x20
[ 1024.201968][T16824]  should_fail+0x3c6/0x510
[ 1024.206223][T16824]  __should_failslab+0xa4/0xe0
[ 1024.210819][T16824]  ? getname_flags+0xba/0x520
[ 1024.215334][T16824]  should_failslab+0x9/0x20
[ 1024.219672][T16824]  slab_pre_alloc_hook+0x37/0xd0
[ 1024.224445][T16824]  ? getname_flags+0xba/0x520
[ 1024.228959][T16824]  kmem_cache_alloc+0x44/0x200
[ 1024.233560][T16824]  getname_flags+0xba/0x520
[ 1024.237901][T16824]  getname+0x19/0x20
[ 1024.241631][T16824]  do_sys_openat2+0xd7/0x820
[ 1024.246057][T16824]  ? do_sys_open+0x220/0x220
[ 1024.250482][T16824]  ? __schedule+0xcd4/0x1590
[ 1024.254912][T16824]  ? release_firmware_map_entry+0x190/0x190
[ 1024.260640][T16824]  __x64_sys_openat+0x243/0x290
[ 1024.265325][T16824]  ? __ia32_sys_open+0x270/0x270
[ 1024.270100][T16824]  ? switch_fpu_return+0x15f/0x2e0
[ 1024.275048][T16824]  ? exit_to_user_mode_prepare+0x7e/0xa0
[ 1024.280514][T16824]  x64_sys_call+0x6bf/0x9a0
[ 1024.284852][T16824]  do_syscall_64+0x3b/0xb0
[ 1024.289107][T16824]  ? clear_bhb_loop+0x35/0x90
[ 1024.293618][T16824]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1024.299349][T16824] RIP: 0033:0x7f13338b0990
[ 1024.303601][T16824] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[ 1024.323040][T16824] RSP: 002b:00007f13324e8f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1024.331286][T16824] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f13338b0990
[ 1024.339096][T16824] RDX: 0000000000000000 RSI: 00007f13324e8fa0 RDI: 00000000ffffff9c
[ 1024.346908][T16824] RBP: 00007f13324e8fa0 R08: 0000000000000000 R09: 00007f13324e8d17
[ 1024.354719][T16824] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1024.362531][T16824] R13: 0000000000000000 R14: 00007f1333a6a130 R15: 00007ffc97c844a8
[ 1024.370346][T16824]  </TASK>
[ 1024.942871][T10524] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[ 1024.950539][T10524] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input354
[ 1024.979548][T10524] usb 5-1: USB disconnect, device number 18
[ 1025.026121][T16819] loop1: detected capacity change from 0 to 40427
[ 1025.085394][T16819] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1025.091600][T16819] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1025.101636][T16819] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1025.121867][T16819] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1025.128731][T16819] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1025.234921][   T60] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 1025.409594][T15606] attempt to access beyond end of device
[ 1025.409594][T15606] loop1: rw=2049, want=45104, limit=40427
[ 1025.449840][T16840] loop2: detected capacity change from 0 to 1024
[ 1025.528251][T16840] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1025.621177][T16842] loop1: detected capacity change from 0 to 40427
[ 1025.644946][   T60] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1025.654612][   T60] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1025.663465][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1025.677302][T16842] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1025.683523][T16842] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1025.800224][   T60] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1025.886930][T16842] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1025.909604][T16842] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1025.916513][T16842] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1026.464146][T10351] usb 1-1: USB disconnect, device number 29
[ 1026.646329][T16859] FAULT_INJECTION: forcing a failure.
[ 1026.646329][T16859] name failslab, interval 1, probability 0, space 0, times 0
[ 1026.666227][T16859] CPU: 0 PID: 16859 Comm: syz.2.3279 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1026.676023][T16859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1026.685920][T16859] Call Trace:
[ 1026.689045][T16859]  <TASK>
[ 1026.691823][T16859]  dump_stack_lvl+0x151/0x1c0
[ 1026.696337][T16859]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1026.701803][T16859]  dump_stack+0x15/0x20
[ 1026.705796][T16859]  should_fail+0x3c6/0x510
[ 1026.710048][T16859]  __should_failslab+0xa4/0xe0
[ 1026.714647][T16859]  should_failslab+0x9/0x20
[ 1026.718992][T16859]  slab_pre_alloc_hook+0x37/0xd0
[ 1026.723765][T16859]  ? sel_write_validatetrans+0x2de/0x730
[ 1026.729227][T16859]  __kmalloc_track_caller+0x6c/0x260
[ 1026.734345][T16859]  ? sel_write_validatetrans+0x2de/0x730
[ 1026.739817][T16859]  memdup_user_nul+0x29/0xf0
[ 1026.744242][T16859]  sel_write_validatetrans+0x2de/0x730
[ 1026.749537][T16859]  ? kvm_sched_clock_read+0x18/0x40
[ 1026.754569][T16859]  ? sel_mmap_policy_fault+0x1e0/0x1e0
[ 1026.759865][T16859]  ? fsnotify_perm+0x6a/0x5b0
[ 1026.764376][T16859]  ? security_file_permission+0x86/0xb0
[ 1026.769757][T16859]  ? sel_mmap_policy_fault+0x1e0/0x1e0
[ 1026.775054][T16859]  vfs_write+0x406/0x1110
[ 1026.779221][T16859]  ? file_end_write+0x1c0/0x1c0
[ 1026.783904][T16859]  ? __kasan_check_write+0x14/0x20
[ 1026.788851][T16859]  ? mutex_lock+0xb6/0x1e0
[ 1026.793106][T16859]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1026.799528][T16859]  ? __fdget_pos+0x2e7/0x3a0
[ 1026.803956][T16859]  ? ksys_write+0x77/0x2c0
[ 1026.808207][T16859]  ksys_write+0x199/0x2c0
[ 1026.812372][T16859]  ? irqentry_exit+0x30/0x40
[ 1026.816804][T16859]  ? __ia32_sys_read+0x90/0x90
[ 1026.821401][T16859]  __x64_sys_write+0x7b/0x90
[ 1026.825825][T16859]  x64_sys_call+0x2f/0x9a0
[ 1026.830076][T16859]  do_syscall_64+0x3b/0xb0
[ 1026.834332][T16859]  ? clear_bhb_loop+0x35/0x90
[ 1026.838843][T16859]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1026.844571][T16859] RIP: 0033:0x7f1bb4686ff9
[ 1026.848827][T16859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1026.868265][T16859] RSP: 002b:00007f1bb3300038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1026.876510][T16859] RAX: ffffffffffffffda RBX: 00007f1bb483ef80 RCX: 00007f1bb4686ff9
[ 1026.884320][T16859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 1026.892134][T16859] RBP: 00007f1bb3300090 R08: 0000000000000000 R09: 0000000000000000
[ 1026.899944][T16859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1026.907756][T16859] R13: 0000000000000000 R14: 00007f1bb483ef80 R15: 00007ffdb8587a58
[ 1026.915569][T16859]  </TASK>
[ 1027.048936][T16866] FAULT_INJECTION: forcing a failure.
[ 1027.048936][T16866] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.068905][T16866] CPU: 1 PID: 16866 Comm: syz.2.3283 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1027.078696][T16866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1027.088589][T16866] Call Trace:
[ 1027.091714][T16866]  <TASK>
[ 1027.094491][T16866]  dump_stack_lvl+0x151/0x1c0
[ 1027.099007][T16866]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1027.104475][T16866]  dump_stack+0x15/0x20
[ 1027.108463][T16866]  should_fail+0x3c6/0x510
[ 1027.112718][T16866]  __should_failslab+0xa4/0xe0
[ 1027.117317][T16866]  should_failslab+0x9/0x20
[ 1027.121655][T16866]  slab_pre_alloc_hook+0x37/0xd0
[ 1027.126431][T16866]  __kmalloc+0x6d/0x270
[ 1027.130422][T16866]  ? fuse_do_ioctl+0x3ad/0x2c90
[ 1027.135110][T16866]  fuse_do_ioctl+0x3ad/0x2c90
[ 1027.139623][T16866]  ? _kstrtoull+0x3a0/0x4a0
[ 1027.143965][T16866]  ? do_vfs_ioctl+0xbc1/0x2a80
[ 1027.148563][T16866]  ? kstrtol_from_user+0x310/0x310
[ 1027.153511][T16866]  ? fuse_emit+0x800/0x800
[ 1027.157763][T16866]  ? __kasan_check_write+0x14/0x20
[ 1027.162709][T16866]  ? proc_fail_nth_write+0x20b/0x290
[ 1027.167829][T16866]  ? selinux_file_permission+0x2c4/0x570
[ 1027.173296][T16866]  ? ioctl_has_perm+0x1f8/0x560
[ 1027.177987][T16866]  ? ioctl_has_perm+0x3f5/0x560
[ 1027.182681][T16866]  fuse_ioctl_common+0x18f/0x1a0
[ 1027.187446][T16866]  fuse_dir_ioctl+0x106/0x130
[ 1027.191957][T16866]  ? fuse_rename_common+0x1090/0x1090
[ 1027.197167][T16866]  __se_sys_ioctl+0x114/0x190
[ 1027.201679][T16866]  __x64_sys_ioctl+0x7b/0x90
[ 1027.206104][T16866]  x64_sys_call+0x98/0x9a0
[ 1027.210357][T16866]  do_syscall_64+0x3b/0xb0
[ 1027.214611][T16866]  ? clear_bhb_loop+0x35/0x90
[ 1027.219123][T16866]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1027.224850][T16866] RIP: 0033:0x7f1bb4686ff9
[ 1027.229105][T16866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1027.248545][T16866] RSP: 002b:00007f1bb32df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1027.256790][T16866] RAX: ffffffffffffffda RBX: 00007f1bb483f058 RCX: 00007f1bb4686ff9
[ 1027.264601][T16866] RDX: 0000000000000000 RSI: 000000007fffffff RDI: 0000000000000005
[ 1027.272412][T16866] RBP: 00007f1bb32df090 R08: 0000000000000000 R09: 0000000000000000
[ 1027.280221][T16866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1027.288035][T16866] R13: 0000000000000000 R14: 00007f1bb483f058 R15: 00007ffdb8587a58
[ 1027.295847][T16866]  </TASK>
[ 1027.350239][T16874] loop4: detected capacity change from 0 to 128
[ 1027.393248][T16874] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1027.403875][T16874] ext4 filesystem being mounted at /67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1027.454051][T16878] loop2: detected capacity change from 0 to 1024
[ 1027.504930][T10524] usb 2-1: new full-speed USB device number 38 using dummy_hcd
[ 1027.513401][T16880] UDC core: couldn't find an available UDC or it's busy: -16
[ 1027.520640][T16880] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1027.541912][T16878] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1027.955469][T16889] loop4: detected capacity change from 0 to 40427
[ 1027.988424][T16891] loop0: detected capacity change from 0 to 1024
[ 1028.025848][T16889] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1028.032039][T16889] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1028.041290][T16891] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1028.054975][T10524] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1028.058765][T16889] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1028.063611][T10524] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1028.102743][T10524] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1028.131982][T16889] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1028.138919][T16889] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1028.505179][T16902] loop2: detected capacity change from 0 to 512
[ 1028.528345][T16902] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1028.539300][T16902] ext4 filesystem being mounted at /53/bus supports timestamps until 2038 (0x7fffffff)
[ 1028.544959][T10524] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1028.574865][T10524] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1028.582674][T10524] usb 2-1: Product: syz
[ 1028.594849][T10524] usb 2-1: Manufacturer: syz
[ 1028.604661][T10524] usb 2-1: SerialNumber: syz
[ 1028.678854][T14892] attempt to access beyond end of device
[ 1028.678854][T14892] loop4: rw=2049, want=45104, limit=40427
[ 1028.910368][T16910] FAULT_INJECTION: forcing a failure.
[ 1028.910368][T16910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1028.929033][T16872] tipc: Started in network mode
[ 1028.934244][T16872] tipc: Node identity 1, cluster identity 4711
[ 1028.940329][T16872] tipc: Node number set to 1
[ 1028.949116][T16872] tipc: Cannot configure node identity twice
[ 1028.960977][T16872] UDC core: couldn't find an available UDC or it's busy: -16
[ 1028.972615][T16910] CPU: 1 PID: 16910 Comm: syz.4.3290 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1028.982410][T16910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1028.992304][T16910] Call Trace:
[ 1028.995428][T16910]  <TASK>
[ 1028.998235][T16910]  dump_stack_lvl+0x151/0x1c0
[ 1029.002734][T16910]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1029.008186][T16910]  ? do_vfs_ioctl+0xbc1/0x2a80
[ 1029.012787][T16910]  dump_stack+0x15/0x20
[ 1029.016781][T16910]  should_fail+0x3c6/0x510
[ 1029.021035][T16910]  should_fail_usercopy+0x1a/0x20
[ 1029.025893][T16910]  _copy_to_user+0x20/0x90
[ 1029.030145][T16910]  simple_read_from_buffer+0xc7/0x150
[ 1029.035354][T16910]  proc_fail_nth_read+0x1a3/0x210
[ 1029.040211][T16910]  ? proc_fault_inject_write+0x390/0x390
[ 1029.045679][T16910]  ? fsnotify_perm+0x269/0x5b0
[ 1029.050280][T16910]  ? security_file_permission+0x86/0xb0
[ 1029.055661][T16910]  ? proc_fault_inject_write+0x390/0x390
[ 1029.061128][T16910]  vfs_read+0x27d/0xd40
[ 1029.065120][T16910]  ? kernel_read+0x1f0/0x1f0
[ 1029.069543][T16910]  ? __kasan_check_write+0x14/0x20
[ 1029.074491][T16910]  ? mutex_lock+0xb6/0x1e0
[ 1029.078748][T16910]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1029.085168][T16910]  ? __fdget_pos+0x2e7/0x3a0
[ 1029.089592][T16910]  ? ksys_read+0x77/0x2c0
[ 1029.093765][T16910]  ksys_read+0x199/0x2c0
[ 1029.097841][T16910]  ? vfs_write+0x1110/0x1110
[ 1029.102263][T16910]  ? debug_smp_processor_id+0x17/0x20
[ 1029.107471][T16910]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1029.113374][T16910]  __x64_sys_read+0x7b/0x90
[ 1029.117713][T16910]  x64_sys_call+0x28/0x9a0
[ 1029.121965][T16910]  do_syscall_64+0x3b/0xb0
[ 1029.126220][T16910]  ? clear_bhb_loop+0x35/0x90
[ 1029.130732][T16910]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1029.136460][T16910] RIP: 0033:0x7f859d3d4a3c
[ 1029.140718][T16910] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1029.160157][T16910] RSP: 002b:00007f859c00d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1029.168399][T16910] RAX: ffffffffffffffda RBX: 00007f859d58e130 RCX: 00007f859d3d4a3c
[ 1029.176212][T16910] RDX: 000000000000000f RSI: 00007f859c00d0a0 RDI: 000000000000000b
[ 1029.184022][T16910] RBP: 00007f859c00d090 R08: 0000000000000000 R09: 0000000000000000
[ 1029.191832][T16910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1029.199645][T16910] R13: 0000000000000000 R14: 00007f859d58e130 R15: 00007fff67a5f308
[ 1029.207459][T16910]  </TASK>
[ 1029.217497][T16872] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1029.335256][T10524] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1029.353618][T10524] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1029.360920][T10524] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1029.415353][T10524] usb 2-1: USB disconnect, device number 38
[ 1029.508447][T12967] tipc: Left network mode
[ 1029.560220][T16921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1029.567212][T16921] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1029.574434][T16921] device bridge_slave_0 entered promiscuous mode
[ 1029.581498][T16921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1029.588869][T16921] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1029.596512][T16921] device bridge_slave_1 entered promiscuous mode
[ 1029.670009][T16921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1029.676886][T16921] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1029.684019][T16921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1029.690963][T16921] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1029.704926][   T26] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1029.726895][  T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1029.734598][  T355] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1029.747567][  T355] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1029.767805][  T355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1029.771407][T16929] loop1: detected capacity change from 0 to 1024
[ 1029.782659][  T355] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1029.789518][  T355] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1029.796969][  T355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1029.805028][  T355] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1029.811855][  T355] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1029.819103][  T301] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[ 1029.838745][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1029.855470][T16929] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1029.856083][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1029.875536][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1029.899108][T16921] device veth0_vlan entered promiscuous mode
[ 1029.911076][T16921] device veth1_macvtap entered promiscuous mode
[ 1029.954721][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1029.963451][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1029.973178][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1029.980640][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1029.988259][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1030.004764][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1030.205035][   T26] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1030.217534][T12967] device bridge_slave_1 left promiscuous mode
[ 1030.248744][T12967] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1030.261692][T16935] loop3: detected capacity change from 0 to 1024
[ 1030.268048][   T26] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1030.277257][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1030.286306][T12967] device bridge_slave_0 left promiscuous mode
[ 1030.292388][T12967] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1030.306616][T12967] device veth1_macvtap left promiscuous mode
[ 1030.312490][T12967] device veth0_vlan left promiscuous mode
[ 1030.318955][T16935] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1030.331392][   T26] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1030.414934][  T301] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1030.426053][  T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1030.443979][  T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1030.693526][  T301] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1030.706367][  T301] usb 5-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1030.715194][  T301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1030.733504][  T301] usb 5-1: config 0 descriptor??
[ 1030.919253][   T26] usb 1-1: USB disconnect, device number 30
[ 1031.033762][T16923] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3294'.
[ 1031.116832][T16923] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3294'.
[ 1031.344232][T16950] FAULT_INJECTION: forcing a failure.
[ 1031.344232][T16950] name failslab, interval 1, probability 0, space 0, times 0
[ 1031.357595][  T301] hid-rmi 0003:17EF:6085.008B: unknown main item tag 0x0
[ 1031.368592][  T301] hid-rmi 0003:17EF:6085.008B: unknown main item tag 0x0
[ 1031.382689][  T301] hid-rmi 0003:17EF:6085.008B: item fetching failed at offset 2/5
[ 1031.394156][T16950] CPU: 0 PID: 16950 Comm: syz.3.3297 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 1031.403942][T16950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1031.413839][T16950] Call Trace:
[ 1031.416963][T16950]  <TASK>
[ 1031.419740][T16950]  dump_stack_lvl+0x151/0x1c0
[ 1031.424252][T16950]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1031.429721][T16950]  ? vfs_write+0x94d/0x1110
[ 1031.434061][T16950]  dump_stack+0x15/0x20
[ 1031.438052][T16950]  should_fail+0x3c6/0x510
[ 1031.442307][T16950]  __should_failslab+0xa4/0xe0
[ 1031.446906][T16950]  should_failslab+0x9/0x20
[ 1031.451246][T16950]  slab_pre_alloc_hook+0x37/0xd0
[ 1031.456022][T16950]  ? __se_sys_mount+0x9b/0x3b0
[ 1031.460621][T16950]  __kmalloc_track_caller+0x6c/0x260
[ 1031.465738][T16950]  ? __se_sys_mount+0x9b/0x3b0
[ 1031.470341][T16950]  strndup_user+0x76/0x150
[ 1031.474595][T16950]  __se_sys_mount+0x9b/0x3b0
[ 1031.479020][T16950]  ? __x64_sys_mount+0xd0/0xd0
[ 1031.483618][T16950]  ? debug_smp_processor_id+0x17/0x20
[ 1031.488825][T16950]  __x64_sys_mount+0xbf/0xd0
[ 1031.493252][T16950]  x64_sys_call+0x49d/0x9a0
[ 1031.497685][T16950]  do_syscall_64+0x3b/0xb0
[ 1031.501933][T16950]  ? clear_bhb_loop+0x35/0x90
[ 1031.506451][T16950]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1031.512173][T16950] RIP: 0033:0x7f15178cbff9
[ 1031.516428][T16950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1031.535872][T16950] RSP: 002b:00007f1516503038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1031.544112][T16950] RAX: ffffffffffffffda RBX: 00007f1517a84130 RCX: 00007f15178cbff9
[ 1031.551926][T16950] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[ 1031.559735][T16950] RBP: 00007f1516503090 R08: 0000000020000340 R09: 0000000000000000
[ 1031.567545][T16950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1031.575356][T16950] R13: 0000000000000000 R14: 00007f1517a84130 R15: 00007ffc8a84dff8
[ 1031.583175][T16950]  </TASK>
[ 1031.588620][  T301] hid-rmi 0003:17EF:6085.008B: parse failed
[ 1031.594415][  T301] hid-rmi: probe of 0003:17EF:6085.008B failed with error -22
[ 1031.605907][  T301] usb 5-1: USB disconnect, device number 19
[ 1032.040520][T16952] loop1: detected capacity change from 0 to 40427
[ 1032.156199][T16952] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1032.169667][T16952] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1032.305666][T16952] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1032.350215][T16955] loop3: detected capacity change from 0 to 40427
[ 1032.385025][T16952] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1032.394250][T16952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1032.425590][T16955] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1032.445059][T16965] loop0: detected capacity change from 0 to 1024
[ 1032.455662][T16955] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1032.520806][T16955] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1032.543000][T16965] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1033.275377][T16955] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1033.295632][T16955] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1033.715915][T16921] attempt to access beyond end of device
[ 1033.715915][T16921] loop3: rw=2049, want=45104, limit=40427
[ 1033.864827][  T365] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[ 1034.244378][T16985] loop1: detected capacity change from 0 to 40427
[ 1034.252543][T16991] loop3: detected capacity change from 0 to 512
[ 1034.314947][  T365] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1034.323789][  T365] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1034.335051][  T365] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1034.350796][T16991] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1034.361644][T16991] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[ 1034.371621][T16985] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1034.388429][T16985] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1034.398966][T16985] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1034.428598][T16985] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1034.435542][T16985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1034.544888][  T365] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1034.553917][  T365] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1034.566872][  T365] usb 1-1: Product: syz
[ 1034.612817][  T365] usb 1-1: Manufacturer: syz
[ 1034.672617][  T365] usb 1-1: SerialNumber: syz
[ 1035.003938][T16981] UDC core: couldn't find an available UDC or it's busy: -16
[ 1035.023649][T16981] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1035.057561][T15606] attempt to access beyond end of device
[ 1035.057561][T15606] loop1: rw=2049, want=45104, limit=40427
[ 1035.204912][  T365] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1035.216270][  T365] usb 1-1: found format II with max.bitrate = 0, frame size=2
[ 1035.230728][  T365] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1035.267650][  T365] usb 1-1: USB disconnect, device number 31
[ 1035.303054][   T30] kauditd_printk_skb: 103 callbacks suppressed
[ 1035.303070][   T30] audit: type=1400 audit(1729708185.849:804): avc:  denied  { bind } for  pid=17012 comm="syz.3.3308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1035.345023][T17017] loop1: detected capacity change from 0 to 256
[ 1035.364401][   T30] audit: type=1400 audit(1729708185.879:805): avc:  denied  { listen } for  pid=17012 comm="syz.3.3308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1035.404432][   T30] audit: type=1400 audit(1729708185.909:806): avc:  denied  { create } for  pid=17015 comm="syz.3.3311" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1035.427848][T17017] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[ 1035.507309][T17011] loop2: detected capacity change from 0 to 40427
[ 1035.510520][T17021] loop4: detected capacity change from 0 to 4096
[ 1035.545336][T17021] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1035.554000][T17021] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,grpquota,nombcache,user_xattr,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[ 1035.572207][   T30] audit: type=1400 audit(1729708186.119:807): avc:  denied  { setopt } for  pid=17020 comm="syz.4.3313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1035.593698][T17011] F2FS-fs (loop2): Invalid SB checksum offset: 0
[ 1035.604439][T17011] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1035.616709][   T30] audit: type=1400 audit(1729708186.169:808): avc:  denied  { unmount } for  pid=15631 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1035.620894][T17011] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1035.668807][T17011] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1035.678921][T17011] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1035.693305][T17038] loop4: detected capacity change from 0 to 512
[ 1035.713136][T17041] loop0: detected capacity change from 0 to 256
[ 1035.738375][T17038] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1035.741141][T17041] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[ 1035.749891][T17038] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1035.768090][T17038] EXT4-fs (loop4): #blocks per group too big: 536870912
[ 1035.794887][ T9429] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1036.010120][T17045] loop0: detected capacity change from 0 to 512
[ 1036.122392][T17045] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3321: invalid block
[ 1036.195782][T15579] attempt to access beyond end of device
[ 1036.195782][T15579] loop2: rw=2049, want=45104, limit=40427
[ 1036.200507][T17045] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.3321: invalid indirect mapped block 4294967295 (level 1)
[ 1036.222703][T17045] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.3321: invalid indirect mapped block 4294967295 (level 1)
[ 1036.238213][T17045] EXT4-fs (loop0): 2 truncates cleaned up
[ 1036.243889][T17045] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1036.254870][ T9429] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1036.325864][ T9429] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1036.520301][ T9429] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1036.574158][ T9429] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1036.600098][ T9429] usb 2-1: SerialNumber: syz
[ 1037.024062][T17063] loop2: detected capacity change from 0 to 256
[ 1037.032934][T17065] loop4: detected capacity change from 0 to 16
[ 1037.134234][T17065] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1037.149530][T17063] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc5de6174, utbl_chksum : 0xe619d30d)
[ 1037.149975][ T9429] usb 2-1: 0:2 : does not exist
[ 1037.172475][ T9429] usb 2-1: USB disconnect, device number 39
[ 1037.233480][T17070] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 63 (only 8 groups)
[ 1038.113283][T17072] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1038.123290][T17072] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -47 in[61, 4035] out[1851]
[ 1038.135938][T17072] erofs: (device loop4): z_erofs_readpage: failed to read, err [-117]
[ 1038.234802][   T30] audit: type=1400 audit(1729708188.779:809): avc:  denied  { setattr } for  pid=17062 comm="syz.2.3323" name="file1" dev="loop2" ino=1048663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1038.243164][T17075] loop3: detected capacity change from 0 to 1024
[ 1038.322096][T17079] loop1: detected capacity change from 0 to 4096
[ 1038.334858][   T30] audit: type=1400 audit(1729708188.879:810): avc:  denied  { mount } for  pid=17076 comm="syz.0.3330" name="/" dev="configfs" ino=13921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1038.358473][T17075] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[ 1038.392660][T17081] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1038.394920][T17079] EXT4-fs (loop1): Ignoring removed nobh option
[ 1038.414174][T17075] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1038.426454][   T30] audit: type=1400 audit(1729708188.879:811): avc:  denied  { setattr } for  pid=17076 comm="syz.0.3330" name="/" dev="configfs" ino=13921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1038.428561][T17075] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,errors=remount-ro,dioread_nolock,max_dir_size_kb=0x0000000000000009,nomblk_io_submit,data_err=abort,max_dir_size_kb=0x0000000000000000,. Quota mode: writeback.
[ 1038.452800][T17086] loop0: detected capacity change from 0 to 512
[ 1038.487816][   T30] audit: type=1400 audit(1729708188.919:812): avc:  denied  { unmount } for  pid=15631 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1038.509459][T17089] loop4: detected capacity change from 0 to 256
[ 1038.513704][T17090] loop2: detected capacity change from 0 to 1024
[ 1038.515575][T17079] EXT4-fs (loop1): mounted filesystem without journal. Opts: noinit_itable,nobh,i_version,,errors=continue. Quota mode: writeback.
[ 1038.566124][T17090] EXT4-fs (loop2): Ignoring removed bh option
[ 1038.573617][T17086] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1038.588464][T17089] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1038.623984][T17094] loop3: detected capacity change from 0 to 2048
[ 1038.642294][T17086] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.3336: invalid indirect mapped block 4294967295 (level 0)
[ 1038.666521][T17086] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.3336: invalid indirect mapped block 4294967295 (level 1)
[ 1038.687230][T17090] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c118, mo2=0002]
[ 1038.690986][T17086] EXT4-fs (loop0): 1 orphan inode deleted
[ 1038.704528][T17090] System zones: 0-1, 3-12
[ 1038.708129][T17086] EXT4-fs (loop0): 1 truncate cleaned up
[ 1038.709790][T17090] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,nobarrier,barrier=0x0000000000000000,norecovery,bh,lazytime,nodelalloc,acl,debug,,errors=continue. Quota mode: none.
[ 1038.717111][T17086] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=ignore,max_batch_time=0x0000000000000001,debug_want_extra_isize=0x000000000000006e,block_validity,block_validity,init_itable=0x0000000000010000,nolazytime,,errors=continue. Quota mode: none.
[ 1038.733979][T17094] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1038.797813][T17103] cgroup: name respecified
[ 1038.853377][T17110] loop0: detected capacity change from 0 to 256
[ 1038.861804][T17110] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 1039.714840][  T301] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1039.778582][   T30] audit: type=1400 audit(1729708190.309:813): avc:  denied  { setopt } for  pid=17121 comm="syz.3.3345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1039.889130][T17145] loop1: detected capacity change from 0 to 128
[ 1039.908306][T17147] loop0: detected capacity change from 0 to 16
[ 1039.935529][T17147] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1039.999371][T17145] EXT4-fs (loop1): Ignoring removed orlov option
[ 1040.025158][T17150] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3356'.
[ 1040.044882][  T301] usb 5-1: Using ep0 maxpacket: 32
[ 1040.405026][   T48] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1040.410521][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1040.410534][   T30] audit: type=1400 audit(1729708190.959:816): avc:  denied  { write } for  pid=17133 comm="syz.3.3352" path="socket:[61821]" dev="sockfs" ino=61821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1040.456958][T17145] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,journal_ioprio=0x0000000000000002,orlov,,errors=continue. Quota mode: none.
[ 1040.522629][T17145] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1040.593470][  T301] usb 5-1: config 1 has an invalid interface number: 182 but max is 0
[ 1040.601518][  T301] usb 5-1: config 1 has no interface number 0
[ 1040.607607][  T301] usb 5-1: config 1 interface 182 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 32
[ 1040.610027][   T30] audit: type=1400 audit(1729708191.159:817): avc:  denied  { setattr } for  pid=17142 comm="syz.1.3355" path="/59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1040.617348][  T301] usb 5-1: config 1 interface 182 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1040.617370][  T301] usb 5-1: config 1 interface 182 altsetting 0 bulk endpoint 0xB has invalid maxpacket 16
[ 1040.617390][  T301] usb 5-1: config 1 interface 182 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1040.712493][T17160] loop0: detected capacity change from 0 to 512
[ 1040.770034][T17160] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[ 1040.780602][  T301] usb 5-1: New USB device found, idVendor=2100, idProduct=9e56, bcdDevice=9c.e0
[ 1040.802821][T17160] EXT4-fs (loop0): 1 truncate cleaned up
[ 1040.808356][T17160] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,resgid=0x000000000000ee00,init_itable,noload,minixdf,usrjquota=,,errors=continue. Quota mode: none.
[ 1040.831241][   T30] audit: type=1400 audit(1729708191.379:818): avc:  denied  { watch watch_reads } for  pid=17159 comm="syz.0.3358" path="/66/file0/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1040.840747][  T301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.868591][   T30] audit: type=1326 audit(1729708191.409:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17175 comm="syz.1.3363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1040.896512][   T30] audit: type=1326 audit(1729708191.409:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17175 comm="syz.1.3363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1040.912040][  T301] usb 5-1: Product: syz
[ 1040.921616][   T30] audit: type=1326 audit(1729708191.419:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17175 comm="syz.1.3363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1040.946948][   T30] audit: type=1326 audit(1729708191.419:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17175 comm="syz.1.3363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efec1aa4ff9 code=0x7ffc0000
[ 1040.995153][T17193] loop2: detected capacity change from 0 to 512
[ 1041.027397][  T301] usb 5-1: Manufacturer: syz
[ 1041.031812][  T301] usb 5-1: SerialNumber: syz
[ 1041.055463][T17193] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[ 1041.066064][T17193] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1041.072388][T17193] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:510: comm syz.2.3369: Block bitmap for bg 0 marked uninitialized
[ 1041.083587][T17100] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1041.086260][T17160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3358'.
[ 1041.101033][T17193] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6185: Corrupt filesystem
[ 1041.110155][T17193] EXT4-fs (loop2): 1 orphan inode deleted
[ 1041.115789][T17193] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1041.121071][T17100] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1041.135528][  T301] ftdi_sio 5-1:1.182: FTDI USB Serial Device converter detected
[ 1041.148654][   T30] audit: type=1400 audit(1729708191.699:823): avc:  denied  { rmdir } for  pid=15631 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1041.149551][  T301] usb 5-1: Detected FT-X
[ 1041.173527][   T30] audit: type=1400 audit(1729708191.699:824): avc:  denied  { unlink } for  pid=15631 comm="syz-executor" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1041.175423][  T301] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 2
[ 1041.216223][   T30] audit: type=1400 audit(1729708191.759:825): avc:  denied  { unlink } for  pid=15631 comm="syz-executor" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1041.222988][T17200] input: syz1 as /devices/virtual/input/input357
[ 1041.337954][T17207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3374'.
[ 1041.368842][T17100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3339'.
[ 1041.379729][T17100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3339'.
[ 1041.390621][T17100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3339'.
[ 1041.495709][  T301] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1041.514868][  T301] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1041.534816][  T301] ftdi_sio 5-1:1.182: GPIO initialisation failed: -71
[ 1041.542049][  T301] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1041.558431][  T301] usb 5-1: USB disconnect, device number 20
[ 1041.569048][  T301] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1041.580116][  T301] ftdi_sio 5-1:1.182: device disconnected
[ 1041.934873][   T60] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 1041.951957][T17220] loop1: detected capacity change from 0 to 512
[ 1041.995445][T17220] EXT4-fs (loop1): Ignoring removed nobh option
[ 1042.001619][T17220] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1042.013056][T17220] EXT4-fs (loop1): 1 truncate cleaned up
[ 1042.018529][T17220] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[ 1042.072415][T17225] loop4: detected capacity change from 0 to 2048
[ 1042.123905][T17225] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1042.184782][   T60] usb 4-1: Using ep0 maxpacket: 16
[ 1042.225471][  T451] tipc: Left network mode
[ 1042.274670][T17237] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #18: block 116: comm syz.4.3381: lblock 4 mapped to illegal pblock 116 (length 1)
[ 1042.289063][T17237] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #18: block 116: comm syz.4.3381: lblock 4 mapped to illegal pblock 116 (length 1)
[ 1042.308005][T17242] netlink: 1328 bytes leftover after parsing attributes in process `syz.0.3387'.
[ 1042.344813][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1042.355553][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.365043][   T60] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1042.377658][   T60] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1042.386476][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.395441][   T60] usb 4-1: config 0 descriptor??
[ 1042.444787][  T301] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1042.745309][  T451] device bridge_slave_1 left promiscuous mode
[ 1042.751256][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1042.758500][  T451] device bridge_slave_0 left promiscuous mode
[ 1042.764398][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.772057][  T451] device veth1_macvtap left promiscuous mode
[ 1042.777913][  T451] device veth0_vlan left promiscuous mode
[ 1042.804816][  T301] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1042.813763][  T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.822064][  T301] usb 2-1: config 0 descriptor??
[ 1042.875727][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.883116][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.890170][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.900225][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.903253][T14892] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[ 1042.907281][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.923044][T14892] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[ 1042.928494][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.949197][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.949426][T14892] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5834: Out of memory
[ 1042.956380][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.965266][T14892] EXT4-fs error (device loop4): ext4_dirty_inode:6038: inode #18: comm syz-executor: mark_inode_dirty error
[ 1042.972221][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1042.990429][   T60] microsoft 0003:045E:07DA.008C: unknown main item tag 0x0
[ 1043.000691][   T60] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.008C/input/input358
[ 1043.014996][   T60] microsoft 0003:045E:07DA.008C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1043.084247][  T301] usb 4-1: USB disconnect, device number 38
[ 1043.125610][  T451] tipc: Left network mode
[ 1043.202320][T17249] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1043.209181][T17249] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.216588][T17249] device bridge_slave_0 entered promiscuous mode
[ 1043.223469][T17249] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1043.230336][T17249] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.238002][T17249] device bridge_slave_1 entered promiscuous mode
[ 1043.300211][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1043.307623][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1043.328153][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1043.336291][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1043.344221][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1043.351062][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1043.359887][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1043.368211][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1043.376335][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1043.383157][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1043.390635][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1043.398630][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1043.414689][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1043.423203][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1043.433938][T17249] device veth0_vlan entered promiscuous mode
[ 1043.440998][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1043.448938][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1043.457206][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1043.471371][T17249] device veth1_macvtap entered promiscuous mode
[ 1043.478374][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1043.490088][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1043.509656][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1043.685565][  T451] device bridge_slave_1 left promiscuous mode
[ 1043.691616][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.699001][  T451] device bridge_slave_0 left promiscuous mode
[ 1043.705034][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.713140][  T451] device veth1_macvtap left promiscuous mode
[ 1043.719073][  T451] device veth0_vlan left promiscuous mode
[ 1043.742294][T17260] loop4: detected capacity change from 0 to 256
[ 1043.778369][T17260] FAT-fs (loop4): Directory bread(block 64) failed
[ 1043.788448][T17260] FAT-fs (loop4): Directory bread(block 65) failed
[ 1043.798187][T17260] FAT-fs (loop4): Directory bread(block 66) failed
[ 1043.804527][T17260] FAT-fs (loop4): Directory bread(block 67) failed
[ 1043.812490][T17260] FAT-fs (loop4): Directory bread(block 68) failed
[ 1043.818964][T17260] FAT-fs (loop4): Directory bread(block 69) failed
[ 1043.825475][T17260] FAT-fs (loop4): Directory bread(block 70) failed
[ 1043.831815][T17260] FAT-fs (loop4): Directory bread(block 71) failed
[ 1043.838422][T17260] FAT-fs (loop4): Directory bread(block 72) failed
[ 1043.845009][T17260] FAT-fs (loop4): Directory bread(block 73) failed
[ 1044.804781][T11603] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1045.178992][  T301] usb 2-1: USB disconnect, device number 40
[ 1045.204797][T11603] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1045.214670][T11603] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1045.223481][T11603] usb 1-1: New USB device found, idVendor=1a34, idProduct=0f02, bcdDevice= 0.00
[ 1045.232455][T11603] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1045.240956][T11603] usb 1-1: config 0 descriptor??
[ 1045.296459][T17276] loop4: detected capacity change from 0 to 256
[ 1045.302150][T17278] loop1: detected capacity change from 0 to 16
[ 1045.383231][T17280] loop3: detected capacity change from 0 to 512
[ 1045.389415][T17278] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1045.405872][T17280] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1045.412470][T17280] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[ 1045.420715][T17280] EXT4-fs (loop3): 1 truncate cleaned up
[ 1045.426253][T17280] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,grpid,max_dir_size_kb=0x0000000000000001,barrier,test_dummy_encryption,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 1046.211669][T17287] loop1: detected capacity change from 0 to 1024
[ 1046.265898][T17287] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1046.276288][T17287] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038 (0x7fffffff)
[ 1046.545063][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1046.545079][   T30] audit: type=1400 audit(1729708197.099:832): avc:  denied  { read } for  pid=17288 comm="syz.4.3400" name="usbmon7" dev="devtmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1046.545933][T17284] UDC core: couldn't find an available UDC or it's busy: -16
[ 1046.551272][   T30] audit: type=1400 audit(1729708197.099:833): avc:  denied  { open } for  pid=17288 comm="syz.4.3400" path="/dev/usbmon7" dev="devtmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1046.582738][T17284] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1046.605197][   T30] audit: type=1400 audit(1729708197.119:834): avc:  denied  { append } for  pid=17288 comm="syz.4.3400" name="001" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1047.218247][T17303] loop1: detected capacity change from 0 to 256
[ 1047.218604][T17300] loop3: detected capacity change from 0 to 128
[ 1047.238778][   T30] audit: type=1400 audit(1729708197.789:835): avc:  denied  { map } for  pid=17299 comm="syz.3.3402" path="/23/file0/bus" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1047.266199][T17300]  loop3: p1 p2
[ 1047.272038][T17300] loop3: p2 size 511 extends beyond EOD, truncated
[ 1047.288828][T16921] VFS: Lookup of '.  ' in vfat loop3 would have caused loop
[ 1047.296258][T16921] VFS: Lookup of '.  ' in vfat loop3 would have caused loop
[ 1047.460754][   T30] audit: type=1400 audit(1729708198.009:836): avc:  denied  { getopt } for  pid=17307 comm="syz.1.3404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1047.490260][T17311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.497290][T17311] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1047.504380][T17311] device bridge_slave_0 entered promiscuous mode
[ 1047.511184][T17311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.518197][T17311] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1047.526648][T17311] device bridge_slave_1 entered promiscuous mode
[ 1047.626171][  T301] usb 1-1: USB disconnect, device number 32
[ 1047.674950][   T60] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1047.758813][T17311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.765667][T17311] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1047.772723][T17311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.779554][T17311] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.847234][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1047.856570][ T5753] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1047.863890][ T5753] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1047.878351][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1047.887679][ T5753] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.894522][ T5753] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.903891][  T451] device bridge_slave_1 left promiscuous mode
[ 1047.910028][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1047.914786][   T60] usb 5-1: Using ep0 maxpacket: 16
[ 1047.923117][  T451] device bridge_slave_0 left promiscuous mode
[ 1047.929330][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1047.939364][  T451] device veth1_macvtap left promiscuous mode
[ 1047.945309][  T451] device veth0_vlan left promiscuous mode
[ 1048.035387][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1048.046297][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1048.059027][   T60] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1048.067930][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.079115][   T60] usb 5-1: config 0 descriptor??
[ 1048.097362][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1048.105801][ T5753] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1048.112637][ T5753] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1048.140014][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1048.153205][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1048.187880][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1048.209201][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1048.217653][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1048.225583][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1048.236308][T17311] device veth0_vlan entered promiscuous mode
[ 1048.259995][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1048.269338][T17311] device veth1_macvtap entered promiscuous mode
[ 1048.290761][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1048.307446][ T5753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1048.555518][   T60] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0
[ 1048.562553][   T60] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0
[ 1048.569617][   T60] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0
[ 1048.576622][   T60] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0
[ 1048.583645][   T60] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0
[ 1048.591253][   T60] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.008D/input/input359
[ 1048.665829][   T60] microsoft 0003:045E:07DA.008D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[ 1048.956496][   T60] usb 5-1: USB disconnect, device number 21
[ 1049.934590][T17336] loop3: detected capacity change from 0 to 2048
[ 1049.944181][   T30] audit: type=1326 audit(1729708200.489:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17335 comm="syz.4.3412" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98db029ff9 code=0x0
[ 1049.969927][   T30] audit: type=1400 audit(1729708200.509:838): avc:  denied  { nlmsg_write } for  pid=17338 comm="syz.1.3410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1049.996153][T17336] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1051.614725][   T60] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1051.984758][   T60] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1052.164757][   T60] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1052.173595][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1052.181428][   T60] usb 5-1: Product: syz
[ 1052.185404][   T60] usb 5-1: Manufacturer: syz
[ 1052.189823][   T60] usb 5-1: SerialNumber: syz
[ 1052.853332][T17365] loop3: detected capacity change from 0 to 16
[ 1052.880063][T17362] loop1: detected capacity change from 0 to 8192
[ 1052.905121][T17365] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1052.965495][T17362] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1052.980751][   T30] audit: type=1400 audit(1729708203.519:839): avc:  denied  { mounton } for  pid=17360 comm="syz.1.3419" path="/74/file2/file0" dev="loop1" ino=1048682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[ 1052.980802][T17362] 9pnet: Could not find request transport: xen
[ 1053.013477][T17362] fuse: Unknown parameter 'fd0x0000000000000007'
[ 1053.014764][   T30] audit: type=1400 audit(1729708203.549:840): avc:  denied  { watch } for  pid=17360 comm="syz.1.3419" path="/74/file2" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[ 1053.041450][   T30] audit: type=1400 audit(1729708203.549:841): avc:  denied  { setopt } for  pid=17360 comm="syz.1.3419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1053.604758][   T60] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1053.610998][   T60] cdc_ncm 5-1:1.0: dwNtbInMaxSize=178 is too small. Using 2048
[ 1053.618394][   T60] cdc_ncm 5-1:1.0: setting rx_max = 2048
[ 1053.814726][   T60] cdc_ncm 5-1:1.0: setting tx_max = 40
[ 1053.821260][   T60] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42
[ 1053.832664][   T60] usb 5-1: USB disconnect, device number 22
[ 1053.838843][   T60] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM
[ 1053.839454][   T30] audit: type=1400 audit(1729708204.379:842): avc:  denied  { read } for  pid=139 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[ 1054.529261][T17381] loop1: detected capacity change from 0 to 512
[ 1054.676667][T17381] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[ 1054.683833][T17381] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1054.696431][T17381] EXT4-fs (loop1): 1 truncate cleaned up
[ 1054.701864][T17381] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,usrjquota=,data=journal,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 1056.217495][T17394] loop0: detected capacity change from 0 to 128
[ 1056.251075][T17391] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1056.271755][T17394] incfs: ino conflict with backing FS 1
[ 1058.029151][T17408] fuse: Unknown parameter '00000000000000000000'
[ 1059.943925][T17422] loop3: detected capacity change from 0 to 256
[ 1060.245925][T17426] loop4: detected capacity change from 0 to 128
[ 1060.305088][T17426] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1060.315802][T17426] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038 (0x7fffffff)
[ 1060.480417][T17421] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1060.512604][T17421] kvm: pic: non byte read
[ 1060.519457][T17421] kvm: pic: level sensitive irq not supported
[ 1060.520249][T17421] kvm: pic: non byte read
[ 1060.532410][T17421] kvm: pic: level sensitive irq not supported
[ 1060.532804][T17421] kvm: pic: non byte read
SYZFAIL: mmap of output file failed
want 0x1b31020000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b31220000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b31520000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b31720000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b31920000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b32420000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b32b20000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b33420000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2c120000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2ce20000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2d520000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2e320000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2ef20000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2fe20000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b30b20000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b31520000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b32820000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b33420000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2c220000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of output file failed
want 0x1b2d720000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: repeatedly failed to execute the program
proc=2 req=3386 state=1 status=67 (errno 9: Bad file descriptor)
[ 1061.948505][T17438] loop4: detected capacity change from 0 to 512
[ 1062.020148][T17439] bridge0: port 3(syz_tun) entered disabled state
[ 1062.031046][T17439] device syz_tun left promiscuous mode
[ 1062.036814][T17439] bridge0: port 3(syz_tun) entered disabled state
[ 1063.005784][  T451] device bridge_slave_1 left promiscuous mode
[ 1063.011702][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1063.018953][  T451] device bridge_slave_0 left promiscuous mode
[ 1063.024944][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1063.032390][  T451] device veth1_macvtap left promiscuous mode
[ 1063.038234][  T451] device veth0_vlan left promiscuous mode
[ 1063.647481][  T451] tipc: Left network mode
[ 1063.651820][  T451] tipc: Left network mode
[ 1064.525406][  T451] device bridge_slave_1 left promiscuous mode
[ 1064.531366][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.538656][  T451] device bridge_slave_0 left promiscuous mode
[ 1064.544557][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.552172][  T451] device bridge_slave_1 left promiscuous mode
[ 1064.558135][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.565338][  T451] device bridge_slave_0 left promiscuous mode
[ 1064.571231][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.578929][  T451] device bridge_slave_1 left promiscuous mode
[ 1064.584861][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.591988][  T451] device bridge_slave_0 left promiscuous mode
[ 1064.597982][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.605799][  T451] device veth1_macvtap left promiscuous mode
[ 1064.611585][  T451] device veth0_vlan left promiscuous mode
[ 1064.617495][  T451] device veth1_macvtap left promiscuous mode
[ 1064.623287][  T451] device veth0_vlan left promiscuous mode
[ 1064.629049][  T451] device veth1_macvtap left promiscuous mode
[ 1064.634869][  T451] device veth0_vlan left promiscuous mode