last executing test programs:

2m50.057789402s ago: executing program 32 (id=128):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000014d564b00f5ff00af"])

2m47.146440676s ago: executing program 33 (id=238):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

2m42.064092652s ago: executing program 34 (id=396):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x5000aea5, &(0x7f0000000080)=ANY=[])

2m34.001517513s ago: executing program 35 (id=633):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000300)=""/73, 0x49)
getdents64(r1, &(0x7f0000000f80)=""/4107, 0x100b)

2m33.178504027s ago: executing program 36 (id=658):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0x101, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x2404c801, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x21)
getpeername$inet6(r0, 0x0, 0x0)

1m46.704575592s ago: executing program 37 (id=1759):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'erspan0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1m39.875023976s ago: executing program 38 (id=1612):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @remote}, 0x4}}, 0x26)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x14}}, 0x0)

1m25.410466429s ago: executing program 4 (id=2145):
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0))
clock_gettime(0x0, &(0x7f00000008c0)={<r1=>0x0, <r2=>0x0})
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{r1, r2+10000000}, {0x0, 0x9}}, 0x0)

1m25.394472159s ago: executing program 4 (id=2146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
pause()

1m24.878124562s ago: executing program 2 (id=2156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x9)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000b00)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000400)={0x1c}, 0xdb}}, 0x0)

1m24.857561901s ago: executing program 2 (id=2157):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])

1m24.791199552s ago: executing program 2 (id=2158):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r2, 0x0, 0x0}, 0x20)

1m24.783650662s ago: executing program 2 (id=2159):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000280)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000240)='./file0\x00')

1m24.776658382s ago: executing program 2 (id=2160):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {@barrier}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nogrpid}, {@noauto_da_alloc}, {@mblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")

1m24.669924492s ago: executing program 2 (id=2161):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
unshare(0x22020400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000006700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mm_page_alloc\x00', r1}, 0x10)
syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=")

1m24.669752782s ago: executing program 39 (id=2161):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
unshare(0x22020400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000006700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mm_page_alloc\x00', r1}, 0x10)
syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=")

1m24.550849953s ago: executing program 4 (id=2163):
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

1m24.465598874s ago: executing program 4 (id=2164):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0x1)

1m24.441323604s ago: executing program 4 (id=2165):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0xd, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_x_policy={0x2, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@private1, @in6=@private1}}, @sadb_lifetime={0x4, 0x4}]}, 0xc0}}, 0x0)

1m24.283812704s ago: executing program 4 (id=2168):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1e03ac024d8c71ef288563"], 0x2b6)

1m24.283573144s ago: executing program 40 (id=2168):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1e03ac024d8c71ef288563"], 0x2b6)

59.639051459s ago: executing program 6 (id=2813):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x1, 0x0, 0x0)

59.615878969s ago: executing program 6 (id=2815):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x1, &(0x7f0000000000)="4feb", 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @remote}, @timestamp_reply}}}}, 0x0)

59.598855099s ago: executing program 6 (id=2816):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}, 0x2, 0x3}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r2, 0x8004745a, &(0x7f0000005280))

59.546438859s ago: executing program 6 (id=2818):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000001c0)={[{@errors_remount}, {@nodiscard}, {@auto_da_alloc}, {@nojournal_checksum}, {@stripe={'stripe', 0x3d, 0x7b}}, {@orlov}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ptrace(0x10, r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}}, 0x0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

59.51715182s ago: executing program 6 (id=2819):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000240)=""/33, 0x21)
getdents(r1, 0xfffffffffffffffd, 0x58)

59.39227546s ago: executing program 6 (id=2822):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
getpeername(r0, 0x0, 0x0)

59.39201035s ago: executing program 41 (id=2822):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
getpeername(r0, 0x0, 0x0)

9.87541681s ago: executing program 0 (id=3904):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa004}, 0x4)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)

9.86877435s ago: executing program 0 (id=3905):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
listen(0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'macsec0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x20}}, 0x0)

9.81938693s ago: executing program 0 (id=3906):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000e00)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8.738489716s ago: executing program 1 (id=3910):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions'], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008100)="58785f58471eb4b5b3ff3946acaad41068511507291e72541d949ffc8a54ff637ccef1fe8511899ea7f3c82cbc6539763a34f6760c1608c911801ca672e62708ba4fc023749076ff6a0daba0caa57000acbd9ecf5e97201f7f14e715bc8c089c3d65e92fd65dedb76d61715067ccf6dfec2b56a48f2b274b564d90c3d868f2bdc07b7e636ad78904bca826fa69b7783e7be2b8e7c997b99225467747875695f6d500cb82b479fe9486bb94e06f796f89906bbfccc964830f86986760ade90c3f7a9dde3172a5124c1889075ad30b5ee2a5f257a6ac790a8e89b247ccbc8d241b7b95f8fc649deffc1bc37d51a8c3dfae38ac968eb48695de38df941f9632ef9ad6779e41ccea8a3ff1cac4fa4b47a152a8f9a1bb0094f41580bbf60fa11cfaf2c535a12c866e9414ee9b58226fbdb0d221e1bdc50e3fa300351364f6350030383856f1f809aee19f337f3d3435ae6754916be1eec24643cec1bd1007ffa38418735988cc901603895f66bd6450d54f99e1246ded898499d2a447f899c00368ce1dd4a4f4cf9cdf7d4f8b38dcb98a598ac490f1086ec712b0cb94610abfdb25b0f6947b46e1dd628897ab68445568578049fa6140250a5d821d70f102fadc2fa273a6e486f250712ec847de3b02a121e19775311e8629045f3404bdfa3207aecdac43c3571b86a9423bd716aa67cb688f9ee4f2b14ea42c89f2766c78fd4ec41ab34eebb4256e885bd7e3abe4348772993bb630aa3397084bbc66cdad664d6a9d33767cc375a44dbc0b08931053a6780a796fd31e1d7c512599f9e010883a52c07ec0938ce1acb3fe3baac6af9fb7e9d7942662e41bd3626d240d5ed34ebcbcc0ccf1c3280c76fbf6cdfb04bdb2d3b4ec6a8961b1eb036b211eff6247b95039cc67d222f2ff122340c56d74b4fffa79a202144bb10ad766f1fd6b32abc3e09213da84b36698e5c67dbd76342baf2fdbd26e9563dadd01fce19d7ec025d05d0494e53229379d13c1cae48ec058cff0bc1ccdc94a74b11a9bc87c580bb6a3f45fe15d15d89bf6102dc1085bfe27b2ab462aaf642b8ceed519cf88b31e9e00fdc23e8f6967a72b4c38b2458656dbf26dd75586731bb519a97d0ff43f4358cd40c7ed371ae8a24f46e320d4c4c0a1b8c42f10908a1c283d8032d76f52d4509d78c2f3a0716c37bc0c786ce9174a88d468e88a6d154e4712778aecded0ca5de28e52c04e33672ecea5135438e908aa1bf00e65ba6dacc4bd018b7bb1c30aa5d9acc679220cb5e7207f1759bd7722d10469225aae24973031a21358532a63aab42f33b1f8f40d545fec7799703ba067592b34247fbc7375acdcb3883ace7d34cf33484f2cf662f3f0e18b5c475ae311fb20f6e6b85320b2bc37e56512dc27815b37bfd9f172be1a119197eb53b535c440fd7f24724e1d466309c0f8556965bd02d75c3dbe2baa0c6a515db07af1f77306577d0b38f0aa8cb188cf5523368951b8210f4bfc6afa0d058ad84656d27a46faef225e6268396ecb54a5182591bff3a86792db5454e238afe7c26eae85fd3c1c060760d89223bbdbe8966ae2558f47d799839cd959c974b69ad262cf8ab4fee554288e767ede9bc5d7f0cfba05966ef7858e41db363122680abe978345d45e4b52b73fe9f52ad26371a5b0539d88aa0c572aa01a41b079dde5a14e031ad903629d06c8d85ad82828c25a9ba7ce0fef2316eb011643e47feca7d280833f8b3008841fb2d88ea84df65b03aa5baaa29d6234ed5db8db461fc5df77aad38690277cd5dac1ed3c23c9f2778295578561f9a4d31159a826b4b62b2a867e6e8a9514edddaacad22106880e6633fb2f3b17c8d10bec633d6128489f7253b3e3e38e5942743ddd1547dfab27a152549f61891e3a5ad17f733b042f7ef915ad7423b9719fee9142407fe1d10ec8b64a21cd24fd39de4496ca3f394f07149bdbf1393181b5afee090ff40ee31d34a9c6a113e3823fac425fa85e212de1a9f7c4937ba64f3327961fccf85e6fa29be12de9589671d60d4658b1562ce7dedcde8ec79d265c13f5e197b66989c3f067d2801fcd78bb92b45e55fb4089a7cd3b179284af782ae0327ba56fc307a281772384448ee465dccefe41be8d75c8cd0eb5c0217d7ca706848f9b82500b77c2d838cbd536304556af87d3b6fb9183b5dc9cf2d0f7ecbb24d9f790151b9c6092dfb2c14decbe6448362cd7c13515f66a99c37b56134d12e8c7f1a5b75e14e47f84d8658f0b65ea91014e2e4fd361f03dbf8ca509d426ca1bba7e43ce918268393ff16b17d9e1bb49fb2b4f6eeb8b4b226c79303b19412a55b7ea7c8774ccebd8d66abe117a8be9a3c4faea730902136df57aff991b59dd71610ba4c8e1cded8287c21c56526f4fb6c502ea73ae310d56640990b3e695b278de6e1eebd51108cf7547c0e457e5fdf59691baf080dd3f5dc3c9a10bd4cc5e10ba42d4d3d9dc4f7ebe0bd2981a1d6fb06f7457dca1e56fac3f0fa7ca19ec2fb7940ee837e960d93a73bf085eaa2888fe3025aadd33cae85d63273be6ae3a92e35d78602d8e23b9460f04b7c0e0e710d10fdb0dd3fa9b880865603500d81dc7e968e8046569830b526e441f25f8b0af47d524aa80fd7dd9c3f72facec2032e2c06bc33c6b739c5368bf54e32b6acdca9d2d14276a8348ae92bfbd60f6aceecf98f3c6fe70747499b25667a96c52e21236421b27deafbc6b5e2b8a4ea2a0d3cd5ee1a10f3153b529b5c04a1961223a943842e17ee0cd114ce6983536400fc40f3d4708436954803fd60caf2b5ed7e4ce90bc75385e2424191c6a5038fa15d99aade49fa1affe63fb73078a6bb4ee560b0b521aeb33f507bdf876829f4d3f695197468e41503a10870a8e6df800608ac33dfdecc03f64d03fb6180287a684063c7edfc8db1366f6bb502fe446085f6acc4741b273a0b736f0f55da28967390bc7434db54ad0da9d1d002ceaa5c3e53efa95e7aaa792db32501a072e669da29fb734d771a6fa8c753fb2fcc204e31d668992473e7937fcf751bc79b125db1725f2a495bd2a4207e4db8d44810a4db5113705c5cb8733866ade3375d1bdbcb965cbd927e7d285f2933bf037911959088b64cfac0ff1e39244f2e9416653ed87ec564eb686af1062354a8bd7034c1022cb0d0b6996762ef4a0a3ab4f3deb459f023a867a38fcad2a10fcf0872862b386ff7c5ea7ce13abb112d1f0ed0723870eccc76d16f7e3cc00e28945bb93d9f2bd8e2017993102f0824867ec141f20df951202a2ab1cd796516ca0b4fdd9e6de8b82fcd30f9ab85cf0a5547e1ad1ef1ad5be7a878a16864d7c06b4ae002f3ba485a9bb36b8a591ecb64a4a5c0fd3b4beb015f58ea4cfe190f3b46cc4d9108d10c52a9de859814edac575d2a3d937a9b31db049e70aa76c085ab63d61c1317205c228f7027fa39125de8fec40ed7982e36a7cfa9fedca30f0b692bd4c7794f6b56d69ada1fed168cf03cc57321fe37e3a8cea4bd093e87b657fe5acb13d2591bebb52898362ddf0335810c70a4838faf8fff16301d16707eaa38e52f913f8aa3e27b2387ca1a217ac69966e287ad5cb0286535d5d00b7006661dbc7923a066945c1a2040a4e95d7b0de4dc8217bf1d4e9b6cccc671fdd9a5770c21e749b407df8c463a3bf17e47bfcba6a890a0435d3fbb7252fe072b149b7bfeb185b088686dd70e0c9cda275497b553aff2b319f7d7b0ed64002c5f9f6ccfc3d55d8c908d314487452f37a650f4561326a84c660b6111702a87db03595b5d080c60288203f091de9f78b997e47233f4bab9b044a98ab118a6c45b7ca746cc2fb90182a923d67216412e24a955c0c2307acc47bdd319955249d8412a5ccf444437f53f524c69ba0167c920f0c1f775cd1a225636200a9e4adf61f418d20f717339d0c8c5386af0936f628cc589a8d5581c1c8cad0b564a3f38b606473280a3fa586a5ba932fd38eeb23096df29a92ab54c409f88ef4f03217f0bb90fea539e629d8a025c802f6b5c3d735fe950c8ff7136e6db287851dfbffea1ef81491a50cb75a103367e85afa3484d6af865dfbca91dc05632b0d94aa384ee0c585424a5ddf80babe0b913b0a2eedda34c7ea7814642a69f8eae868274b16fe0f52fb60b201e6685dad3f419413d5b8186992855a25ffe0d4773a14c7977181a120cbc42af4f9acca3fee1d54ccc125ea49b62ab60c58a0ecdf50ee7c16f3b6b12b254fc08fcc85d409eef7c3f30cf705617f926a17e6588a9fd7e34be9fd863a7b157a2d9a336356d568c2d2dbaf76c2d2b2ff8703748b860e36f02b04d6e4f2fd49511f12ce395dc18622cd51948a32cc432cd797d8a68838cebbbdd9bcb6f2e85719785706012e894cb043bb9a53998131fd4aae3321d81fc001e718c4a99c0580af1d4a0c81665cc5adcf337c8bc00fc0fb3c7be0d5e5ff6a6fae5891858eafedbed69223170ccc71ce36ae439d769c3520972601fbab93f54808d6950cb7cf1e5a3b32d8c6a975e3adccca0b2ee28a4eb5ca3b0ceb9d31a8f767c3f4486a62215171738007675a55abf5916513f7eb9b21ff291f2b4b48bbfcf394cf861fe016b3680be422a8bff49963ce096d1bc17186822b1392e68b1a05fa6c70bd2d9a164f12301a6e78caa8f4cd43749704829f54c5d93637aeef80794d3f206741363e74fa181c9f1dc47557553de620794f096c59ccd74a178f5adb466ad5a62fffc1886f56ebceca4ed46ed2396bcbc31160b4eb1b7d69642e33315e3adbdbe1b9794931e7babf745ecfca37dd4190013793d530df12d6521bc069a05a94e0ffe91900a0c2209a6914d2f85bd161ff77284198129a9b1ba600bda3e52769d39c1bd61c4a70c627c3ad89aa0bdf0c93a2c35e166da9a08b4d2f92deacb6e9034274305b6d254c4052868ba32bec9aa3cec75debe24e78e43374efffe444722a983935f9007fe3de37dd83c52be16e034d09592a179275dd0c91281be579cd19c0162123886893713f25cdae19cf258926bf2070741111eee6b3df708c3fc416b7d046c948bf8500779c0cd5460e640bb1f860f58052b8087e6eb2f16e48f4984c9f9fc9fb2652ac5305861ece5362db08ae912ba055af766da1322057d0bfa647d98b8d4f1e7ed43ecdf1050c0eb19dae93b8014da57241cdab4ffacf0ec1348d4a89b3e8ff187098d83d8eba34e5c7ad4215f1977968a9d337d08fd1188754e7cf41baf0189ccaa5f3b1005f807b0255ce1920ca7d919e4684af70c3d089a99922727c607a2b06e713dd61122842a913036f6cd64dfb313fbdf639fcbd712852bb85337d056685b0a54225ae27e1e8c7ce5acd1f017b8f712c268b9cc0ee26d26c63955df0591f52ef3ef5e6f0a8b0a40fccec5f945431a2e81c35720d178feb481092e4f51978493c5fd502f252bc0152f145f268ead14932990069169483ecc7abc901657460c8730715c078b61059bd2621f50fb838376e0b808a3f118f761efea45bbac4274016960063cc67c428e72e516685552dc3bf473e442d76f2d3ed07b319694490054302a538b52e3b8496b7e37fbf4a2ffff2b484f98fdb14c66ecb8447834733f8a7a5a3c83de34b6647842dd56d8201f9d9240f3b3a5b5cbccf174a08853d06fd164fe74e04608ae12df8a35b73517d22a87c7ebca60942932d03102ff7e8644611b5520b5ebce950945498ce19210c866e48284d18fb7e049deaa43ee5283e3dfad7316ba85490e93182d13efe7ba64ee5ceeaabcff3eb24d46a3a129dd5a6b82e8c48210cb1e6564833f3e15dda4dec383b4319741cebf6374cf2c5d64722afccf7c4e2d81ae28d45f2c35b764281f1f08fec8f8e9277277ae1ae8a8981f85e041d2450afc9374e978f73b66da9aadb2087223f28e21e946eb07710ec86cdcad0948d4ca93827ea34e28806d172c3feb83471ed2d4d7ada2360b209d16b9d35861082d85b6be3c3589a6bdaf6f9b5d52ac8fd7388e32b24f1d5d34b5442c1ceebde311decd709f075d064f07bc60ab14c101ef51039eed56ae1e0a374e3e956603737b3a16db684a81e9b8998a0bb9b17a0876a92b2a3b9924f44b16ae4c7ff376ea8a8c91b504c1dbeb522cf846fc3ec6b9a01f452eeb35cade34c6a0463b92c46e013ee7906ee934141870ddd1464ae688805933504a2dc7cb1f947e28bf22f5eea6afb5de3b950056bf44065b84fd5589385d0feec4ef1db4fb4b595957130e575dc383e3686f4674143debb23e17b398f32683fb4805f297369d0e5f2e63af6891491e4e37186b4a3dffbbdcfff63d1fea4e12d24ef96fde3ed7a323a3605cdf5eaa43da738004556c2c20aa30c40079bc2e9ebe102c1fcf5259f1e3acc6b2a2bc9da4d0b1252433c58a1810581152a235e93deabf7f728eace350bcc4db4f249d4234bbd858c4e61a0eda4e3db0ae530c78eb63425502d651fd0cb986341ba69c44ede18eb3ebf25b2336cdda02447a9e20426d8206368c63b5fd6828612d3b99f627e331bab0009579de8270c36aa03861c300d34f2a3703870712325190073e6c17d8699f6744acb1b5468f93b57ab0366796181a4f543511d7ea2b32606c33cda61e81ed1c2194d305be47a3f1a9145d023620af12e79ec188573526ec35b9ce44e95fdb3530bd0431dd12a227d0ffe317cda1bbd787979261d6c9cf728b3d6bec3ba6ae15a595a30fc242bc5f25d837c1c642219afcfe043bb68a82965574b8b2139789235b262cf4af95a538e6954acf8e27ac3c95328df6e4bd615a376cd96bbc9e0d9802fbb40f80a848225e076219e26e0e63f57330b8bda69ec8dbd8b3272798cbfbb085b1885a1c22b3e2df2a879020ac1110b7af4f53ac97f556596ba0e164df0c85842026a87cf9631c9c9d851549efd8ca37e3b863e88436d5da5f4d3b5b5528e2d08d92b0d3ac6a06a0699653718e93a25b5afe254a068e300751eb6c67e3f5a1813d58d428f1ec108b88ec81444ccb50e8452941510c11f2e80bfd712f64b32b686c92ce922baf6c8eed1e9f0717a654d53b3ce1001880de80b5b15362b20286db9dfdf6c41f48aae84d5ab12ac45310f0eefc56e54113bcf95c1b2a259895af2ae9c679de4e2b898bf8a40a199a2059f8248c1303351dca3fb38906a682f66a94ee6ae6eafa7144758fabbaa60debd6eaaee7b2f1051781084b3c9d626263d011a3daf971b708750a77614753b89b5e1a77a52510ced5708083fb48c554dfd6aacfcf97650f3a3b3f97566050e76da968d4eceb83bc1e005ed1596d6e0ec5e2c90231e62496d7435ec5b28f805e3b7aefdd3718e4ff53065b8e4b15175d80eec59218d8278e711c6049bf6d62ae7069578e957135463d7616b37c1e4bf44d60dac6c7aa04cbbc4a64bb0cc0b059abb6b26f8ed5203232ddd8a6c5882e6e6c53068a71bc84c5834104e85bc96db2163798a3881929248b8c788e5bdc9e46e5f7f3f6ad43fad6fa381a0b924bd938702470b330fb90ba73d557c0d203d55edaed6e3a01aeb53b061dad57713ab27e1a9e0d06b534a65d85beb061bb5258bbb38179ea612a6f402affb8ca018ebf0d6f61d44d5a657c080c7d2dbc9b08c07713b17b0f173ada59b57abb401212f4f1fa026491b48d08cf46a704ab43e46de8ea596d68658523b61a156278b3b77bd1f4491381bfd874ed72b00675fd5b4b7c0ec13c6837434ba8e22230d32e7bb1287e488e14f5c5602cd4ca88012b244c7f23f4897e27027aa862ca139bc8b5fe14be7554832ab02e4ba19699a1e66825d94c7c44451062819a38d3376f0a3716b210c7adf4bfbbc303058aa2e054b3bd53539764f177b11b05451705550f90196997de3d1d480e500cd9d234078cb1a09c63d8911381d327402702c2765fe92b8ba3a0189b2b11b7460996c36eaae3ecb4f4e63bfafd7953ff086dfc0b12e616bbdca4707631467b830d244bd3f4371744bc8a4baac728a397818875d1b6a4a2f0d10be607122a6fe813f52e4456b8a5eb6c9ee0cf889f777a03cc26a055f9f259cfc4f8552b568a4b371260af062619dfb215ecfe7b318f8d627d2777bd5103d6ca2948d19d5812112962b63c2bf3d090ff19185dbc5ad49a580451de717c0baa288cd96669babe88a8b1ab6d0936c4c407878786695f46f59ef06c5c2166b661542c598b6e0551d490946182841184a7a0e669c6ccd73a342f65c4525dc7522dccab15fa72bd07588b5bca71635b9466ca72a504c74cca1c573e8d40d83d1b5c5326481ff8a2055a2e0fb997fe8e4787deaa2a8a57afe74a971e7f1f280895f2fc9d99c41416adef7b70ec47e7a12d0ca3c0ab1dba3c2d65bb172fde1fcd7f97692d3d8c9657e3277ce95947d59bf37dde3f35f7a5d76575f5c14caf7f0926c0896995a5f42efd0d38c42de202bea5b5db39bf697f9a96b54aefec723db523893186634763e7399bfa8029c2708dc817984528601c77a1d78bd4b2c85f10f5ca9363badcdab51a1b315cafa5c2ef64f60395f53efb9d60d89e1b2a5f147508c90d2b09476eee3cb9b5957669a77cd2c522909480dea9be3406d1779ffe4539f2e03efb5f8c2d040f0ea776ff869a36862246294d0ced556a129ef78327617052dc1ef5cfb4e5986ba2f0e063b90e1657d8977b58827a3c4e3d556eb3cf0540685f7c9eda461aa2ecc539fec3d2d56be99a518f11752f2be2f670c5fbe8010ac4eae0ede31c1a48f747ff2eac9fc069d3700a40bf5fcda80a3a4f5fa920f117a72de6da51195d2d7f0cc92ff7835bce2ba6b564832f582df56b24cf30c8297a826a4bbfe0afeb1da3e986b3d0a95509e0037d212a70178ecb246061e067238ea9238e4c4a9a7c6fc5dcba290970f50c52598423336c523f2de7580d059fb53934cb0beb208585e897fafeba30853e54badefa197478fe6b9f26ed0d33babb53acee7b7221d8e0cad7a6bd0d9383ced6391bf88ca7aa50c75c136075e87b92445f02fbbc92f7cb65fe2bbe0bf0c9fc2577da63a56f1efbeb276c1f4d01da6f6f7a842212d96dd45edcd2aee7f2c553ace15eb9336bb1804ec252998c5c8b25033894b05c01ce7c77b73ec0e239478c67d5378fe5a53fe6269025d54006e9bb1cbd09b81a39615517c609f3d74e377888f641587121f0f097b48d8be85800295ebab9407978a9cd379966577cb6e1f5261e4305696a2cdd50d8cb1964d3ae18ec730d40f9c782533efba47db8378c6aa15ce85985e211fff2659729599802a7b585cbef3a2762595f67e2054a0fb4457b146e7a656abb2c4b2387d760f7e5b8b7864132317d5ba29a662f50af8dc182d2fbe216db8e997ac856bc59855ca48999699cd6c5576cc47bf8a8c30638c7e08847e5083aa82068940409461d1065c2b53292d3ab145d5bb590bcd278e48ebd34920b18a2e1731c1855ae5a3ed637ff568d205a08cf98c58f5d79c99912e6c1ab257ece0d68ef13d69a56364419aac7df43f43d5faa9ad851c9810648f9050012e55475109ca3ada3452b78a7964377e0d862e022c73ca3ed6cee8c5fbb2d7c12f91c4851fea7c5b02e0a3c5364b7fcca110f20f8858465c498d7e9c6049417fc5c7d4e0059852a6d794af426e938a401cf43b2ba9f4f3f6f0f2eb710ecf3c0c36c4b3072597f805eca9cb14602292ec7d5601e6b1555c8d024aa4bb81a4cff98cb03725cb184ea7dbed6814106a1402bf68a2e51660af930a500d5530651a0dbf2fdc01a31a99be25350b5c8a5fe01155343d028c03e09009ef2c386a24eba8d842cac581402c8faec7dca1623afe25a230d8d4a8bd23df3cf12abedc2a50e387285acf1b3105011a2bdefb204a53b20be213b50f5244511f25852271e05c03fb9a799ac7ea675ffbde8de181368748a9707674e7e70f28a75e4036b6cf9e0693f91a65be4478b6630067ad8dae030a4b7b9784a206b2f7cfeeefc65aae11fc20190f4d6387bab05fa6e17f0bfbfb0c4f604878771aeace0676d12325e61b19a5317c4d4bb9fe6f3fc8b171f1116528b7cbcc4a91c26a729b512196828075f4d0aeac98887e2a6a19b4e1f1f66233962961c0d49df14c3e6123c9ec8dd7152ad045000107365fd5ed7ce6a6d65ae0736a7e227f77c9b0903d4589ac58ceb691583cdb93ae3fc792c886663cb7c5b0640deb66e29b3c69d2f1a3d1d47d7b672ee3c49e90bd406aa84a0189808924c4e67c5495b045e779c58ca65b42889f52d7315c66be3716dc8592b4875629cd0cb02c29d42bdf9ca5c16bc9051c2a6c09d0695bfba58c19a995838c022e9936c407d8999aa65e4a9d6d8eff99f8dcfac9b561375b6d1293441b9d32533161062c053c63ef09f6100cd748700a710f5bfc2a6297b15242b1f41e21bd004b885d6429a0d334a8c115f7d53d278dad24c9d295b97c50eb340d1e6d523f1757e2014c1605c3bd35f0cfdb74f79850423a37e2f95dfe41c56df09724d21065377f1818311f0c70aaf6fb2d4fc8d9eef576136617371d85481770ce9c390859eacfebba34e75a238ce80bcccadd6c42e8e186be3c15451131fbe9e345c05ab8e23f917d269686a9b5f06dd474f95757b9e5a3328416595539cbdfa69efa9702e5a268b1a70c6e5ff2c118a6e574bfecf17b1576e4f20fee566b0b2b5388476a68562991ac01412fa463b0f9e586ad4bde59e91a4b303268b5d8644cb7996cfbba422facd59875ed6ac057e563412255c412be0928a0b6fdb6f35d7008b5d5528ca796a4a69bd90b993a52da9c7d62f4b71a2763f822bb39f3ed39cc5ad5a4d51b5c27d31d105000f3f1e705ed5c42067106f3fe6d30151021bcab7f3a1ad9175b3d3644325aa676b9e057bf9d9aa3348b1d9b31bd639c59bb63f46a6c18794ae006db3b1ee20368160a82e26aee5a9fdc6b44df8be294f3ac0a1275e57ebf5e384b141ce89dd51aaf2248274468894645ba54bc4e6b9788b1eb5043c1f0dffe2e13c6179d0238d8cd037b6fe3e484445ab458fa09e4e8010d3288aa6e6cdbfba4b62c7984d058da8993d5de1df75a1ce8e3bd5875709fd2ede4cd5843e7102ed4031ed096a0c6e3ae9d522ad95ef4af83599507dd32fe3325819cdd7718c9797e921e6e365175e1dd53991edcd2baf27df8b1670d01967e97b3e3e75d297f908deedf2e3b91bd61973e8aa75a5a6f9db11525dd35556bbd13873602a320af74677832f93bd01f1e0631c882c8ab254a26b73a60a6c90cf9b96bd576e05b9befbce882c5d29198451bd15acaa894a5276ea9d870f49a33ee9d2429ef35a905b281deb75be54fa0c9e47be5876d7dce01986f2d0e7ae6df9b87a0ba6cfa55cec0c65dd386db5adc427eac18a00c9aded475417add4ebb8880ef3dd218a9ec3e6e13456f8de1630774e918fe5288dbaec3dd2a74698ec9e28ad573761b9e78af3d5c7a61e3eefc1a54c25bb841529b3fc9137836a2e7eff5ffae8e44f0257160da51ec0b3d144b92f1f43d2782513705baf5930903602d40cb4de87feca7243d2248a78a5d684e303ae147acc96e0b755eea77092b5f6efa723afc8a4240c75529dfe1c2fb75aa42d67e6b6c9a44c575738725815a9af1ced5", 0x2000, &(0x7f0000000340)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x5040a, 0x7fff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
syz_fuse_handle_req(r0, &(0x7f0000002080)="6d797d42fb74562ec642068eb410c60f8cdc42cf09864b1dd1d244ec3ecfb9103306a02bd120cd2c684eee7cd734914ad7ec2bdd4402eeab7a2972f1672f126c4b5f6c5ff748548170bdf1020c2c3d09186940feb185436981cd578c3a2bdc19c16209468100cc1d67247885420cbc0ea004f07283bc4a5cf8499ad5ef4df93b2fa2eb26895ed9260cc61afbc766adadf7809b3a8f76d9f835acae2dac8abc42896374a6a82a8894552441bd0202daa10048b49d3bc74bba1e5258ab8ac5169facb96d9f68705a7709f6d9a66a9988c13d13a2b8b34d9f234e1c5fae79e4cb76ff3102184ed9032d2402087dcb3eff6bfac7bc4d2fdc9ea25f5289d52ed75ffcd83a2781eb4a23fdd078d1e53495305e3ed5bb4e060e89d6eb2b13586f7f5df32e34390d70f074b4f92c4624312698d86578f3d951021db151806fc314c98d819604d8d9572efc7dd71c0d1a9176ffbd48361908e927e03caa4c1ccc805fe755e616d983442660299e9dd34e5612eff964a45d613a832a0ef8e4410fcdb0313712795b369c08f907c91a4f20e5c18ff903e0ee410d77bc076f49debfd6e411104cace38e0318023527d1c54cec66790638c9ee70c29de0406b3483ca1663245edcda56dc9612e93f40f19cbde5cabb8816d7b75a266e404a8e5364d43c08cf5cc645b533c4b6fe349819c5374fac7a923a7a803ab138c873aee3718921043a60a0ce84df8b991dfa525f0955acbc866182f2409d032981ad824f037ef068501f955898c4500049f0b30014832e3b668f5873305ebd1e094f244caa90610be83a5f674decf451a82d9edca6664da89cad8dc212943828570fb365b41993f89c6d36c579157c4055a77eb1dad1dc466e743129e5e3098f4432fbe289111e102223ff04d02e8108b0925ce76118445efa09233e579f398ab373303c0bb64ff82ddb597040e58a61f82cc5614beaec13ed297a8daa9514468283037e5d0077c9803b69421070718fba4865e4b9c6d7d272c562cc4dd998e16fe288dac68b0bdf05eb2a02fd40b900944d10a94f2b3be9b6c6dc628044aa9eaf34e0474771c10bef03f6af2029643acc1e97efa0748cfca63aa9546bbfa6d7533c4dab0b931ac35b331aef91a80d5ea08ba35cf66e1779298d3338114c12f024970d12af8d67f9b165c15a8b7e37c14c2d512dca76cf6077e2011bb47cc993f3088027b2d53daca574e8b443fddf5c252788854be8aec357db43f2147f23061641d2910a4a503a3a9ca86b3656d37d443e5e4207bb38b6e8879bf3de21309eb90113ccaa75e1d1e0900efc17aecd35078b8f3d579d2d4fb576127278290d6a9ea379e22dcc4ad369d3405311efbc74702020d6cdb31267c2e4dfc6a34bf39c9db32da7f387760909843fbd02e9e291e838fcd8faac4c9ad909cc19440bb775070496ef69250f4cf90372c0f1835dacd4d605a69334d73b1228cce41fe3c6457a37531bbab6d8b15a8214ff3002d29016932de969f05ed64b720ad249b8164ea82fde08303277e7d5f0d3e86bd6021024bdb1d24afe3ae28cece041943db60034fa11c3b6ec7b09c117b086fa4016e68e46678a7c5e91c40d2866295247276109a8778b043b51ffe3ec33dbb665806cf6ca41e7143885b6ca920fd8caf475ddcc698a09d368c721f048efe9e0d372d9cc58deba32f81e7e7f6d53209050d72545bbf04356ea95c9bcec3b8b87f56963111c5454b30a12b8479afc26361a7e00a66c03aae8ebc3348ac2e9b0f52453a32efa9b8ec038e671122dc2965d3b7395051974088f4aa47a76327a0dffce6db0a2cd65e2da5539fd7673911d5605cadf30d85563a60afd58767b6adc549173818de01b0de192894a76bc4e62d8c9e341729e6ef37574cf63c27674081202b8ab9cb9d92d346b1c2dadb253532c1674b2440504f8430c0a2ae5829b016af877831ecce9b13743e821436a6c1c46a1176922dbf2721d9722edf72817f8d15fa5c7ecad046df91bb57b8d16244527c855a40403ddf1757c31361c8bec9b5701b5c10a1e96547fa2c93e03f264a366a96666e24d7f908f6fa4c3f26722961e70adfc4ccd413c2c05adeda400de500babfb80a4e4ae5e9e04444c55f006337c0a98c33f04ae0a6620a1acbc26b5c7d125c30ca542c64604a109c6022029da452a717b219456cca6bc9959f088a5f2360c390b531baf92ae2429a2d0b6c7a20c137a3a0050ae2216b871c03c56410d28472d1035bb870f94589b93ceb57a504bba5acb7a6f77699fc10ea96d8e8fb913ca78c0af33a8435344b71531207344d78ac349894aab972c1b471d52b266bbe4313ef2ba71e7a4680ff442a358699c1e18322dfd50c55b637b6e6d5f02fa61b0e8ae4ef7cbb6359f70028a6b60fe901b2ad97a62b5d527efaf5ebe23fccd80d80e02eabb1be14d40faac8a56b4785fe47c8ff4ac4ad7fcef2134b1ec599074dd45d2b7a5c45845787e0490d9d7db95b58b18f14ae6ccc39623ba0fdf64c8d027f1e7652cc90e82732d4292f4ab0f959a44ff906484fcf83e222088345541ba2b1c50b63711d8adb63c8556452c142de8a06f4b28a86f629cc1dc713dcddcfebc8b1420a603fb970ddaedfc82250637327beb5c0ad04947477bc9aec0914cd78cbf5060e4ef7806b3443c85dbe79b8e87807b1a8d141583998c412d89c23dca4aa16af321dead51a12a73be98bd8ebb4d58b3ccd2d67ec936f2596afff2ba4166015aa4cc6c433acf33df30e3d40a0d6468944a07d1f9eba1bb9eb03dbfb42ba790dc1e7f66ad1834fad94440bffe3879509120b6a5cd1890281bf0f4c2d1be00fbe6b2d09ebdf594110f2bda035262d4830dbe64aa3152612df991a6fe1d035e0b301cf527d74140c85ad79acc001fd2ddb3f283c21e8d253c6c4685584f753e01aae2dee4158c68e2e612f056eb602ad8199d84784e05b363292956247d1fd8e4201330d6060d66e10e316143015908554e5325550d61b8af87a92237edd75cf687919ed0164de95042cbcfe96b9102fe3b71f43bbb1fc24d9d2d0d81dad29ac18cce353ca7c4a7c32e12e451654addc5dc6a44d001c40913eaaf14dacab7037a68e9875ae51321d1852820794206fcc1cdd51443d5e3fcd1dc4dbf728d1ed8dc29437db0154c2f59d1d0d0b0048cb56ad965682afeda337b172cf6a77be36ab8424b919e493628846bbf485d5fefd73228e40295fa2070027f6f2ed565024b82d1058a1be0d0c364b765f2a58f382e378692d1ca4fc7f09f867ed4684dd82dd4c76e0e640f5f87d1c6c2fafdb733f1cef6572cb5e104ae9c94d26c81cbc9a5fd8fbe61ddbdc683b7f4030132b932abf0d66afafc9a9d3121f0ed962a14294bf0ba7b1d33d7808efa427b5531cd881b5c87ec159bc9557009d9762010a497ad52b57283cde9715b48a3e35a22aec3730a0cb476a59f438684346ce0c14f22d5f1e5826d3f670e9ef60f6dd51a11fd32eed673b9d0a12d8eeb8046b96c51cfc54c21b2c48c4a89273963b8345b01159f53f6b6589333afd871875b930d7a4e2e1f5dfb44157ca004a739b0e98562c83b1d8414220f677f2882ef6ab1039fc5f132d7f55046d0c9545033624338e2ca6bdfcdd9d78306818c6214f524a7d036c80b5506f97fe383c1cae3c73dd2a0c628bff47d13dc7d9f88a3c1bb84ccbcb82fd881c6f5e9aa7516bec86fd6bee49f4db3bbf468922f1ef37c499b011e36173edc0ccb92d13dda668cf88bb99649e606fee23d3d3bc1fcbdfb40c7d4a4a60b89c63e65d02a283137561ccacd0c71cf70c6f039ebd1d29cd58571fa07d74187a7931d3d8b7db3062594b696b0e11a587724440bd77aa01fbe26a031a4c3f16ef3ba7f7544d01e8b7dd0b74f3025fe54cd01be16ee80ab0cd7c56671390f2e9bd62b212cf3ff58da7207846bacf85858130a89a2cb45da85b3ee574e8bb43c6642a3060b6f07228951aeab0fe4f4099b86bf07ec39262acca7319df3d5d057baa794234b89eccf36da5d32e4a5283386a0a271be30f75917ffd9f6d96eb8b50a7f6a0b861c5d12a624f3630a18e3bc94eb58bc835cef0a1b77952df6443cc12f221fb8460f4862f382abe13b409056644ec46fde96e1992e79ec0acdf3066f77bbcd6cf1a24d9b49ce84bd3bc58cd898da801d6b1ab12fd7cecc29894b98d616ccff855116a8985653ca88722dc00aed777dfe1839251be42716824dc0c40b6548319f613faffb2f1900a1f563724b0dcb7aa694110d268e945747d860d4bcaba7837342e3d7f207547ba8c093e8d2a1a5e3e098d19343de5fa773642cfb1a2e49f98df7e13254787cc35b2d689db16e551917c0db1034b175d1f4647c35c4cfe8a871cc7983b052050be9d24ed6e6f70d9d4b7cdebc9ba7a761b8c5f2207761a6fe9db5d4ac975dbe398ae05ed180f028037f2d9684dd3b28135e150db8a8adc6c34d0cca2cb95e6babf8702f26062d0ff0f88fc915caee5597a006e211c61f6fa4ca685e79655af85cb3489f94cd9836af4b80cd20ed23ed8f3f4107814407715b471354c5274595963b00482f3723ca88f4eee346c78bd29d65899163d848c9844991e976ff817120a13ce40aab11632b6fdd9d00acb82a5ac7769a0a7ed5d30ae077bf393f5de5b12114e4d1a32c7297bc5e14b673c78cc675b097d56f7a35c3206b1584996972153e2446465492528e0565718252139e1cf500f05a0ca529d58f5b91fa9bb2822c21248a7a8a92d0a7be5f4d249087176c7c23e27d72bd232fca3f7b36970daf2ccd64be4a798a6c30a068fbae324b4c158715949b37c3942f0eee35b90d2fe9d322420917532f6dceaf8633f4f9618f099ece4186e1adc1323b827c984ba54c887b462e169867c2e063fb60b7906434ef362200559e4d02413667dde0c6111750995824c316305f2ddfa3035ee09fdbc28c7f3c095f5a4382ce033746394a37b4d8a61ae8c7270d3863df7382a4786d7bed9543538166dfd01d122a384a7a3de7958c0272a35856f175fa29ee100d2a0f3a6dacbbe8702cf7e8d307ac0cc7921539a371a1c2e7f834db5a903069c07ff562fee851ac9cc3f2f045146db26b13401258733c67d820d06aa068b789300ac90481f84725311544e9a2363f2ce502c02c100bb41e18a103c79bd2bf14f6b52290fa60d978c284f927829b5027ae0ea842efb3450a8ddcabf0eaff6a6a8300de389e78cee73bd8de9a2809e346ff6c79dceca4277eee4b0dae1a3e1740f306044d6e67a5783e665f9637a8f8154f9ebecf95f48146c750826fccebbb1bef247666a710cd71dcf3ac3aa9d0bcbd4c4ad432bba642366e4a3b12981901358ee1d7babbb7e10737cbd8a1c159d8dd9dd521c48d2911ebb8162b51ea32185c37097c299c0e477914b49d04cabf5033a5a3660f829ce4dfb2f821e6cb19ce37df64f79eca0649ea8c6b41c6c5d08fb1dae021314609946310c833d08d46c026ddc5dbb7ac62f1123be2004729daa8156ee12bdde9529c7498c8d1a3fd59aa07b9ab7870c4e57b2f54dcc26edd206b28870cf346d741b46bcb508a5f9805ed63c6cb03a9334abfea33626b0681e59b1cecb02202c3190260b8e2963ee84d9a6b5e6be99cbf6a17e4a11e154c2a50d625ef1fd4690cb8e030e46e07c891e6db43626525d464302c44dbf65f71a485f9ea05c347b870bf63fddeaaa2336d9eca1d4c56e8a2734287f0f8a185bd8e3165a681175d1ee9d24f48c9182fd40179ea3d128c0b43c4e2c85eeefa4c932fcaf9297488a3d44e602477d94193410728a0ef0f6730e64b8cfb3e2235c6241d1252196f943d9eb9b2ce70f8c5cf21394875081f56ceb6749a8bfa43e0e545fbc6903b63c55b67ba1e064a682d58fb7117eab5407d1c998aa53a0ca190b0a4aaaa657299cee41be166a7622789b81cff0e892ba87c6ff22f29ed512ebe40cf7306b7597607de5c1c6fb2980a03cc0c6f396ecc27b6b5a3fb0a3f3375fccc397527797f6d1e98f9a873882f85a4e5b11eea65cddb12b0cec9e531a3b5de958963e20d8a520aa71588aa3ab92186e64a710ef07debe3fce6313ea69fd5bd45ca3d50e5c98ac632d5479bc0763b05509ffca67158ad8665cb858e4a8eae29ae667cfa8e39dbd15ca03846298faf7169187feae6e84deaee4ae51cd2016a867b3d11c4e6ec3ae39aeb8c8ec36a885e475f3e1e47e1fa464ef9569aba053cd066907a112612de411a5be0868543116f32d0781323c744dfeef87601981afe063122bac14b9059a68d9f356e85ec04c2767cbe79e245d7916daf222b5134ce684f7dec8fc0630cc9aeb5fbc38dfd19628ece15342c941e52be8abf0d82ed7b0b4bf5e6184edcae53949ef5987fd7fc479fc9921f2f332ae68f5dde23a3dd0b4713c3d18913edd9ce59870f7d50fdf33f3d2e8e5045d35555b4db5f48946e1b8d8d682f0c2bdd2d0de6bfff349e5e826cfb2d18d7bb43347362f13f5e80619451527bf0d3cc617881ef718466bf2efcb5f1404c573df09e00a5c0d1648b04860ee20d9e79d4ebac94a35e0a4919b1ab0db9e9dbdce1324223850e2e137ebb0c0e1cd690a3c5c9f8576538cba5e3831e6ba56809644e389ee984df3ea8e4743d5d03619b713c984fe8b43c589b78715b9147384b5bb15af8898cd82b31aca722cbe7938f119251d9142f2661f09b49f99d8988c66198dfb9db7f225086bed1deffa78995a56f905a7ab978a9c557ea1ad306bc0cd1cd8e5acaec1e4430a42068adec4a73f891c8010f0271c38685ca66c36313d15ab5bb6948c089b1fccf7fbb340eb03446a9bcda34b2d14a11e09f71e799fda19dd85293e2b0e2ca3e68145b4ea5705592562962cc6c0b65c88d06067903716656a0a7742850b956b609740c913f54225ae18ffb46162d6a0c1dac8b6c59541c8ef6bfcfa87ad59cb0e8ef6ef1d7f739c0a56cf975f9cca9ee89bac15cae197d02fc72505d23ebc6153491adccd22262979d2909fb8abd25683894e5a776824b81598a833e339a582b9ce3f8d7ce59fc3147eb3e92751867ee9c3506692b25b2d7f38d97280e85c01bf6d71a602d039aec747620d33660a9d5c9cf4010d01f9cb86db4704872307942df56f04cf6c17e57612635e769218cc91da9e2de29aac4563d695a6ebe249c14ba5332b54150a291bec28417febc4c3efae9e14a0323e561dbc80e98bf71deccff5babbcdc8015ef7a86a52781a67a4915645cfb18379084c58110f1294b2e08a6994d1a3dd4fb79437a75cdb05f36a7b3fdb449c0cea5682d37e5b0217676ff7a383a19d48860476b23ccb66779093b0f6b5b6a1ff0cef503dadf5b67382b2a501d0c13d89eec496374f43fcfa751864330479e0d1f7aa0883c2aafbb5c21b06cbea3c8b515fb1f6d061e269c3de372dc48f0b1c0a935de648a0fc4a1a32ce6aaa8432240bbc977a0ece5fd60d92ba49f1443bfc83668e8251260a5b275098e4a072d44726b91d850bd9c2485cacbf2b33be73785421c2fb259b0c1c0955339713f75ca72b9bc56a7167d8a942015385eb4f1bc3e07b23a71779d043a4f420b0fd9e889d398c955f13542c811683636b71a2fb178e951e37ed5519146c5d61e697d1148458c2f224dc6911363edd1b4d30c5cb12d0e2fb035adc33656615c05266f32c2faf5144e24086c97816c87569feb1fd41775263999ff057d9832b872506aba01db7482251f65a74c66cc01b83056970f843ef58df0d89c44f9265d5bfb50c287f330795b30848341dd26683e5df82bfc1cd1a3f2df3dae99fc38edcc614b39c8a8fa6ada4b5dff08914a92b6a16b05f13bbdbdc5e9f14a08e827ee5f364ce115e12bce05122f0dea62d8dd41222fafa3c6bdecea63d3fbd0bfdef667d6ac12b6918273631bf0ec25da2783f06f77a9a0ef2490afe43f3e8b0f553c0c1078141ec0d8f426b1924bd464e4240cda50e9b8a97050360a617eb4f88baa158da8672572f641b20ab3bcbab3d38ff3c84c5c3bf309e26c8ba735503700028c0806c29e02d0a0ed73b9c5c2f2a39f57ee08b935e6e056f01733a12b08603987b14aa7fc542c65a0c03e278723127bced6ac65d2386cf847a73057d19795d5a7517e71d5e480b7380866a64da32fcd1158af9a82559898a7931535a4b75326e2769711ff857d180f16acf316130574fd37bdb658b877f06db42ab96641bc75e3d4ad7fdd9028072139dd3019b03aad32907debef345bcc57423ddfc94683884a00c5f864b8c2dd5af081fa970da251d3afc65dd360c661d8ee2ab58dc9060e2d98b39ae95bb89c319cc93c9e653bf9db205338dc5528c11a391137fe496d726f1407945b243a49a1f3a786047fc47d5e5074e0ec678f26f30cba747d50070c00323d16cff4b06089830931ca704d386140f9c201a5b50a116410be001135aeaf30d7918ccdaf35482659fbb2933e97f1a2e0fc20e6a610e37511d06d4cf931e54ce8f5ab5f688e460e3943bbbe6949a8b4ae309ee31330ece6cb9dfcae0035f3808b7295776ae7bdafffadb6113faac5cd966c2875abb7b20f1b298b48cb78c467f1be92cd3a9d0fd35b7720334274a53a6cbd041b85b6f8f9d622293f0e95a8835204de1faeb7fcdcc57fbdf0afc2e6422bc114355cb5bc979f1bf6d0fb6eb31ee98e06cdcaa1ac36ed3246d85cbdaf999da5d6a7187e8622e6d224c5549a2f2802691a08242ed44a47fc9ad627af949ec3ab5b191025ac75ee7746e2762b530a622a716edbf341e4f9e04fa5d3f77c78dcde06f3845f45c8c1954120ac5949da541882d99adbbca4b0e422e4364289ff1a903bfd1ee63faaa40ef43d3e54249909066e1727591a9632cc8440dcedf931a823e9b542d51aee43897bbbc1f652ae774c326e8400a3a6ab8d90a04e5724fb39c05875ce5afff0502bb6164bc65c107593c155da4b77f136a34c9ec39a4e70cdc4f7fec68245402b2c0fb508eac623ab41a184d3bebe5e9f24c6590c1fee571ed55a76b8554b12116a36101691397d532b46924e6ccb688ab52ffc44f8a670d542477ebd3756d6ef5373024d3f915c187a35feaf39b76453ff835f73862bad13f19e76d47c70122911431e5f71b05a9728631df66b162e708584e83349db1a68368a37cfb4e16c9987a956b3018f2f12c639bf90b5fb0f0560fa7c19887a9d12316dab9bb515cddbae2e9056a556919476b47546c0dae631a88eb8bb9da49879f56efd3d1b65d50bb01c8b4ddc20374877189915cc5824200dfac8f422364b7178f2e7799665b464ac9ec54ffd87fc8dc68e08ab178059ec02bff4ae3c683d0c96796765bdc188c1a4ef46cfa9e6376678245f8d0c907e83e6eb78ffb19e75534925b5b5bfa489fb9cd2c68f00a079c9b34dc45e76044bbfc87c75bbdc5ed0ea7ca0f249007be79116fefa74085f982f670f821ccd0bb14e1086b677f379fd1a1c96bbb4a7338e867d3f91f41b0a7eb2f1104c2ed1593691e601f2e045b3db1cac5dc0d3b302b54967558057e767c4a96f0355d97beace9fe05f0513629b2dd4e86e523d16d7e2e129264e1749b07c062d3a92d96fff5cc976855540eb441a3cef8fc59bf236c85e778b04e30fa807c3ea634af17f005fb55b55f082ca54fc154e6b9df95b951ab9612da7223efc8b63f4528dc3353a15988790d507d9fda18dc8c4adefebc12567e040fd49d2d571437bada1c08054f45545e5cb33c8db8e5b4f2d6735a7fad407fea2ac6e516016c186b7a9b5586650178b3c201eb4fcda3a22291c1f5d66557675dfc73b17edd463abd17a3ec0f1b28adeb4c294c3792c5d2665d504610d37de5dc68fa03e16243ebca169797205d2b24cd64cb1e37328530d68c9a279e36aa0c7f718831ac30607633eab2c9e1b8d6b78649a78fd573d07f0edc18d2f52da2213e2ad44a4bfb3a80ae71d8cf57a2ae2658999d542f7c46da5a30f0f4a82296d0c95e4c6f046db42a00d8631b120a64ee260bf4dbf29103d4e2233fed2ec9ae65fb109f212f967c34e0efb52f56a9a7ab4de472f9cdb0fbcd19fed42d80216c4c717e77a5e6a9118423e0a6dc9d2f3cef598fb9bed6b4e66b279ebbc265560a471d132a854ff230673e843338dcb1ae202c797cfa59dd18eb46e313f1b0dcafdb6518c1da6b08aa1c92bd433a0b65358356a8d03a454f96add1237380049b2567a24836b7bfbdfa58186f2e295e0911dcad6c5413fb36a6e637156291efc016e8513664d515d3ddba1d2c63fa6c5a3331c3cb2f5e2eaad83a75588aca785ada46973d8a2d89686a416720a8f98e1a1eaa8c95aa0bea1dad03ec69bc4bf8300a821f67db4e0c1aab57ef1d1e06880130f6ffe76297acc62879f60e03933666a0da462b7a6b584d28041a3fbafe9a08b7a4664c46b8d40ce4f31a14b122ad74cc4a003f591e019e23cf764795d4235cc8d491c58d3be78a781a708d9fda492306a5afa7c0a43f52f39cafc6a6abc850bbbfa6254fdfd5115727210e19ec8a8857c10a9e9d5cb3001c6e04132667a30a6528e8b59661b483e5365761ac0f5c61e339833b35fd8159875177ed2b78df49ef83b45584c4609562ed2e8bb9add69e88fc0774517a15575f0250d26ae8f6f138daba5311b492c986005bef123a6fc3c1912e378cae2b64e58542293489d5a0f8b582b089c1b05f3ad0aec776b9dcfc0feb1386a98b7e2e09671a73f0eca92364d7f6da861280815b71e48934bc3d321da07878290ec81d3c5c64b8d7f55c1d2e2713edbb5fef28bc36d02302b01c4c29e5df4a9692b41e8d9364e2e408c55b9b14d3ad93889a48787df0673c3df6ba3d9222ee348199aba478e2d398b1e4ae012ca19473b3454327e5bfefb3c56576b6a6c035466f7641464806e63d7086223395a58d886b0dbedd365ce840a6990f56d697605b7d0ac60809270e4e392e89413cc94cea1cb277c4aee023bf90ded9910c96eeead4c6a10ca17151c4966f84bea565746eab573e4295e564d41bc5a6cc9df38c3d7cbd4cd618bd9f292daf95472839fe71c1edc202b6b8b5b939250b089b0dc978397fbaa7533fcce0c4b2eed8ad47779aa4b21504307c7d15e0bcb01bb60e5bafabe66e4b689e4873a1067063e17ba7d647a9a047b1b4ef7350402653b564ae1b34b8597a2357891c90ca2af6b68b794680a0511279fd213eec48dfddba7cbeeb9f9335a0679b1e6db44f27b12d898575d157c2159a86f676df18858857582bffdc006d4732257ade5dde2d1b2cf316fe2a7c5b44505cc808eae5427c43d50e9b99f9317e437df2bc640351e3e8ac249c42f782d07886b6d8875c253ee0e489f1196fa604747586df87e18a893721e6cecfe61dd82daf9b3e4f1eb745c93402c121bb639c56b91bdc77262acfa55389ede1f092733d8a69ae759f82ceda537ffbf32b65138aa3e43e8883048eccf0929de8dee297c5eee97ac7633beae01198e1b00c11276502e7660cd1f59ac619200042656c6e9757b082d374c80182290845f1bc8f2589eaf96948f148ebe675ee7fdb83e32a18eade32f99cca160a4d3504c4bea9c82cfdfe1dd80fbda7c484f2c17c20eea", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x7, 0x0, 0x0, {0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x7, 0x0, 0x0, 0x4, 0x4009, 0x7, r1, r2, 0x0, 0xe}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
lstat(&(0x7f0000000500)='./file0/../file0\x00', &(0x7f0000000540))

7.89710936s ago: executing program 1 (id=3928):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000200))
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0xffff1000, 0x6000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000040))

7.86175715s ago: executing program 1 (id=3930):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x7d7, 0x0, "cd2cf7680800000100f200a0fc380e43c96d22"})

7.81788599s ago: executing program 1 (id=3933):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000280)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000240)='./file0\x00')

7.772084651s ago: executing program 1 (id=3934):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)

7.382497733s ago: executing program 1 (id=3938):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x613e, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000101c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @remote, 0x6}, 0x1c, 0x0}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvmmsg(r0, &(0x7f0000008140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/31, 0x1f}}], 0x1, 0x12141, 0x0)

7.382158753s ago: executing program 42 (id=3938):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x613e, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000101c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @remote, 0x6}, 0x1c, 0x0}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvmmsg(r0, &(0x7f0000008140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/31, 0x1f}}], 0x1, 0x12141, 0x0)

6.770086506s ago: executing program 0 (id=3941):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000040)='.\x00', r0, &(0x7f0000000580)='./file0\x00', 0x0)
move_mount(r0, &(0x7f0000000280)='./file0\x00', r0, &(0x7f0000000200)='.\x00', 0x65)

6.769592086s ago: executing program 0 (id=3942):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

6.626577757s ago: executing program 0 (id=3943):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000000480)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7fff, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x3}])
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)

6.626447677s ago: executing program 43 (id=3943):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000000480)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7fff, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x3}])
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)

5.497937402s ago: executing program 3 (id=3976):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000000010104000000000000000002000000240001801400018008000100ac1414bb08000200ac1414410c0002800500010000000000240002800c00028005000100000000001400018008000100e0000002080002"], 0x78}}, 0x0)

5.426588693s ago: executing program 3 (id=3977):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r2, 0x0, 0xfdef)

5.408061863s ago: executing program 3 (id=3978):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c00000008000905810300020000000904010000020d00000904010102020d0000090582"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

4.775529276s ago: executing program 9 (id=3986):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x42, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002480)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f00000000c0)={0x20, 0x21, 0x2, {0x2, 0x23}}, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x8, {[@local=@item_012={0x2, 0x2, 0x9, "5caa"}, @local=@item_4={0x3, 0x2, 0x9, "e37ac06a"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

2.840952776s ago: executing program 3 (id=3994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

2.831453716s ago: executing program 3 (id=3995):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60828bf700383a0000000000000000000000ffff00000000ff020000000000000000000000000001"], 0x0)

2.822921376s ago: executing program 3 (id=3996):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc517, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x7, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
keyctl$restrict_keyring(0xa, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.779366061s ago: executing program 8 (id=4017):
ioprio_set$pid(0x1, 0x0, 0x4007)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "fe94b89fc43c3328eae0cae1f5eba329e6f216"})
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

1.769076781s ago: executing program 8 (id=4018):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x800)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a000000000000d74619edc700000000000000004cbd302b0000000000fa000000000022", @ANYBLOB='$'], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)

1.761818601s ago: executing program 9 (id=4019):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000880)="0f060b79", 0x4}], 0x1, 0x0, 0x0, 0x2400c854}, 0x40)
recvmsg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/78, 0x4e}], 0x1, 0x0, 0xe}, 0x0)

1.746562541s ago: executing program 9 (id=4020):
r0 = socket$xdp(0x2c, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x16}]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='mm_page_alloc\x00', r1}, 0x54)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000240)=0x4, 0x4)

1.746190471s ago: executing program 8 (id=4021):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)

1.701627671s ago: executing program 8 (id=4022):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
io_setup(0x81, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r1, 0x1, &(0x7f0000002340)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r2, 0x0}])
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
close(r0)

1.620549682s ago: executing program 8 (id=4023):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xc1000470)
rmdir(&(0x7f0000000100)='./control\x00')

1.610642782s ago: executing program 8 (id=4024):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef171e7206de0179010109021200010000000009040000000206"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="0000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

862.520096ms ago: executing program 9 (id=4031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

862.335475ms ago: executing program 9 (id=4032):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r1, 0x0, 0xfe10, 0x20000800, &(0x7f0000000080)={0x2, 0x4e24, @private=0xa010101}, 0x10)

577.208177ms ago: executing program 7 (id=4035):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x14008, &(0x7f0000001200)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@noblock_validity}, {@noinit_itable}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
listxattr(&(0x7f0000001e80)='./file0\x00', 0x0, 0x2)

489.069097ms ago: executing program 7 (id=4036):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f00000003c0)={[{@fat=@fmask={'fmask', 0x3d, 0x6c2}}, {@numtail}, {@fat=@codepage={'codepage', 0x3d, '737'}}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@shortname_winnt}, {@shortname_mixed}, {@shortname_lower}, {@fat=@showexec}, {@shortname_winnt}, {@rodir}]}, 0x3, 0x35c, &(0x7f00000004c0)="$eJzs3U9om/UbAPAne9OkHezXHn4wFIRXb4KWteJBTy2jg2EuKsE/BzG4TqWpgwaD3aFZvYhHwaOevHnQg4edRVDEmwevTpCpeNDdBg5fSd6kedMkXSd2s/j5HMKT5/s8+37f5aV5+4Z8+/JKbFyYiYs3blyP2dlSlFfOrsTNUixEEgNXYlxlQg4AOB5uZln8nuUO2VI64iUBAEes9/7/6qlC5u0vD6rPvPsDwLHX//1/Ln+WTKyZndZ86ciWBQAcobH7/w+NDFdGP+ovT7lCAACOk2dfePGp1VrEM2k6G7H5TrverseTw/HVi/F6NGM9zsR83IrILxS6D6Xe47nztbUzaZp24qeFqHc72vWIzU67nl8prCa9/mosxXws9Pv7VxtZliXnPqutLaVpmvY+V7jS6c0fm6V2fSZO9uf//mSsx3Kk8f+x/ojztbXlNBf1zUF/J2J3eN+iu/7FmI9vX4lL0YwL0e0dXNbU1naW0vRsVhvpb9ervbrc1DsgAAAAAAAAAAAAAAAAAAAAAADwtyymexb29r/Jhvv3LC5OGO/tj5P39/cH2s33B8qqWWTZb289Wn83iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+NdobVei0Wyub7W2L28Ug85Wa/tERHQzb3z9yRdzMV5zm6Dcn6MwlPZTlzcaWTIozpK8Zm6kPelOPsh8fHVvxcWa6t5RTFxGdfpQs3nqwR8/GGYeSAb/8p/DmiQmH2CybxnFYPN/+ZLu5D9qL1i+Tc21LMumte+8NN4VpYjynb9wBwdZN/jq+mv3PdY6/Xgv83mWe/iR+eeuvf/RLxuNZnfm6L2Cla3WrWyj0X8++WSbHiSF86cUeVAqngnlg9p3RzON5Ltfn7//vW8ON3tWzLw5oSbJD+fT/UOVPOguc9/Q3KS5ZqJ88Gn8zwSnP1xpXN354efDdhV+SNioAwAAAAAAAAAAAAAAAAAA7orCd8X7+l/2nTmo64mnj35lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcuMB9XYn/mjE+PF1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/cX8FAAD//76aaas=")
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x220000, &(0x7f0000000180)=ANY=[@ANYRES64], 0xff, 0x290, &(0x7f0000000780)="$eJzs3M9r034YwPFn7bZuHVt7+PIFBfFBL3oJW/0LeuhALCjbKm4HIXOpK43taOIkIm43r/4dw6M3Qf0HdvEi3sXLEAQvO4iV5YfrtsB+0Jpufb9g5Fk+nyf5JE3Kk0A/Ow9eP6lXHaNqupIaU0mJbMquSH4vCg2Fy5Qfj0qnTbk58fPLlfnFpTvFcrk0pzpbXLhVUNWpq++fvXhz7aM7cf/t1LuMbOcf7vwofN3+f/vSzu+FaOtNV01dbjZdc9m2dKXm1A3Ve7ZlOpbWGo7VOtBetZtra56ajZXJ7FrLchw1G57WLU/dprotT83HZq2hhmHoZFYGTfrUGZWtuTmz2JPBIAnjcStbraKZjm2sbP2LQQEAgP6SVP2/WnO05mjjuPo/JWev/4ePHu5Qr8/n+UL9Pwj26v9seP8eRP0PAAAAAAAAAAAAAAAAAAAAAMB5sNtu59rtdi5aRn8ZERkTkej/pMeJ3uDzH2zzi0sZCX64NyZiv1qvrFeCZdBerEpNbLFkekTkl389hIJ49na5NK2+vHywN8L8jfVKWjJRfiQfnz8T5OvB/BHJdu6/IDn5Ly4/UyrE5o/Kjesd+Ybk5NMjaYotK/51HeanpfRyRjVzt3wof9zvBwAAAADARWDoX0ee3/12Q6NpQw61Byv33w9I7pj3A4eer4flcswEPQAAAAAAoPsc73ndtG2rRXC64AKfupH+GIaXEpEubvDzqshJO38Xkf44CV0Nvj0N7vqTdE76mwkAAABAt+0X/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAwXXSycOi/meZe6xjd+lkjhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoD38CAAD//8grHrI=")
ptrace$getregset(0x4204, 0x0, 0x201, 0x0)
r0 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
sendfile(r0, r0, 0x0, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)

305.008799ms ago: executing program 7 (id=4037):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
close(r1)

251.736439ms ago: executing program 5 (id=4040):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x2, 0x0, 0x0)

244.413629ms ago: executing program 5 (id=4041):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f00000000c0), 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x57e00}], 0x2, 0x1200, 0x41001, 0x3)

225.718899ms ago: executing program 7 (id=4042):
pipe2(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f00000024c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002380)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000002500)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000002280)={0x50, 0xfffffffffffffff5, r3, {0x7, 0x29, 0xffffffe6, 0x1c02661, 0x2000, 0x0, 0x400}}, 0x50)
splice(r0, 0x0, r2, 0x0, 0x50, 0xf)

122.393719ms ago: executing program 7 (id=4043):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000680)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x5410, &(0x7f0000000040)={0x0, 0x1000, 0x0, 0x0, 0x0, "00000400000000000c00000000eaff00"})

98.993499ms ago: executing program 5 (id=4044):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000100), 0x4)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
write(r1, &(0x7f0000000080)="89ba41c97928dec7cec15a160d3dba257872aed129d4b5247c9834550448a4f46c37425b873ec95db3d757e8b2333a64d9abf416fd83f942661c47bcdf71f7d07ba2b2f051829a7f66952e57962614db0d03474a4a4bce636ea8d2b882b2b49ef18e76edbec7302a96e41f206d930eda2769c56e6d5e3d541ce9a21c3ce5cb5f", 0xfdef)

65.3126ms ago: executing program 7 (id=4045):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000540))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000580)=[@acquire={0x400c6313}], 0x0, 0x0, 0x0})

61.66587ms ago: executing program 5 (id=4046):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000340)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}], 0x1, 0x0)

13.80839ms ago: executing program 5 (id=4047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x8, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

363.22µs ago: executing program 9 (id=4048):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000003c0)='mm_page_alloc\x00', r0}, 0x10)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)=""/144, 0x28}], 0x300)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r1, 0x800452d2, &(0x7f0000000100))

0s ago: executing program 5 (id=4049):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x5000, 0x2000, &(0x7f0000002000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

wn main item tag 0x0
[  130.648680][ T4286] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  130.654739][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.668730][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.675879][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.683248][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.690706][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.697896][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.705125][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.712324][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.719526][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.726711][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.733953][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.741126][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.748412][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.755518][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.762761][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.769966][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.777138][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.784413][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.791556][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.798761][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.805946][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.813174][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.820365][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.827550][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.834786][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.841972][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.849200][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.856371][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.858341][   T25] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  130.863635][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.874033][   T25] usb 4-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  130.880792][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.893850][   T25] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  130.900761][  T696] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  130.909908][ T1066] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  130.919930][  T696] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  130.924418][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.028346][ T4286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.039210][ T4286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.048786][ T4286] usb 7-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  131.057582][ T4286] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.066216][ T4286] usb 7-1: config 0 descriptor??
[  131.218367][   T25] usb 4-1: string descriptor 0 read error: -71
[  131.225032][   T25] aiptek 4-1:17.0: interface has no int in endpoints, but must have minimum 1
[  131.236123][   T25] usb 4-1: USB disconnect, device number 20
[  131.278344][ T1066] usb 10-1: config 0 has no interfaces?
[  131.283710][ T1066] usb 10-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  131.292935][ T1066] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.301483][ T1066] usb 10-1: config 0 descriptor??
[  132.521323][ T6481] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  132.530186][ T6481] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  132.834438][ T6494] EXT4-fs (loop6): 1 orphan inode deleted
[  132.840340][ T6494] EXT4-fs (loop6): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,grpquota,nogrpid,init_itable,stripe=0x0000000000010000,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue
[  132.861399][ T6494] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.887133][ T6494] netlink: 240 bytes leftover after parsing attributes in process `syz.6.2604'.
[  133.065670][ T6531] input: syz1 as /devices/virtual/input/input25
[  133.192892][ T6551] device wg2 entered promiscuous mode
[  133.277771][ T6565] tipc: Started in network mode
[  133.284003][ T6565] tipc: Own node identity , cluster identity 4711
[  133.292573][ T6565] tipc: Failed to obtain node identity
[  133.298099][ T6565] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  133.651039][  T320] usb 10-1: USB disconnect, device number 18
[  133.657182][ T4286] dragonrise 0003:0079:0006.0026: hidraw1: USB HID v0.00 Device [HID 0079:0006] on usb-dummy_hcd.6-1/input0
[  133.674466][ T6610] syz.0.2655[6610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.674519][ T6610] syz.0.2655[6610] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.676114][ T6600] F2FS-fs (loop6): fault_injection options not supported
[  133.709863][ T6600] F2FS-fs (loop6): invalid crc value
[  133.714680][ T4286] dragonrise 0003:0079:0006.0026: no inputs found
[  133.722264][ T4286] dragonrise 0003:0079:0006.0026: force feedback init failed
[  133.731894][ T6600] F2FS-fs (loop6): Found nat_bits in checkpoint
[  133.732323][ T4286] usb 7-1: USB disconnect, device number 9
[  133.804814][ T6617] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  133.814036][ T6617] ext4 filesystem being mounted at /367/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.857260][ T6600] F2FS-fs (loop6): Start checkpoint disabled!
[  133.868724][ T6600] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  133.991157][ T6643] syz.5.2669[6643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.991215][ T6643] syz.5.2669[6643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.013913][  T664] attempt to access beyond end of device
[  134.013913][  T664] loop6: rw=2049, want=40976, limit=40427
[  134.065963][ T6647] SELinux:  Context system_u:object_r:etc_aliases_t:s0 is not valid (left unmapped).
[  134.228601][   T24] kauditd_printk_skb: 219 callbacks suppressed
[  134.228612][   T24] audit: type=1400 audit(2000000271.335:4315): avc:  denied  { create } for  pid=6673 comm="syz.9.2683" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  134.296680][   T24] audit: type=1400 audit(2000000271.395:4316): avc:  denied  { read write } for  pid=6675 comm="syz.6.2667" name="uhid" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  134.298158][  T294] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  134.333667][   T24] audit: type=1400 audit(2000000271.395:4317): avc:  denied  { open } for  pid=6675 comm="syz.6.2667" path="/dev/uhid" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  134.345943][  T294] hid-generic 0000:0000:0000.0027: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  134.378620][ T6674] blk_update_request: I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  134.409795][ T6674] F2FS-fs (loop19): Unable to read 1th superblock
[  134.434598][ T6674] blk_update_request: I/O error, dev loop19, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  134.446308][   T24] audit: type=1400 audit(2000000271.555:4318): avc:  denied  { create } for  pid=6684 comm="syz.0.2689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.467918][ T6674] F2FS-fs (loop19): Unable to read 2th superblock
[  134.505224][   T24] audit: type=1400 audit(2000000271.555:4319): avc:  denied  { write } for  pid=6684 comm="syz.0.2689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.559532][   T24] audit: type=1400 audit(2000000271.555:4320): avc:  denied  { read } for  pid=6684 comm="syz.0.2689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.597068][   T24] audit: type=1400 audit(2000000271.585:4321): avc:  denied  { audit_write } for  pid=6689 comm="syz.6.2690" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  134.619068][   T24] audit: type=1107 audit(2000000271.585:4322): pid=6689 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='>ߵi�'
[  134.640896][   T24] audit: type=1400 audit(2000000271.635:4323): avc:  denied  { module_request } for  pid=6669 comm="syz.3.2682" kmod="net-pf-10-proto-0-type-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  134.663975][   T24] audit: type=1400 audit(2000000271.635:4324): avc:  denied  { write } for  pid=6691 comm="syz.0.2691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  134.695541][ T6704] EXT4-fs (loop9): error: could not find journal device path: error -2
[  134.872544][ T6722] EXT4-fs error (device loop6): ext4_orphan_get:1395: inode #15: comm syz.6.2701: casefold flag without casefold feature
[  134.922135][ T6722] EXT4-fs (loop6): 1 truncate cleaned up
[  134.957636][ T6722] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  135.042309][ T6722] overlayfs: failed to create directory ./file1/work (errno: 126); mounting read-only
[  135.078487][ T6755] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6755 comm=syz.5.2718
[  135.360268][ T6788] cannot load conntrack support for proto=3
[  135.443849][ T6751] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  135.475878][ T6751] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  135.485091][ T6751] F2FS-fs (loop9): invalid crc value
[  135.507990][ T6751] F2FS-fs (loop9): Found nat_bits in checkpoint
[  135.548260][ T6751] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  135.555110][ T6751] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  135.878269][   T20] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  135.938275][  T320] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  136.178321][  T320] usb 10-1: Using ep0 maxpacket: 16
[  136.238367][   T20] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  136.248318][   T20] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  136.298361][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.309425][  T320] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.319250][  T320] usb 10-1: New USB device found, idVendor=056a, idProduct=0307, bcdDevice= 0.00
[  136.328480][  T320] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.337925][  T320] usb 10-1: config 0 descriptor??
[  136.408421][   T20] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  136.417284][   T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.425153][   T20] usb 4-1: Product: syz
[  136.429245][   T20] usb 4-1: Manufacturer: syz
[  136.433643][   T20] usb 4-1: SerialNumber: syz
[  136.758380][   T20] usb 4-1: 0:2 : does not exist
[  136.765979][   T20] usb 4-1: USB disconnect, device number 21
[  136.819417][  T320] wacom 0003:056A:0307.0028: unknown main item tag 0x0
[  136.826219][  T320] wacom 0003:056A:0307.0028: unknown main item tag 0x0
[  136.833011][  T320] wacom 0003:056A:0307.0028: unknown main item tag 0x0
[  136.839728][  T320] wacom 0003:056A:0307.0028: unknown main item tag 0x0
[  136.846360][  T320] wacom 0003:056A:0307.0028: unknown main item tag 0x0
[  136.853767][  T320] wacom 0003:056A:0307.0028: hidraw0: USB HID v0.00 Device [HID 056a:0307] on usb-dummy_hcd.9-1/input0
[  137.019508][  T696] usb 10-1: USB disconnect, device number 19
[  137.701395][ T6927] netlink: 60 bytes leftover after parsing attributes in process `syz.9.2794'.
[  137.718712][    T5] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  137.749945][ T6929] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  137.758883][ T6929] ext4 filesystem being mounted at /388/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.825560][ T6936] syz.9.2797[6936] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.825599][ T6936] syz.9.2797[6936] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.882627][ T6940] EXT4-fs (loop9): orphan cleanup on readonly fs
[  137.900671][ T6940] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.2799: bg 0: block 248: padding at end of block bitmap is not set
[  137.915549][ T6940] EXT4-fs error (device loop9): ext4_acquire_dquot:6219: comm syz.9.2799: Failed to acquire dquot type 1
[  137.927276][ T6940] EXT4-fs (loop9): 1 truncate cleaned up
[  137.933005][ T6940] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  137.978248][    T5] usb 4-1: Using ep0 maxpacket: 16
[  138.109917][ T6944] F2FS-fs (loop9): invalid crc value
[  138.116443][ T6944] F2FS-fs (loop9): Found nat_bits in checkpoint
[  138.138326][    T5] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  138.146342][    T5] usb 4-1: config 0 has no interface number 0
[  138.152283][ T6944] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  138.168261][    T5] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  138.177901][    T5] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  138.187861][    T5] usb 4-1: config 0 interface 41 has no altsetting 0
[  138.194703][ T1937] attempt to access beyond end of device
[  138.194703][ T1937] loop9: rw=2049, want=45104, limit=40427
[  138.368346][    T5] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  138.377882][    T5] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.386947][    T5] usb 4-1: Product: syz
[  138.391148][    T5] usb 4-1: Manufacturer: syz
[  138.395554][    T5] usb 4-1: SerialNumber: syz
[  138.404454][    T5] usb 4-1: config 0 descriptor??
[  138.428335][ T6908] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  138.442368][ T6908] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  138.531377][ T6989] EXT4-fs (loop6): Ignoring removed orlov option
[  138.540254][ T6989] EXT4-fs (loop6): 1 orphan inode deleted
[  138.545868][ T6989] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,auto_da_alloc,nojournal_checksum,stripe=0x000000000000007b,orlov,sysvgroups,delalloc,usrquota,
[  138.563917][ T6989] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.592556][ T5498] EXT4-fs error (device loop6): ext4_lookup:1832: inode #2: comm syz-executor: deleted inode referenced: 16
[  138.604044][ T5498] EXT4-fs (loop6): Remounting filesystem read-only
[  138.610541][ T5498] EXT4-fs error (device loop6): ext4_lookup:1832: inode #2: comm syz-executor: deleted inode referenced: 16
[  138.669790][ T6908] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  138.676753][ T6908] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  138.781210][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.788057][ T7004] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.795452][ T7004] device bridge_slave_0 entered promiscuous mode
[  138.802200][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.809400][ T7004] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.816812][ T7004] device bridge_slave_1 entered promiscuous mode
[  138.830348][ T7009] netlink: 'syz.9.2826': attribute type 4 has an invalid length.
[  138.887428][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.894308][ T7004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.901416][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.908168][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.934142][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.942100][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.950247][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.959123][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.970398][  T664] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.977250][  T664] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.993983][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  139.002193][  T664] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.009063][  T664] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.016587][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  139.037467][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  139.046185][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.057191][ T7004] device veth0_vlan entered promiscuous mode
[  139.063815][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  139.072053][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  139.080545][  T664] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  139.092757][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  139.109592][ T7004] device veth1_macvtap entered promiscuous mode
[  139.131788][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  139.154901][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  139.184487][    T9] device bridge_slave_1 left promiscuous mode
[  139.191662][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.200105][    T9] device bridge_slave_0 left promiscuous mode
[  139.214606][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.229872][    T9] device veth1_macvtap left promiscuous mode
[  139.235745][    T9] device veth0_vlan left promiscuous mode
[  139.403145][   T24] kauditd_printk_skb: 292 callbacks suppressed
[  139.403158][   T24] audit: type=1326 audit(2000000276.505:4615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.438426][   T24] audit: type=1326 audit(2000000276.545:4616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.465209][   T24] audit: type=1326 audit(2000000276.545:4617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.498637][   T24] audit: type=1326 audit(2000000276.545:4618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.529110][   T24] audit: type=1326 audit(2000000276.545:4619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.553115][   T24] audit: type=1400 audit(2000000276.545:4620): avc:  denied  { write } for  pid=7044 comm="syz.5.2840" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  139.578462][    T5] CoreChips: probe of 4-1:0.41 failed with error -71
[  139.580925][   T24] audit: type=1326 audit(2000000276.545:4621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.614023][    T5] usb 4-1: USB disconnect, device number 22
[  139.632291][   T24] audit: type=1326 audit(2000000276.545:4622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.686679][   T24] audit: type=1326 audit(2000000276.545:4623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.0.2842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  139.711318][   T24] audit: type=1326 audit(2000000276.715:4624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  140.071521][ T7110] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.097468][ T7110] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1047: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  140.114997][ T7110] EXT4-fs (loop9): 1 truncate cleaned up
[  140.120716][ T7110] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  140.169781][ T7127] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue
[  140.358235][   T25] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  140.451309][ T7152] F2FS-fs (loop9): Invalid log blocks per segment (83886089)
[  140.463626][ T7152] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  140.472791][ T7152] F2FS-fs (loop9): invalid crc value
[  140.485018][ T7180] xt_bpf: check failed: parse error
[  140.491058][ T7152] F2FS-fs (loop9): Found nat_bits in checkpoint
[  140.550484][ T7152] F2FS-fs (loop9): Start checkpoint disabled!
[  140.557153][ T7152] F2FS-fs (loop9): Try to recover 2th superblock, ret: 0
[  140.565148][ T7152] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  140.580544][ T7152] SELinux:  Context @ is not valid (left unmapped).
[  140.589897][ T7187] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue
[  140.600067][ T7187] ext4 filesystem being mounted at /516/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.634019][  T664] attempt to access beyond end of device
[  140.634019][  T664] loop9: rw=2049, want=40976, limit=40427
[  140.684353][ T7208] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables
[  140.741537][ T7217] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7217 comm=syz.5.2915
[  140.767876][ T7221] ------------[ cut here ]------------
[  140.773193][ T7221] trace type BPF program uses run-time allocation
[  140.781198][ T7221] WARNING: CPU: 0 PID: 7221 at kernel/bpf/verifier.c:10493 check_map_prog_compatibility+0x65b/0x7c0
[  140.792083][ T7221] Modules linked in:
[  140.796306][ T7221] CPU: 1 PID: 7221 Comm: syz.5.2917 Tainted: G        W         5.10.226-syzkaller-00184-g139a6bb26d9d #0
[  140.807795][ T7221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.818684][ T7221] RIP: 0010:check_map_prog_compatibility+0x65b/0x7c0
[  140.827809][ T7221] Code: c8 e9 84 fe ff ff e8 34 f4 ee ff 31 db e9 85 fe ff ff e8 28 f4 ee ff c6 05 3e 19 65 05 01 48 c7 c7 00 77 45 85 e8 45 6a c2 ff <0f> 0b e9 42 fc ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 17 fa ff
[  140.847776][ T7221] RSP: 0018:ffffc90000ce6f90 EFLAGS: 00010246
[  140.853880][ T7221] RAX: c7fedf8cc127a600 RBX: ffff88812670f000 RCX: 0000000000080000
[  140.862152][ T7221] RDX: ffffc90000f09000 RSI: 0000000000000880 RDI: 0000000000000881
[  140.870215][ T7221] RBP: ffffc90000ce6fd0 R08: ffffffff81523068 R09: ffffed103ee0a5f8
[  140.878096][ T7221] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011
[  140.886042][   T25] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  140.886080][ T7221] R13: 1ffff92000027604 R14: ffff88812642c000 R15: ffffc9000013b020
[  140.902818][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.903182][ T7221] FS:  00007fb290cee6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  140.919418][   T25] usb 4-1: Product: syz
[  140.920186][ T7221] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  140.923408][   T25] usb 4-1: Manufacturer: syz
[  140.930081][ T7221] CR2: 0000001b2d11dff8 CR3: 000000012e3e5000 CR4: 00000000003506b0
[  140.934384][   T25] usb 4-1: SerialNumber: syz
[  140.950659][   T25] usb 4-1: config 0 descriptor??
[  140.951635][ T7221] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  140.963589][ T7221] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  140.971578][ T7221] Call Trace:
[  140.974732][ T7221]  ? show_regs+0x58/0x60
[  140.976418][ T7234] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2921'.
[  140.979040][ T7221]  ? __warn+0x160/0x2f0
[  140.991776][ T7221]  ? check_map_prog_compatibility+0x65b/0x7c0
[  140.997700][ T7221]  ? report_bug+0x3d9/0x5b0
[  141.002611][ T7221]  ? check_map_prog_compatibility+0x65b/0x7c0
[  141.008602][ T7221]  ? handle_bug+0x41/0x70
[  141.012667][ T7221]  ? exc_invalid_op+0x1b/0x50
[  141.017275][ T7221]  ? asm_exc_invalid_op+0x12/0x20
[  141.022926][ T7221]  ? wake_up_klogd+0xb8/0xf0
[  141.027336][ T7221]  ? check_map_prog_compatibility+0x65b/0x7c0
[  141.033450][ T7221]  ? __fdget+0x1bc/0x240
[  141.037561][ T7221]  resolve_pseudo_ldimm64+0x586/0x1020
[  141.043580][ T7221]  ? bpf_check+0xf2b0/0xf2b0
[  141.048119][ T7221]  ? kvmalloc_node+0x82/0x130
[  141.052899][ T7221]  bpf_check+0xaf21/0xf2b0
[  141.057195][ T7221]  ? stack_depot_save+0xe/0x10
[  141.062072][ T7221]  ? __se_sys_bpf+0x9856/0x11cb0
[  141.066847][ T7221]  ? sched_clock+0x3a/0x40
[  141.071375][ T7221]  ? 0xffffffffa00189dc
[  141.075362][ T7221]  ? bpf_get_btf_vmlinux+0x60/0x60
[  141.080816][ T7221]  ? __kernel_text_address+0x9b/0x110
[  141.086005][ T7221]  ? unwind_get_return_address+0x4d/0x90
[  141.091658][ T7221]  ? arch_stack_walk+0xf3/0x140
[  141.096325][ T7221]  ? stack_trace_save+0x113/0x1c0
[  141.101501][ T7221]  ? stack_trace_snprint+0xf0/0xf0
[  141.106427][ T7221]  ? stack_trace_snprint+0xf0/0xf0
[  141.111652][ T7221]  ? selinux_bpf_prog_alloc+0x51/0x140
[  141.116926][ T7221]  ? selinux_bpf_prog_alloc+0x51/0x140
[  141.122448][ T7221]  ? ____kasan_kmalloc+0xed/0x110
[  141.127276][ T7221]  ? ____kasan_kmalloc+0xdb/0x110
[  141.132460][ T7221]  ? __kasan_kmalloc+0x9/0x10
[  141.136959][ T7221]  ? kmem_cache_alloc_trace+0x18a/0x2e0
[  141.142618][ T7221]  ? selinux_bpf_prog_alloc+0x51/0x140
[  141.147922][ T7221]  ? security_bpf_prog_alloc+0x62/0x90
[  141.153411][ T7221]  ? __se_sys_bpf+0x9f8c/0x11cb0
[  141.158160][ T7221]  ? __x64_sys_bpf+0x7b/0x90
[  141.163762][ T7221]  ? do_syscall_64+0x34/0x70
[  141.168168][ T7221]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  141.174378][ T7221]  ? __kasan_kmalloc+0x9/0x10
[  141.179418][ T7221]  __se_sys_bpf+0x107a2/0x11cb0
[  141.184091][ T7221]  ? futex_wait+0x6a0/0x7c0
[  141.188651][ T7221]  ? __x64_sys_bpf+0x90/0x90
[  141.193081][ T7221]  ? do_futex+0x17b0/0x17b0
[  141.197423][ T7221]  ? do_futex+0x139a/0x17b0
[  141.202208][ T7221]  ? __kasan_check_write+0x14/0x20
[  141.207193][ T7221]  ? put_vma+0x8f/0xb0
[  141.211347][ T7221]  ? __handle_speculative_fault+0x10c1/0x1e90
[  141.217279][ T7221]  ? futex_exit_release+0x1e0/0x1e0
[  141.222512][ T7221]  ? finish_fault+0xaf0/0xaf0
[  141.227046][ T7221]  ? __kasan_check_write+0x14/0x20
[  141.237262][ T7221]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  141.242627][ T7221]  ? __se_sys_futex+0x355/0x470
[  141.247460][ T7221]  ? __fget_files+0x31e/0x380
[  141.248373][   T25] r8152 4-1:0.0: Unknown version 0x0000
[  141.251989][ T7221]  ? fpu__clear_all+0x20/0x20
[  141.262193][ T7221]  ? __kasan_check_read+0x11/0x20
[  141.267085][ T7221]  __x64_sys_bpf+0x7b/0x90
[  141.271484][ T7221]  do_syscall_64+0x34/0x70
[  141.275772][ T7221]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  141.281510][ T7221] RIP: 0033:0x7fb292677849
[  141.285869][ T7221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.305810][ T7221] RSP: 002b:00007fb290cee058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  141.314270][ T7221] RAX: ffffffffffffffda RBX: 00007fb29283cfa0 RCX: 00007fb292677849
[  141.322193][ T7221] RDX: 0000000000000094 RSI: 0000000020000a40 RDI: 0000000000000005
[  141.330074][ T7221] RBP: 00007fb2926ea986 R08: 0000000000000000 R09: 0000000000000000
[  141.337905][ T7221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.346562][ T7221] R13: 0000000000000000 R14: 00007fb29283cfa0 R15: 00007ffc5ec4a278
[  141.354491][ T7221] ---[ end trace dcbf7bc3c24ebf0f ]---
[  141.442861][ T7262] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(����QhQI���b�G��9��E�>w�
[  141.445218][ T7264] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2935'.
[  141.468811][    T5] usb 4-1: USB disconnect, device number 23
[  141.719218][ T7292] device pim6reg1 entered promiscuous mode
[  141.908275][   T25] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  142.018907][ T7328] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  142.028637][ T7328] SELinux: failed to load policy
[  142.268355][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.279209][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.288789][   T25] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  142.301488][   T25] usb 10-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  142.310372][   T25] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.318799][   T25] usb 10-1: config 0 descriptor??
[  142.355295][ T7340] overlayfs: missing 'lowerdir'
[  142.658312][ T4286] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  142.800156][   T25] acrux 0003:1A34:0802.0029: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.9-1/input0
[  142.815224][   T25] acrux 0003:1A34:0802.0029: no inputs found
[  142.821109][   T25] acrux 0003:1A34:0802.0029: Failed to enable force feedback support, error: -19
[  142.899455][ T7360] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2972'.
[  143.018400][ T4286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  143.029251][ T4286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.038767][ T4286] usb 2-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.00
[  143.047568][ T4286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.056202][ T4286] usb 2-1: config 0 descriptor??
[  143.539185][ T4286] smartjoyplus 0003:0B43:0003.002A: unbalanced collection at end of report description
[  143.548826][ T4286] smartjoyplus 0003:0B43:0003.002A: parse failed
[  143.555110][ T4286] smartjoyplus: probe of 0003:0B43:0003.002A failed with error -22
[  143.750574][ T4282] usb 2-1: USB disconnect, device number 6
[  144.078330][ T4286] usb 10-1: reset high-speed USB device number 20 using dummy_hcd
[  144.505959][   T24] kauditd_printk_skb: 287 callbacks suppressed
[  144.505972][   T24] audit: type=1326 audit(2000000281.605:4912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.535345][   T24] audit: type=1326 audit(2000000281.605:4913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.558797][   T24] audit: type=1326 audit(2000000281.615:4914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.582304][   T24] audit: type=1326 audit(2000000281.615:4915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.606335][   T24] audit: type=1326 audit(2000000281.615:4916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.637185][   T24] audit: type=1326 audit(2000000281.625:4917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.678297][   T24] audit: type=1326 audit(2000000281.635:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4743c40925 code=0x7ffc0000
[  144.711479][   T24] audit: type=1326 audit(2000000281.665:4919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.735000][   T24] audit: type=1326 audit(2000000281.665:4920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  144.765601][   T24] audit: type=1326 audit(2000000281.675:4921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7418 comm="syz.1.2998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4743c0e849 code=0x7ffc0000
[  145.298260][ T4286] usb 10-1: device descriptor read/64, error -71
[  145.698323][ T4286] usb 10-1: device firmware changed
[  145.703530][ T4282] usb 10-1: USB disconnect, device number 20
[  145.858254][ T4282] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  146.012664][ T7491] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  146.023710][ T7491] FAT-fs (loop3): unable to read boot sector
[  146.218484][ T4282] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  146.229597][ T4282] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.239171][ T4282] usb 10-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  146.248088][ T4282] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.256574][ T4282] usb 10-1: config 0 descriptor??
[  146.565037][ T7501] tap0: tun_chr_ioctl cmd 1074025675
[  146.570209][ T7501] tap0: persist enabled
[  146.574295][ T7501] tap0: tun_chr_ioctl cmd 1074025675
[  146.579416][ T7501] tap0: persist disabled
[  146.739386][ T4282] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x0
[  146.747896][ T4282] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x0
[  146.755715][ T4282] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x4
[  146.763219][ T4282] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x0
[  146.771659][ T4282] hid-steam 0003:28DE:1102.002B: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.9-1/input0
[  146.817189][ T7519] overlayfs: failed to resolve './file0': -2
[  146.846892][ T7525] sit: Src spoofed 0.0.224.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  146.944595][    T5] usb 10-1: USB disconnect, device number 21
[  147.018767][    T9] Bluetooth: hci0: Frame reassembly failed (-84)
[  147.490912][ T7557] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  147.530867][ T7561] input: syz1 as /devices/virtual/input/input29
[  147.559762][ T7563] syz.9.3061[7563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.559818][ T7563] syz.9.3061[7563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.596061][ T7565] syz.9.3062[7565] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.607563][ T7565] syz.9.3062[7565] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.835949][ T7573] syz.1.3065[7573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.847194][ T7573] syz.1.3065[7573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.908254][    T5] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  148.188396][    T5] usb 10-1: Using ep0 maxpacket: 16
[  148.318386][    T5] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.329214][    T5] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  148.338802][    T5] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  148.348460][    T5] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  148.358122][    T5] usb 10-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  148.468349][    T5] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  148.477364][    T5] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  148.485214][    T5] usb 10-1: SerialNumber: syz
[  148.508355][ T7565] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  148.528817][    T5] cdc_acm 10-1:1.0: Control and data interfaces are not separated!
[  148.536780][    T5] cdc_acm: probe of 10-1:1.0 failed with error -12
[  148.732300][ T4282] usb 10-1: USB disconnect, device number 22
[  148.900857][ T7663] input: syz0 as /devices/virtual/input/input30
[  149.007258][ T7681] xt_hashlimit: size too large, truncated to 1048576
[  149.098423][  T306] Bluetooth: hci0: command 0x1003 tx timeout
[  149.104353][ T1953] Bluetooth: hci0: sending frame failed (-49)
[  149.151330][ T7688] syz.5.3117[7688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.151365][ T7688] syz.5.3117[7688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.209367][ T7690]  loop5: p3 < > p4 < >
[  149.224496][ T7690] loop5: partition table partially beyond EOD, truncated
[  149.231901][ T7690] loop5: p3 start 4284289 is beyond EOD, truncated
[  149.268558][   T95]  loop5: p3 < > p4 < >
[  149.273479][   T95] loop5: partition table partially beyond EOD, truncated
[  149.283979][   T95] loop5: p3 start 4284289 is beyond EOD, truncated
[  149.361947][  T310] udevd[310]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  149.588287][ T4286] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  149.828262][ T4286] usb 10-1: Using ep0 maxpacket: 8
[  149.948366][ T4286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.959260][ T4286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.968927][ T4286] usb 10-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  149.977881][ T4286] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.986608][ T4286] usb 10-1: config 0 descriptor??
[  150.303719][   T24] kauditd_printk_skb: 159 callbacks suppressed
[  150.303731][   T24] audit: type=1326 audit(2000000287.405:5081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.332984][   T24] audit: type=1326 audit(2000000287.425:5082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.362280][   T24] audit: type=1326 audit(2000000287.425:5083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.386008][   T24] audit: type=1326 audit(2000000287.425:5084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.421116][   T24] audit: type=1326 audit(2000000287.425:5085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.456433][   T24] audit: type=1326 audit(2000000287.425:5086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.469286][ T4286] steelseries_srws1 0003:1038:1410.002C: unknown main item tag 0xd
[  150.496051][ T4286] steelseries_srws1 0003:1038:1410.002C: item fetching failed at offset 6/7
[  150.514798][   T24] audit: type=1326 audit(2000000287.455:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.525595][ T4286] steelseries_srws1 0003:1038:1410.002C: parse failed
[  150.567630][ T4286] steelseries_srws1: probe of 0003:1038:1410.002C failed with error -22
[  150.568230][   T24] audit: type=1326 audit(2000000287.455:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.601554][   T24] audit: type=1326 audit(2000000287.465:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.625518][   T24] audit: type=1326 audit(2000000287.515:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7726 comm="syz.5.3132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  150.730285][ T1296] usb 10-1: USB disconnect, device number 23
[  150.846412][ T7758] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  151.045759][ T7775] binder: 7774:7775 ioctl c018620c 20000140 returned -22
[  151.178389][  T306] Bluetooth: hci0: command 0x1001 tx timeout
[  151.184252][ T1953] Bluetooth: hci0: sending frame failed (-49)
[  151.253568][ T7798] syz.9.3165[7798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.253607][ T7798] syz.9.3165[7798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.540335][ T7832] netlink: 44 bytes leftover after parsing attributes in process `syz.9.3180'.
[  151.710434][ T7866] netlink: 'syz.1.3195': attribute type 2 has an invalid length.
[  151.718129][ T7866] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3195'.
[  151.813877][ T7884] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(�����
[  151.998245][ T1296] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  152.024441][ T7893] devtmpfs: Unknown parameter 'posixacl'
[  152.238279][ T1296] usb 10-1: Using ep0 maxpacket: 8
[  152.261858][ T7919] overlayfs: filesystem on './bus' not supported as upperdir
[  152.388299][ T1296] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[  152.396579][ T1296] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  152.406754][ T1296] usb 10-1: config 135 has no interface number 0
[  152.412888][ T1296] usb 10-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  152.544452][ T7942] syzkaller0: refused to change device tx_queue_len
[  152.615940][ T7944] serio: Serial port pts1
[  152.628328][ T1296] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  152.637319][ T1296] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.645417][ T1296] usb 10-1: Product: syz
[  152.649491][ T1296] usb 10-1: Manufacturer: syz
[  152.653975][ T1296] usb 10-1: SerialNumber: syz
[  152.708698][ T1296] uvcvideo: Found UVC 0.00 device syz (18ec:3288)
[  152.714981][ T1296] uvcvideo: No valid video chain found.
[  152.909464][ T1296] usb 10-1: USB disconnect, device number 24
[  153.258276][ T4282] Bluetooth: hci0: command 0x1009 tx timeout
[  153.382056][ T7955] xt_hashlimit: size too large, truncated to 1048576
[  153.598513][ T7984] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  153.620055][ T7989] bpf_get_probe_write_proto: 4 callbacks suppressed
[  153.620060][ T7989] syz.0.3250[7989] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  153.626498][ T7989] syz.0.3250[7989] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  153.808262][ T4282] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  153.929384][ T8033] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8033 comm=syz.1.3270
[  154.178310][ T4282] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  154.188377][ T4282] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  154.268377][ T4282] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  154.277382][ T4282] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  154.285239][ T4282] usb 10-1: SerialNumber: syz
[  154.568832][ T4282] usb 10-1: 0:2 : does not exist
[  154.574564][ T4282] usb 10-1: USB disconnect, device number 25
[  155.248251][ T8091] overlayfs: failed to clone lowerpath
[  155.319278][ T8096] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  155.339184][ T8096] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[  155.348606][ T8096] EXT4-fs (loop9): 1 truncate cleaned up
[  155.354157][ T8096] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000009,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,nodiscard,noauto_da_alloc,resgid=0x00000000000000002,errors=continue
[  155.378296][   T24] kauditd_printk_skb: 923 callbacks suppressed
[  155.378307][   T24] audit: type=1400 audit(2000000292.485:6014): avc:  denied  { mount } for  pid=8095 comm="syz.9.3296" name="/" dev="loop9" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  155.378533][  T319] Quota error (device loop9): free_dqentry: Quota structure has offset to other block (1) than it should (5)
[  155.417164][  T319] EXT4-fs error (device loop9): ext4_release_dquot:6242: comm kworker/u4:4: Failed to release dquot type 1
[  155.428975][ T8096] EXT4-fs (loop9): re-mounted. Opts: (null)
[  155.435697][ T8096] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  155.445275][ T8096] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[  155.461231][ T8096] EXT4-fs (loop9): re-mounted. Opts: (null)
[  155.472620][   T24] audit: type=1400 audit(2000000292.575:6015): avc:  denied  { unmount } for  pid=1937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  155.560329][ T8110] EXT4-fs error (device loop5): ext4_orphan_get:1395: inode #15: comm syz.5.3300: casefold flag without casefold feature
[  155.573244][ T8110] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #12: comm syz.5.3300: missing EA_INODE flag
[  155.585195][ T8110] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.3300: error while reading EA inode 12 err=-117
[  155.597707][ T8110] EXT4-fs (loop5): 1 orphan inode deleted
[  155.603392][ T8110] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  155.612163][   T24] audit: type=1400 audit(2000000292.705:6016): avc:  denied  { write } for  pid=8109 comm="syz.5.3300" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  155.612189][   T24] audit: type=1400 audit(2000000292.705:6017): avc:  denied  { add_name } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  155.612211][   T24] audit: type=1400 audit(2000000292.705:6018): avc:  denied  { create } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  155.612228][   T24] audit: type=1400 audit(2000000292.705:6019): avc:  denied  { create } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  155.612246][   T24] audit: type=1400 audit(2000000292.705:6020): avc:  denied  { remove_name } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  155.612263][   T24] audit: type=1400 audit(2000000292.705:6021): avc:  denied  { rename } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  155.612281][   T24] audit: type=1400 audit(2000000292.705:6022): avc:  denied  { rmdir } for  pid=8109 comm="syz.5.3300" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  155.888159][ T8116] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  155.907886][ T8119] xt_hashlimit: size too large, truncated to 1048576
[  155.929047][ T8120] EXT4-fs (loop5): Quota format mount options ignored when QUOTA feature is enabled
[  155.938381][ T8120] EXT4-fs (loop5): error: could not find journal device path: error -2
[  156.228989][ T8145] erofs: (device loop9): mounted with root inode @ nid 36.
[  156.318331][ T4282] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  156.678409][ T4282] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  156.687338][ T4282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.708366][ T4282] usb 2-1: config 0 descriptor??
[  157.218600][ T8169] syz.9.3325[8169] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.218636][ T8169] syz.9.3325[8169] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.301134][ T8174] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2756: inode #11: comm syz.9.3327: corrupted xattr block 95
[  157.325085][ T8174] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.3327: bg 0: block 7: invalid block bitmap
[  157.338656][ T8174] EXT4-fs error (device loop9) in ext4_mb_clear_bb:5645: Corrupt filesystem
[  157.347471][ T8174] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2921: inode #11: comm syz.9.3327: corrupted xattr block 95
[  157.349337][ T8188] input: syz1 as /devices/virtual/input/input31
[  157.359915][ T8174] EXT4-fs warning (device loop9): ext4_evict_inode:303: xattr delete (err -117)
[  157.375178][ T8174] EXT4-fs (loop9): 1 orphan inode deleted
[  157.380785][ T8174] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  157.470373][ T8200] input: syz1 as /devices/virtual/input/input32
[  157.571946][ T8225] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  157.681091][ T8251] input: syz1 as /devices/virtual/input/input33
[  157.699558][ T8255] xt_hashlimit: size too large, truncated to 1048576
[  157.823615][ T8256] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  158.048289][ T4282] usb 2-1: Cannot set autoneg
[  158.053086][ T4282] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71
[  158.071353][ T4282] usb 2-1: USB disconnect, device number 7
[  158.088548][ T8272] tmpfs: Unknown parameter 'nolazytime��'
[  158.598291][  T320] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  158.767291][ T8350] syz.1.3405[8350] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.767357][ T8350] syz.1.3405[8350] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.799445][ T8352] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8352 comm=syz.1.3406
[  158.848254][  T320] usb 4-1: Using ep0 maxpacket: 16
[  158.868251][ T1296] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  158.968374][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.979596][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.989227][  T320] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  159.001935][  T320] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  159.010802][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.020298][  T320] usb 4-1: config 0 descriptor??
[  159.248306][ T1296] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.263963][ T1296] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  159.273847][ T1296] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.285158][ T1296] usb 10-1: config 0 descriptor??
[  159.499369][  T320] koneplus 0003:1E7D:2E22.002D: unknown main item tag 0x0
[  159.507262][  T320] koneplus 0003:1E7D:2E22.002D: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0
[  159.568685][ T8385] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  159.576161][ T8385] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  159.584882][ T8385] F2FS-fs (loop5): invalid crc value
[  159.591334][ T8385] F2FS-fs (loop5): Found nat_bits in checkpoint
[  159.613064][ T8385] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  159.619996][ T8385] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  159.642101][  T633] attempt to access beyond end of device
[  159.642101][  T633] loop5: rw=2049, want=45104, limit=40427
[  159.718423][  T320] koneplus 0003:1E7D:2E22.002D: couldn't init struct koneplus_device
[  159.726425][  T320] koneplus 0003:1E7D:2E22.002D: couldn't install mouse
[  159.733715][  T320] koneplus: probe of 0003:1E7D:2E22.002D failed with error -5
[  159.764182][ T8399] syz.5.3426[8399] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.764223][ T8399] syz.5.3426[8399] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.778998][ T1296] keytouch 0003:0926:3333.002E: fixing up Keytouch IEC report descriptor
[  159.799788][ T1296] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.002E/input/input35
[  159.888770][ T1296] keytouch 0003:0926:3333.002E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[  159.922876][ T1296] usb 4-1: USB disconnect, device number 24
[  160.231142][ T1296] usb 10-1: USB disconnect, device number 26
[  160.298978][ T8424] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  160.306659][ T8424] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  160.315786][ T8424] F2FS-fs (loop5): invalid crc value
[  160.322445][ T8424] F2FS-fs (loop5): Found nat_bits in checkpoint
[  160.358881][ T8424] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  160.366124][ T8424] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  160.395509][   T24] kauditd_printk_skb: 166 callbacks suppressed
[  160.395521][   T24] audit: type=1400 audit(2000000297.495:6189): avc:  denied  { write } for  pid=8423 comm="syz.5.3437" path="/639/file0/bus" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  160.424574][   T24] audit: type=1400 audit(2000000297.505:6190): avc:  denied  { mounton } for  pid=8423 comm="syz.5.3437" path="/639/file0/bus" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  160.424816][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.449945][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.458152][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.465596][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.473081][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.480952][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.488545][  T633] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  160.515206][  T319] Trying to write to read-only block-device loop5 (partno 0)
[  160.531164][   T24] audit: type=1400 audit(2000000297.635:6191): avc:  denied  { mount } for  pid=8446 comm="syz.1.3445" name="/" dev="ramfs" ino=50449 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  160.619592][   T24] audit: type=1400 audit(2000000297.725:6192): avc:  denied  { mount } for  pid=8450 comm="syz.3.3447" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  160.642221][   T24] audit: type=1400 audit(2000000297.745:6193): avc:  denied  { unmount } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  160.738952][ T8468] erofs: (device loop3): mounted with root inode @ nid 36.
[  160.748218][   T24] audit: type=1400 audit(2000000297.845:6194): avc:  denied  { write } for  pid=8467 comm="syz.3.3453" name="001" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  160.785148][   T24] audit: type=1400 audit(2000000297.885:6195): avc:  denied  { name_bind } for  pid=8470 comm="syz.9.3454" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  160.848238][  T320] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  160.858959][ T8466] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  160.866550][ T8466] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  160.875621][ T8466] F2FS-fs (loop5): invalid crc value
[  160.882155][ T8466] F2FS-fs (loop5): Found nat_bits in checkpoint
[  160.894753][ T8481] input: syz1 as /devices/virtual/input/input36
[  160.918637][ T8466] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  160.925583][ T8466] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  160.942632][ T8466] tipc: Started in network mode
[  160.947397][ T8466] tipc: Own node identity 101, cluster identity 4711
[  160.954210][ T8466] tipc: 32-bit node address hash set to 101
[  160.966537][  T319] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  160.975412][  T319] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  161.038656][ T8494] exfat: Deprecated parameter 'utf8'
[  161.043807][ T8494] exfat: Deprecated parameter 'namecase'
[  161.049352][ T8494] exfat: Deprecated parameter 'utf8'
[  161.070801][ T8494] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  161.086708][   T24] audit: type=1400 audit(2000000298.195:6196): avc:  denied  { read write } for  pid=8493 comm="syz.3.3463" name="file1" dev="loop3" ino=1048666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  161.120736][   T24] audit: type=1400 audit(2000000298.225:6197): avc:  denied  { create } for  pid=8496 comm="syz.5.3461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  161.141113][   T24] audit: type=1400 audit(2000000298.225:6198): avc:  denied  { write } for  pid=8496 comm="syz.5.3461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  161.238370][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.249422][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.260131][  T320] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  161.269244][  T320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.277713][  T320] usb 2-1: config 0 descriptor??
[  161.759850][  T320] hid-rmi 0003:06CB:81A7.002F: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.1-1/input0
[  161.978654][   T20] usb 2-1: USB disconnect, device number 8
[  162.495289][  T319] Bluetooth: hci0: Frame reassembly failed (-84)
[  163.318281][   T20] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  163.678350][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.689069][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.698601][   T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  163.711186][   T20] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  163.720005][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.728338][   T20] usb 4-1: config 0 descriptor??
[  163.868003][ T8568] SELinux: security_context_str_to_sid(staff_u) failed for (dev tmpfs, type tmpfs) errno=-22
[  163.930565][ T8574] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  163.943069][ T8574] exFAT-fs (loop9): error, invalid access to FAT bad cluster (entry 0x00000005)
[  163.951958][ T8574] exFAT-fs (loop9): failed to initialize root inode
[  164.208890][   T20] acrux 0003:1A34:0802.0030: item fetching failed at offset 3/5
[  164.216517][   T20] acrux 0003:1A34:0802.0030: parse failed
[  164.222193][   T20] acrux: probe of 0003:1A34:0802.0030 failed with error -22
[  164.341733][ T8592] Leaked POSIX lock on dev=0x0:0x2a ino=0xd24  fl_owner=ffff88811f16fa80 fl_flags=0x81 fl_type=0x1 fl_pid=8591
[  164.356996][  T633] Leaked locks on dev=0x0:0x2a ino=0xd24:
[  164.362846][  T633] POSIX: fl_owner=ffff88811f16fa80 fl_flags=0x81 fl_type=0x1 fl_pid=8591
[  164.419093][   T20] usb 4-1: USB disconnect, device number 25
[  164.538245][  T320] Bluetooth: hci0: command 0x1003 tx timeout
[  164.544132][ T1953] Bluetooth: hci0: sending frame failed (-49)
[  164.856442][ T8628] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3521'.
[  164.865459][ T8628] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3521'.
[  164.875222][ T8628] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3521'.
[  164.899157][ T8632] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3522'.
[  164.969517][ T8644] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  165.240510][ T8663] EXT4-fs (loop9): 1 truncate cleaned up
[  165.246016][ T8663] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,grpquota,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,nolazytime,discard,grpjquota=,errors=remount-ro,barrier=0xfffffffffffffffa,
[  165.418920][   T24] kauditd_printk_skb: 101 callbacks suppressed
[  165.418931][   T24] audit: type=1326 audit(2000000302.525:6300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.9.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.448539][   T24] audit: type=1326 audit(2000000302.525:6301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8671 comm="syz.9.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.503864][   T24] audit: type=1326 audit(2000000302.605:6302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.527258][   T24] audit: type=1326 audit(2000000302.605:6303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.550691][   T24] audit: type=1326 audit(2000000302.615:6304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.574056][   T24] audit: type=1326 audit(2000000302.615:6305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.597387][   T24] audit: type=1326 audit(2000000302.615:6306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.620859][   T24] audit: type=1326 audit(2000000302.615:6307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.644178][   T24] audit: type=1326 audit(2000000302.615:6308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.667560][   T24] audit: type=1326 audit(2000000302.615:6309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8678 comm="syz.9.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  165.787493][ T8690] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  165.847868][ T8701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3552'.
[  166.108251][  T294] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  166.498336][  T294] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  166.508385][  T294] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  166.588360][  T294] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  166.597413][  T294] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  166.605319][  T294] usb 10-1: SerialNumber: syz
[  166.618262][  T320] Bluetooth: hci0: command 0x1001 tx timeout
[  166.624176][ T1953] Bluetooth: hci0: sending frame failed (-49)
[  166.908739][  T294] usb 10-1: 0:2 : does not exist
[  166.914400][  T294] usb 10-1: USB disconnect, device number 27
[  166.988365][  T320] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  167.228292][  T320] usb 4-1: Using ep0 maxpacket: 32
[  167.348350][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  167.359343][  T320] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  167.370498][  T320] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  167.379585][  T320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.390728][  T320] usb 4-1: config 0 descriptor??
[  167.390995][ T8715] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3557'.
[  167.408283][ T8712] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  167.428526][  T320] hub 4-1:0.0: USB hub found
[  167.648364][  T320] hub 4-1:0.0: 2 ports detected
[  167.668707][ T8738] exfat: Deprecated parameter 'utf8'
[  167.868910][ T8745] F2FS-fs (loop9): fault_injection options not supported
[  167.876497][ T8745] F2FS-fs (loop9): invalid crc value
[  167.882711][ T8745] F2FS-fs (loop9): Found nat_bits in checkpoint
[  167.904064][ T8745] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  167.934044][ T1937] attempt to access beyond end of device
[  167.934044][ T1937] loop9: rw=2049, want=45104, limit=40427
[  167.951373][ T8753] input: syz0 as /devices/virtual/input/input37
[  167.988322][  T320] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  167.994466][  T320] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  168.098320][  T320] usbhid 4-1:0.0: can't add hid device: -71
[  168.104174][  T320] usbhid: probe of 4-1:0.0 failed with error -71
[  168.139133][  T320] usb 4-1: USB disconnect, device number 26
[  168.194938][ T8786] overlayfs: failed to resolve './file1': -2
[  168.228276][ T8797] syz.0.3593[8797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.228333][ T8797] syz.0.3593[8797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.429358][ T8819] overlayfs: failed to resolve '/֟G�I���C�#�q�Ex|ۨ�>': -2
[  168.485945][ T8826] syz.3.3606[8826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.485999][ T8826] syz.3.3606[8826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.562624][   T40] Bluetooth: hci1: sending frame failed (-49)
[  168.708249][  T320] Bluetooth: hci0: command 0x1009 tx timeout
[  170.618257][ T4286] Bluetooth: hci1: command 0x1003 tx timeout
[  170.624147][   T40] Bluetooth: hci1: sending frame failed (-49)
[  171.148728][ T8877] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  171.156267][ T8877] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  171.165257][ T8877] F2FS-fs (loop5): invalid crc value
[  171.171759][ T8877] F2FS-fs (loop5): Found nat_bits in checkpoint
[  171.193640][ T8877] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  171.200543][ T8877] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  171.212823][   T24] kauditd_printk_skb: 85 callbacks suppressed
[  171.212834][   T24] audit: type=1400 audit(2000000308.315:6395): avc:  denied  { setattr } for  pid=8876 comm="syz.5.3627" name="file0" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  171.309171][   T24] audit: type=1326 audit(2000000308.415:6396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.332493][   T24] audit: type=1326 audit(2000000308.415:6397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.356321][   T24] audit: type=1326 audit(2000000308.415:6398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.380187][   T24] audit: type=1326 audit(2000000308.415:6399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.403665][   T24] audit: type=1326 audit(2000000308.415:6400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.427451][   T24] audit: type=1326 audit(2000000308.415:6401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.451310][   T24] audit: type=1326 audit(2000000308.465:6402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.475120][   T24] audit: type=1326 audit(2000000308.465:6403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  171.499152][   T24] audit: type=1326 audit(2000000308.465:6404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8886 comm="syz.5.3629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb292677849 code=0x7ffc0000
[  172.588284][    T5] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  172.698250][ T4286] Bluetooth: hci1: command 0x1001 tx timeout
[  172.704173][   T40] Bluetooth: hci1: sending frame failed (-49)
[  172.804106][ T8902] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun!
[  172.848242][    T5] usb 10-1: Using ep0 maxpacket: 16
[  172.988319][    T5] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.999155][    T5] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.138352][    T5] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  173.147339][    T5] usb 10-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  173.155543][    T5] usb 10-1: Product: syz
[  173.159627][    T5] usb 10-1: Manufacturer: syz
[  173.164577][    T5] usb 10-1: config 0 descriptor??
[  173.308324][ T4286] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  173.548296][ T4286] usb 2-1: Using ep0 maxpacket: 16
[  173.638838][    T5] kovaplus 0003:1E7D:2D50.0031: unknown main item tag 0xd
[  173.646288][    T5] kovaplus 0003:1E7D:2D50.0031: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.9-1/input0
[  173.668347][ T4286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.679094][ T4286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.688822][ T4286] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  173.701655][ T4286] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  173.710723][ T4286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.721914][ T4286] usb 2-1: config 0 descriptor??
[  174.199100][ T4286] koneplus 0003:1E7D:2E22.0032: item fetching failed at offset 0/2
[  174.207088][ T4286] koneplus 0003:1E7D:2E22.0032: parse failed
[  174.212983][ T4286] koneplus: probe of 0003:1E7D:2E22.0032 failed with error -22
[  174.402108][ T4286] usb 2-1: USB disconnect, device number 9
[  174.478429][    T5] kovaplus 0003:1E7D:2D50.0031: couldn't init struct kovaplus_device
[  174.486387][    T5] kovaplus 0003:1E7D:2D50.0031: couldn't install mouse
[  174.493906][    T5] kovaplus: probe of 0003:1E7D:2D50.0031 failed with error -71
[  174.502340][    T5] usb 10-1: USB disconnect, device number 28
[  174.778275][ T4286] Bluetooth: hci1: command 0x1009 tx timeout
[  175.443978][ T8977] binder: 8976:8977 ioctl 40046205 0 returned -22
[  175.868029][ T8982] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  175.876872][ T8982] ext4 filesystem being mounted at /677/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  175.939022][ T8986] EXT4-fs (loop9): Test dummy encryption mode enabled
[  175.945658][ T8986] EXT4-fs (loop9): Ignoring removed orlov option
[  175.953720][ T8986] EXT4-fs (loop9): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[  176.312476][ T8999] syz.9.3675[8999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  176.312535][ T8999] syz.9.3675[8999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  176.326237][   T24] kauditd_printk_skb: 73 callbacks suppressed
[  176.326248][   T24] audit: type=1400 audit(2000000313.425:6478): avc:  denied  { append } for  pid=8998 comm="syz.9.3675" name="001" dev="devtmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  176.374992][   T24] audit: type=1400 audit(2000000313.425:6479): avc:  denied  { nlmsg_write } for  pid=9000 comm="syz.1.3676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  176.396941][ T9005] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  176.404616][ T9005] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  176.425515][ T9009] netem: incorrect ge model size
[  176.481910][   T24] audit: type=1326 audit(2000000313.585:6480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.528257][   T24] audit: type=1326 audit(2000000313.585:6481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.552853][   T24] audit: type=1326 audit(2000000313.585:6482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.606331][   T24] audit: type=1326 audit(2000000313.585:6483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.651071][   T24] audit: type=1326 audit(2000000313.585:6484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.674478][   T24] audit: type=1326 audit(2000000313.585:6485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.712638][   T24] audit: type=1326 audit(2000000313.605:6486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  176.738279][   T24] audit: type=1326 audit(2000000313.615:6487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9020 comm="syz.9.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9719d6849 code=0x7ffc0000
[  178.698281][ T1296] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  178.938290][ T1296] usb 2-1: Using ep0 maxpacket: 16
[  179.088464][ T9085] xt_hashlimit: size too large, truncated to 1048576
[  179.098408][ T1296] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.109379][ T1296] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  179.139887][ T9086] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  179.190079][ T9088] syz.3.3713[9088] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.190139][ T9088] syz.3.3713[9088] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.202889][ T9088] SELinux:  Context system_u:object_r:mqueue_spool_t:s0 is not valid (left unmapped).
[  179.308320][ T1296] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  179.317264][ T1296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.325054][ T1296] usb 2-1: Product: syz
[  179.329014][ T1296] usb 2-1: Manufacturer: syz
[  179.333392][ T1296] usb 2-1: SerialNumber: syz
[  179.898321][ T1296] usb 2-1: cannot find UAC_HEADER
[  179.903318][ T1296] snd-usb-audio: probe of 2-1:1.0 failed with error -22
[  179.910604][ T1296] usb 2-1: USB disconnect, device number 10
[  180.249091][ T9102] F2FS-fs (loop5): Test dummy encryption mode enabled
[  180.257112][ T9102] F2FS-fs (loop5): invalid crc value
[  180.265480][ T9102] F2FS-fs (loop5): Found nat_bits in checkpoint
[  180.301418][ T9102] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  180.399107][ T9125] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3726'.
[  180.408115][ T9125] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  180.482861][ T9140] bridge0: port 3(bond_slave_1) entered blocking state
[  180.489787][ T9140] bridge0: port 3(bond_slave_1) entered disabled state
[  180.496917][ T9140] device bond_slave_1 entered promiscuous mode
[  180.710314][ T9158] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  180.735497][ T9158] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  180.768500][ T9158] EXT4-fs error (device loop9): ext4_ext_check_inode:500: inode #3: comm syz.9.3741: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  180.789060][ T9158] EXT4-fs (loop9): no journal found
[  180.794097][ T9158] EXT4-fs (loop9): can't get journal size
[  180.815488][ T9158] EXT4-fs (loop9): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000005,journal_dev=0x0000000000000003,max_dir_size_kb=0x0000000000000005,noblock_validity,noload,data=writeback,,errors=continue
[  180.837457][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3749'.
[  181.188241][    T5] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  181.218221][   T25] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  181.458220][   T25] usb 4-1: Using ep0 maxpacket: 16
[  181.558301][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.569024][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.578339][   T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  181.588209][    T5] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  181.618217][    T5] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  181.627068][    T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.658419][    T5] usb 2-1: config 0 descriptor??
[  181.671700][   T24] kauditd_printk_skb: 104 callbacks suppressed
[  181.671713][   T24] audit: type=1326 audit(2000000318.775:6592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.689074][ T9224] 9pnet: p9_errstr2errno: server reported unknown error ��
[  181.701055][   T24] audit: type=1326 audit(2000000318.775:6593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.738585][   T24] audit: type=1326 audit(2000000318.775:6594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.758492][   T25] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  181.773222][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.781406][   T25] usb 4-1: Product: syz
[  181.785427][   T25] usb 4-1: Manufacturer: syz
[  181.785512][   T24] audit: type=1326 audit(2000000318.775:6595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.790115][   T25] usb 4-1: SerialNumber: syz
[  181.817288][   T24] audit: type=1326 audit(2000000318.775:6596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.841201][   T24] audit: type=1326 audit(2000000318.775:6597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.884132][   T24] audit: type=1326 audit(2000000318.775:6598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9220 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.910459][   T24] audit: type=1326 audit(2000000318.785:6599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f230de07925 code=0x7ffc0000
[  181.933951][   T24] audit: type=1326 audit(2000000318.935:6600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9222 comm="syz.0.3767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f230ddd5849 code=0x7ffc0000
[  181.987795][   T24] audit: type=1400 audit(2000000319.085:6601): avc:  denied  { ioctl } for  pid=9237 comm="syz.9.3775" path="/dev/fuse" dev="devtmpfs" ino=90 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  182.092710][ T9242] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  182.168861][    T5] gt683r_led 0003:1770:FF00.0033: item fetching failed at offset 1/5
[  182.176867][    T5] gt683r_led 0003:1770:FF00.0033: hid parsing failed
[  182.183419][    T5] gt683r_led: probe of 0003:1770:FF00.0033 failed with error -22
[  182.328692][    T5] usb 4-1: USB disconnect, device number 27
[  182.369428][   T25] usb 2-1: USB disconnect, device number 11
[  182.842826][ T9255] incfs: Error accessing: ./file0.
[  182.848126][ T9255] incfs: mount failed -20
[  182.929121][ T9268] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  182.940904][ T9268] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  182.950640][ T9268] EXT4-fs (loop9): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  182.966347][ T9268] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  182.981213][ T9268] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e11c, mo2=0000]
[  182.992587][ T9268] EXT4-fs (loop9): orphan cleanup on readonly fs
[  183.004024][ T9268] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.3785: bg 0: block 34: padding at end of block bitmap is not set
[  183.030479][ T9268] EXT4-fs error (device loop9): ext4_acquire_dquot:6219: comm syz.9.3785: Failed to acquire dquot type 1
[  183.069338][ T9268] EXT4-fs (loop9): 1 truncate cleaned up
[  183.078807][ T9268] EXT4-fs (loop9): mounted filesystem without journal. Opts: noload,data=writeback,acl,noblock_validity,,errors=continue
[  183.269946][ T9323] binfmt_misc: register: failed to install interpreter file ./file0
[  183.579652][ T9360] EXT4-fs (loop9): Test dummy encryption mode enabled
[  183.587195][ T9360] EXT4-fs error (device loop9): ext4_fill_super:4955: inode #2: comm syz.9.3824: casefold flag without casefold feature
[  183.599877][ T9360] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  183.609981][ T9360] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[  183.624199][ T9360] EXT4-fs (loop9): Online defrag not supported for encrypted files
[  183.988248][   T20] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  184.048249][    T5] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  184.368339][   T20] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.379157][   T20] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.388776][   T20] usb 10-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.dd
[  184.397847][   T20] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.406263][   T20] usb 10-1: config 0 descriptor??
[  184.408319][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.421864][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.431342][    T5] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  184.444066][    T5] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.452875][    T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.461176][    T5] usb 2-1: config 0 descriptor??
[  184.889147][   T20] logitech-hidpp-device 0003:046D:C086.0034: unknown main item tag 0x0
[  184.897351][   T20] logitech-hidpp-device 0003:046D:C086.0034: item fetching failed at offset 3/5
[  184.906419][   T20] logitech-hidpp-device 0003:046D:C086.0034: hidpp_probe:parse failed
[  184.914463][   T20] logitech-hidpp-device: probe of 0003:046D:C086.0034 failed with error -22
[  184.939078][    T5] plantronics 0003:047F:FFFF.0035: unknown main item tag 0x0
[  184.946450][    T5] plantronics 0003:047F:FFFF.0035: No inputs registered, leaving
[  184.955072][    T5] plantronics 0003:047F:FFFF.0035: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  185.089418][   T20] usb 10-1: USB disconnect, device number 29
[  185.619663][ T9418] syz.3.3850[9418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.619711][ T9418] syz.3.3850[9418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.810406][ T9437] EXT4-fs error (device loop9) in ext4_do_update_inode:5303: error 27
[  185.829890][ T9437] EXT4-fs error (device loop9): ext4_dirty_inode:6107: inode #3: comm syz.9.3858: mark_inode_dirty error
[  185.841524][ T9437] EXT4-fs error (device loop9) in ext4_do_update_inode:5303: error 27
[  185.849857][ T9437] EXT4-fs error (device loop9): __ext4_ext_dirty:182: inode #3: comm syz.9.3858: mark_inode_dirty error
[  185.861461][ T9437] EXT4-fs error (device loop9): ext4_acquire_dquot:6219: comm syz.9.3858: Failed to acquire dquot type 0
[  185.873698][ T9437] EXT4-fs (loop9): 1 orphan inode deleted
[  185.879289][ T9437] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  185.887969][ T9437] ext4 filesystem being mounted at /604/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.953570][ T9445] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B
[  185.998227][ T9447] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3861'.
[  186.068573][   T20] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  186.160953][ T9461] bridge0: port 3(vlan2) entered blocking state
[  186.167027][ T9461] bridge0: port 3(vlan2) entered disabled state
[  186.173866][ T9461] device vlan2 entered promiscuous mode
[  186.308291][   T20] usb 4-1: Using ep0 maxpacket: 8
[  186.428334][   T20] usb 4-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56
[  186.437384][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.446079][   T20] usb 4-1: config 0 descriptor??
[  186.488553][   T20] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  186.698296][   T20] usb 4-1: Detected FT232BM
[  186.768233][  T294] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  186.787487][ T9500] netlink: 'syz.1.3886': attribute type 4 has an invalid length.
[  186.795127][ T9500] netlink: 17 bytes leftover after parsing attributes in process `syz.1.3886'.
[  186.918277][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  186.958686][   T20] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  187.158243][ T4286] usb 2-1: reset high-speed USB device number 12 using dummy_hcd
[  187.161548][    T5] usb 4-1: USB disconnect, device number 28
[  187.171642][  T294] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  187.183013][  T294] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  187.194339][    T5] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  187.203607][    T5] ftdi_sio 4-1:0.0: device disconnected
[  187.209685][  T294] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  187.222858][  T294] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  187.231817][  T294] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.240192][  T294] usb 10-1: config 0 descriptor??
[  187.258304][ T9480] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  187.438322][ T4286] usb 2-1: device firmware changed
[  187.443428][ T1296] usb 2-1: USB disconnect, device number 12
[  187.598267][ T1296] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  187.677802][   T24] kauditd_printk_skb: 114 callbacks suppressed
[  187.677814][   T24] audit: type=1326 audit(2000000324.775:6712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.707384][   T24] audit: type=1326 audit(2000000324.775:6713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.719099][  T294] plantronics 0003:047F:FFFF.0036: unknown main item tag 0xd
[  187.730949][   T24] audit: type=1326 audit(2000000324.785:6714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.747285][  T294] plantronics 0003:047F:FFFF.0036: No inputs registered, leaving
[  187.761548][   T24] audit: type=1326 audit(2000000324.785:6715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.792216][   T24] audit: type=1326 audit(2000000324.785:6716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.797159][  T294] plantronics 0003:047F:FFFF.0036: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  187.819722][   T24] audit: type=1326 audit(2000000324.785:6717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.852287][   T24] audit: type=1326 audit(2000000324.785:6718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.875851][   T24] audit: type=1326 audit(2000000324.785:6719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.899418][   T24] audit: type=1326 audit(2000000324.795:6720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.922915][   T24] audit: type=1326 audit(2000000324.805:6721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.3.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafc298b849 code=0x7ffc0000
[  187.982121][   T25] usb 10-1: USB disconnect, device number 30
[  188.038317][ T1296] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.049084][ T1296] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.138866][ T1296] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  188.147776][ T1296] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0
[  188.155567][ T1296] usb 2-1: Product: syz
[  188.159945][ T1296] usb 2-1: config 0 descriptor??
[  188.237708][ T9540] device veth1_macvtap left promiscuous mode
[  188.248455][ T4286] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  188.508297][ T4286] usb 4-1: Using ep0 maxpacket: 32
[  188.638955][ T1296] konepure 0003:1E7D:2DB4.0037: item fetching failed at offset 10/11
[  188.647021][ T1296] konepure 0003:1E7D:2DB4.0037: parse failed
[  188.652922][ T1296] konepure: probe of 0003:1E7D:2DB4.0037 failed with error -22
[  188.658381][ T4286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.670943][ T4286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.680470][ T4286] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  188.689450][ T4286] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.697766][ T4286] usb 4-1: config 0 descriptor??
[  188.738617][ T4286] hub 4-1:0.0: USB hub found
[  188.778605][   T20] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[  188.842539][ T1296] usb 2-1: USB disconnect, device number 13
[  188.948354][ T4286] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  189.038222][   T20] usb 10-1: Using ep0 maxpacket: 32
[  189.158343][   T20] usb 10-1: config 4 has an invalid interface number: 128 but max is 0
[  189.166519][   T20] usb 10-1: config 4 has no interface number 0
[  189.172564][   T20] usb 10-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.183577][   T20] usb 10-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.193353][   T20] usb 10-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  189.202250][   T20] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.248640][   T20] hub 10-1:4.128: USB hub found
[  189.379448][ T4286] hid-generic 0003:046D:C31C.0038: item fetching failed at offset 0/1
[  189.387595][ T4286] hid-generic: probe of 0003:046D:C31C.0038 failed with error -22
[  189.468334][   T20] hub 10-1:4.128: config failed, hub has too many ports! (err -19)
[  189.661078][ T9559] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf525fe07, utbl_chksum : 0xe619d30d)
[  189.708390][   T20] usb 4-1: USB disconnect, device number 29
[  189.722363][ T9562] syz.5.3914[9562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.722407][ T9562] syz.5.3914[9562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.788372][    T5] usb 10-1: USB disconnect, device number 31
[  190.080018][ T9572] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  190.088899][ T9572] ext4 filesystem being mounted at /721/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  190.270751][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.287835][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.295469][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.303003][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.310615][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.317921][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.330565][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.337866][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.345239][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.354621][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.361981][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.369393][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.376581][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.384261][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.391613][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.399046][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.406246][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.413758][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.421187][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.428661][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.435865][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.443355][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.450741][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.457980][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.465185][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.472363][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.479563][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.486749][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.493980][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.501182][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.508489][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.515669][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.522918][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.530095][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.537280][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.544519][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.551706][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.558923][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.566101][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.573336][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.580526][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.587708][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.594945][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.602140][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.609375][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.616528][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.623765][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.630946][    T5] hid-generic 0000:0000:0003.0039: unknown main item tag 0x0
[  190.639120][    T5] hid-generic 0000:0000:0003.0039: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  190.748552][ T9618] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.755459][ T9618] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.762969][ T9618] device bridge_slave_0 entered promiscuous mode
[  190.771376][ T9618] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.778233][ T9618] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.785335][ T9618] device bridge_slave_1 entered promiscuous mode
[  190.818678][ T9618] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.825535][ T9618] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.832627][ T9618] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.839410][ T9618] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.856990][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  190.864462][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.871760][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.881934][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  190.889992][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.896837][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.905551][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  190.913512][ T1296] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[  190.913731][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.927810][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.941587][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  190.950603][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  190.958537][   T20] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  190.973109][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  190.983894][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  190.992293][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  190.999594][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.009963][ T9618] device veth0_vlan entered promiscuous mode
[  191.019685][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.028860][ T9618] device veth1_macvtap entered promiscuous mode
[  191.037851][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.047713][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  191.141531][ T9626] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3940'.
[  191.168941][  T664] device bridge_slave_1 left promiscuous mode
[  191.174885][  T664] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.182263][  T664] device bridge_slave_0 left promiscuous mode
[  191.188520][  T664] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.196440][  T664] device veth1_macvtap left promiscuous mode
[  191.202541][  T664] device veth0_vlan left promiscuous mode
[  191.218247][   T20] usb 4-1: Using ep0 maxpacket: 16
[  191.278381][ T1296] usb 10-1: config 0 has no interfaces?
[  191.283785][ T1296] usb 10-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  191.312764][ T1296] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.326366][ T1296] usb 10-1: config 0 descriptor??
[  191.518867][   T20] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  191.538318][   T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.546306][   T20] usb 4-1: Product: syz
[  191.550348][   T20] usb 4-1: Manufacturer: syz
[  191.554804][   T20] usb 4-1: SerialNumber: syz
[  191.559975][   T20] usb 4-1: config 0 descriptor??
[  191.571928][ T4286] usb 10-1: USB disconnect, device number 32
[  191.573361][ T9631] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.585522][ T9631] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.593262][ T9631] device bridge_slave_0 entered promiscuous mode
[  191.600595][ T9631] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.607427][ T9631] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.615116][   T20] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  191.622786][   T20] usb 4-1: Detected FT232H
[  191.627489][ T9631] device bridge_slave_1 entered promiscuous mode
[  191.695504][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  191.703543][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.712855][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  191.721372][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.729433][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.736257][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.743664][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  191.756325][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  191.764748][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  191.772807][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.779672][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.791530][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  191.799436][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  191.810274][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  191.818634][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  191.837851][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  191.846156][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.857087][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  191.864687][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -5
[  191.864880][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  191.879297][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  191.886654][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.895626][ T9631] device veth0_vlan entered promiscuous mode
[  191.910720][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.920145][ T9631] device veth1_macvtap entered promiscuous mode
[  191.936799][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  191.948647][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  191.973099][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  191.981504][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  192.078446][   T20] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  192.098413][   T20] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  192.112949][   T20] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  192.122068][   T20] usb 4-1: USB disconnect, device number 30
[  192.129029][   T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  192.138366][   T20] ftdi_sio 4-1:0.0: device disconnected
[  192.159106][ T9651] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  192.169772][ T9651] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  192.179040][ T9651] F2FS-fs (loop5): invalid crc_offset: 33558524
[  192.186651][ T9651] F2FS-fs (loop5): Found nat_bits in checkpoint
[  192.207585][ T9674] EXT4-fs (loop9): Test dummy encryption mode enabled
[  192.209926][ T9651] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  192.215209][ T9674] EXT4-fs (loop9): Ignoring removed orlov option
[  192.227539][ T9651] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  192.230342][ T9674] EXT4-fs (loop9): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue
[  192.249164][ T9676] attempt to access beyond end of device
[  192.249164][ T9676] loop5: rw=2049, want=45104, limit=40427
[  192.329508][  T664] device bridge_slave_1 left promiscuous mode
[  192.335494][  T664] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.342674][  T664] device bridge_slave_0 left promiscuous mode
[  192.348689][  T664] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.356410][  T664] device veth0_vlan left promiscuous mode
[  192.619721][ T9709] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3976'.
[  192.907671][   T24] kauditd_printk_skb: 97 callbacks suppressed
[  192.907685][   T24] audit: type=1326 audit(2000000330.005:6819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  192.937425][   T24] audit: type=1326 audit(2000000330.005:6820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  192.962143][   T24] audit: type=1326 audit(2000000330.015:6821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  192.985617][    T5] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  192.991801][   T24] audit: type=1326 audit(2000000330.015:6822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.016553][   T24] audit: type=1326 audit(2000000330.015:6823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.040700][   T24] audit: type=1326 audit(2000000330.015:6824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.064167][ T9719] serio: Serial port ptm0
[  193.064693][   T24] audit: type=1326 audit(2000000330.035:6825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.091734][   T24] audit: type=1326 audit(2000000330.045:6826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.115229][   T24] audit: type=1326 audit(2000000330.065:6827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.138666][   T24] audit: type=1326 audit(2000000330.065:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.8.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e8f22849 code=0x7ffc0000
[  193.378378][    T5] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  193.388311][    T5] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  193.396930][    T5] usb 4-1: config 1 has no interface number 0
[  193.402893][    T5] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.413544][    T5] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  193.422435][    T5] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 133, setting to 64
[  193.432984][    T5] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  193.598265][ T4286] usb 10-1: new high-speed USB device number 33 using dummy_hcd
[  193.598317][    T5] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  193.614644][    T5] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.622467][    T5] usb 4-1: Product: syz
[  193.626367][    T5] usb 4-1: Manufacturer: syz
[  193.630814][    T5] usb 4-1: SerialNumber: syz
[  193.778288][  T696] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  193.958290][ T4286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.969138][ T4286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.978718][ T4286] usb 10-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  193.987627][ T4286] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.996015][ T4286] usb 10-1: config 0 descriptor??
[  194.138434][  T696] usb 9-1: config 0 has no interfaces?
[  194.218447][  T696] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  194.227348][  T696] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  194.235140][  T696] usb 9-1: Manufacturer: syz
[  194.240031][  T696] usb 9-1: config 0 descriptor??
[  194.469131][ T4286] uclogic 0003:5543:0042.003A: item fetching failed at offset 3/7
[  194.476921][ T4286] uclogic 0003:5543:0042.003A: parse failed
[  194.479270][  T696] usb 9-1: USB disconnect, device number 9
[  194.482804][ T4286] uclogic: probe of 0003:5543:0042.003A failed with error -22
[  194.548618][    T5] cdc_ncm 4-1:1.1: bind() failure
[  194.755759][  T696] usb 4-1: USB disconnect, device number 31
[  195.039289][ T9743] syz.7.3991[9743] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  195.039358][ T9743] syz.7.3991[9743] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  195.548230][  T696] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  195.668904][ T9760] request_module fs- succeeded, but still no fs?
[  195.804457][ T9768] xt_hashlimit: size too large, truncated to 1048576
[  195.828527][  T696] usb 4-1: device descriptor read/64, error -71
[  195.951813][ T9775] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  195.952819][ T9778] syz.5.4006[9778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  195.958884][ T9775] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  195.958992][ T9778] syz.5.4006[9778] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  195.973999][ T9775] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2210: inode #15: comm syz.7.4005: corrupted in-inode xattr
[  196.003200][ T9775] EXT4-fs error (device loop7): ext4_orphan_get:1400: comm syz.7.4005: couldn't read orphan inode 15 (err -117)
[  196.015451][ T9775] EXT4-fs (loop7): mounted filesystem without journal. Opts: noload,mblk_io_submit,data_err=abort,auto_da_alloc,block_validity,quota,,errors=continue
[  196.218406][  T696] usb 4-1: device descriptor read/64, error -71
[  196.273369][ T9802] SELinux: security_context_str_to_sid(E�) failed for (dev proc, type proc) errno=-22
[  196.333369][ T1296] usb 10-1: USB disconnect, device number 33
[  196.363266][ T9815] syz.8.4021[9815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.363322][ T9815] syz.8.4021[9815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.488286][  T696] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  196.758221][  T320] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  196.768216][  T696] usb 4-1: device descriptor read/64, error -71
[  196.960085][ T9828] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4026'.
[  197.010105][ T9832] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue
[  197.021291][ T9832] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.028305][  T320] usb 9-1: Using ep0 maxpacket: 16
[  197.158236][  T696] usb 4-1: device descriptor read/64, error -71
[  197.209567][ T9840] F2FS-fs (loop7): invalid crc value
[  197.216197][ T9840] F2FS-fs (loop7): Found nat_bits in checkpoint
[  197.246035][ T9840] F2FS-fs (loop7): Cannot turn on quotas: -2 on 0
[  197.252840][ T9840] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  197.278289][  T696] usb usb4-port1: attempt power cycle
[  197.284194][ T9631] attempt to access beyond end of device
[  197.284194][ T9631] loop7: rw=2049, want=45104, limit=40427
[  197.368313][  T320] usb 9-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  197.377263][  T320] usb 9-1: New USB device strings: Mfr=1, Product=121, SerialNumber=1
[  197.398228][  T320] usb 9-1: Product: syz
[  197.402362][  T320] usb 9-1: Manufacturer: syz
[  197.406757][  T320] usb 9-1: SerialNumber: syz
[  197.422939][  T320] usb 9-1: config 0 descriptor??
[  197.569081][ T9857] EXT4-fs (loop7): Test dummy encryption mode enabled
[  197.577462][ T9857] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,noblock_validity,noinit_itable,barrier=0x0000000000000005,max_batch_time=0x0000000000000004,data_err=abort,,errors=continue
[  197.688239][  T696] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  197.698307][  T320] r8152 9-1:0.0: Unknown version 0x0000
[  197.713173][ T9861] FAT-fs (loop7): Directory bread(block 64) failed
[  197.719611][ T9861] FAT-fs (loop7): Directory bread(block 65) failed
[  197.725849][ T9861] FAT-fs (loop7): Directory bread(block 66) failed
[  197.732263][ T9861] FAT-fs (loop7): Directory bread(block 67) failed
[  197.738955][ T9861] FAT-fs (loop7): Directory bread(block 68) failed
[  197.745331][ T9861] FAT-fs (loop7): Directory bread(block 69) failed
[  197.751666][ T9861] FAT-fs (loop7): Directory bread(block 70) failed
[  197.758052][ T9861] FAT-fs (loop7): Directory bread(block 71) failed
[  197.764494][ T9861] FAT-fs (loop7): Directory bread(block 72) failed
[  197.770841][ T9861] FAT-fs (loop7): Directory bread(block 73) failed
[  197.858343][  T696] usb 4-1: device descriptor read/8, error -71
[  197.902716][  T320] usb 9-1: USB disconnect, device number 10
[  197.939723][ T9872] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  197.988917][ T9880] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  197.997685][ T9880] EXT4-fs (loop7): invalid journal inode
[  198.004276][ T9880] EXT4-fs (loop7): can't get journal size
[  198.011035][ T9880] EXT4-fs (loop7): 1 truncate cleaned up
[  198.016552][ T9880] EXT4-fs (loop7): mounted filesystem without journal. Opts: norecovery,,errors=continue
[  198.065379][   T24] kauditd_printk_skb: 51 callbacks suppressed
[  198.065392][   T24] audit: type=1400 audit(2000000335.165:6880): avc:  denied  { set_context_mgr } for  pid=9888 comm="syz.7.4045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  198.101657][    T5] ==================================================================
[  198.110172][    T5] BUG: KASAN: use-after-free in __list_del_entry_valid+0x2f/0x120
[  198.117797][    T5] Read of size 8 at addr ffff88812357d088 by task kworker/0:0/5
[  198.125253][    T5] 
[  198.127428][    T5] CPU: 0 PID: 5 Comm: kworker/0:0 Tainted: G        W         5.10.226-syzkaller-00184-g139a6bb26d9d #0
[  198.138355][    T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.148255][    T5] Workqueue: events binder_deferred_func
[  198.153713][    T5] Call Trace:
[  198.156846][    T5]  dump_stack_lvl+0x1e2/0x24b
[  198.161375][    T5]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  198.166650][    T5]  ? panic+0x812/0x812
[  198.170563][    T5]  print_address_description+0x81/0x3b0
[  198.176125][    T5]  ? ____kasan_slab_free+0x12c/0x160
[  198.181242][    T5]  kasan_report+0x179/0x1c0
[  198.185580][    T5]  ? __list_del_entry_valid+0x2f/0x120
[  198.191043][    T5]  ? __list_del_entry_valid+0x2f/0x120
[  198.196338][    T5]  __asan_report_load8_noabort+0x14/0x20
[  198.201794][    T5]  __list_del_entry_valid+0x2f/0x120
[  198.206910][    T5]  binder_release_work+0xcd/0x680
[  198.211771][    T5]  binder_deferred_func+0x1847/0x1bc0
[  198.216976][    T5]  ? read_word_at_a_time+0x12/0x20
[  198.221920][    T5]  process_one_work+0x6dc/0xbd0
[  198.226609][    T5]  worker_thread+0xaea/0x1510
[  198.231128][    T5]  kthread+0x34b/0x3d0
[  198.235026][    T5]  ? worker_clr_flags+0x180/0x180
[  198.239885][    T5]  ? kthread_blkcg+0xd0/0xd0
[  198.244314][    T5]  ret_from_fork+0x1f/0x30
[  198.248562][    T5] 
[  198.250727][    T5] Allocated by task 9889:
[  198.254902][    T5]  ____kasan_kmalloc+0xdb/0x110
[  198.259587][    T5]  __kasan_kmalloc+0x9/0x10
[  198.263924][    T5]  kmem_cache_alloc_trace+0x18a/0x2e0
[  198.269135][    T5]  binder_thread_write+0x9ce/0x6c70
[  198.274166][    T5]  binder_ioctl_write_read+0x216/0x6a80
[  198.279545][    T5]  binder_ioctl+0x314/0x1e00
[  198.283973][    T5]  __se_sys_ioctl+0x114/0x190
[  198.288488][    T5]  __x64_sys_ioctl+0x7b/0x90
[  198.292912][    T5]  do_syscall_64+0x34/0x70
[  198.297164][    T5]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  198.302897][    T5] 
[  198.305060][    T5] Freed by task 5:
[  198.308628][    T5]  kasan_set_track+0x4b/0x70
[  198.313048][    T5]  kasan_set_free_info+0x23/0x40
[  198.317821][    T5]  ____kasan_slab_free+0x121/0x160
[  198.322769][    T5]  __kasan_slab_free+0x11/0x20
[  198.327367][    T5]  slab_free_freelist_hook+0xc0/0x190
[  198.332575][    T5]  kfree+0xc3/0x270
[  198.336222][    T5]  binder_free_ref+0x128/0x260
[  198.340821][    T5]  binder_deferred_func+0x171c/0x1bc0
[  198.346028][    T5]  process_one_work+0x6dc/0xbd0
[  198.350712][    T5]  worker_thread+0xaea/0x1510
[  198.355228][    T5]  kthread+0x34b/0x3d0
[  198.359136][    T5]  ret_from_fork+0x1f/0x30
[  198.363381][    T5] 
[  198.365556][    T5] The buggy address belongs to the object at ffff88812357d080
[  198.365556][    T5]  which belongs to the cache kmalloc-64 of size 64
[  198.379273][    T5] The buggy address is located 8 bytes inside of
[  198.379273][    T5]  64-byte region [ffff88812357d080, ffff88812357d0c0)
[  198.392112][    T5] The buggy address belongs to the page:
[  198.397600][    T5] page:ffffea00048d5f40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12357d
[  198.407651][    T5] flags: 0x4000000000000200(slab)
[  198.412515][    T5] raw: 4000000000000200 ffffea00048d5f00 0000001400000014 ffff888100043800
[  198.420931][    T5] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[  198.429345][    T5] page dumped because: kasan: bad access detected
[  198.435604][    T5] page_owner tracks the page as allocated
[  198.441158][    T5] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 8466, ts 160890166885, free_ts 160232133244
[  198.457127][    T5]  prep_new_page+0x166/0x180
[  198.461547][    T5]  get_page_from_freelist+0x2d8c/0x2f30
[  198.466928][    T5]  __alloc_pages_nodemask+0x435/0xaf0
[  198.472137][    T5]  new_slab+0x80/0x400
[  198.476043][    T5]  ___slab_alloc+0x302/0x4b0
[  198.480467][    T5]  __slab_alloc+0x63/0xa0
[  198.484633][    T5]  __kmalloc+0x204/0x330
[  198.488718][    T5]  kvmalloc_node+0x82/0x130
[  198.493052][    T5]  f2fs_build_node_manager+0xf05/0x2120
[  198.498437][    T5]  f2fs_fill_super+0x60ff/0x7e30
[  198.503207][    T5]  mount_bdev+0x262/0x370
[  198.507373][    T5]  f2fs_mount+0x34/0x40
[  198.511458][    T5]  legacy_get_tree+0xf1/0x190
[  198.515966][    T5]  vfs_get_tree+0x88/0x290
[  198.520220][    T5]  do_new_mount+0x2ba/0xb30
[  198.524557][    T5]  path_mount+0x56f/0xcb0
[  198.528719][    T5] page last free stack trace:
[  198.533238][    T5]  free_unref_page_prepare+0x2ae/0x2d0
[  198.538533][    T5]  free_unref_page_list+0x122/0xb20
[  198.543581][    T5]  release_pages+0xea0/0xef0
[  198.547993][    T5]  free_pages_and_swap_cache+0x8a/0xa0
[  198.553288][    T5]  tlb_finish_mmu+0x177/0x320
[  198.557796][    T5]  unmap_region+0x31c/0x370
[  198.562140][    T5]  __do_munmap+0x699/0x8c0
[  198.566405][    T5]  __se_sys_munmap+0x120/0x1a0
[  198.571008][    T5]  __x64_sys_munmap+0x5b/0x70
[  198.575505][    T5]  do_syscall_64+0x34/0x70
[  198.579761][    T5]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  198.585483][    T5] 
[  198.587791][    T5] Memory state around the buggy address:
[  198.593266][    T5]  ffff88812357cf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  198.601153][    T5]  ffff88812357d000: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  198.609059][    T5] >ffff88812357d080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  198.616952][    T5]                       ^
[  198.621116][    T5]  ffff88812357d100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  198.629014][    T5]  ffff88812357d180: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  198.636924][    T5] ==================================================================
[  198.644894][    T5] Disabling lock debugging due to kernel taint
[  198.651162][    T5] general protection fault, probably for non-canonical address 0xf86bfc53e0000000: 0000 [#1] PREEMPT SMP KASAN
[  198.659500][ T9896] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4050'.
[  198.662682][    T5] KASAN: maybe wild-memory-access in range [0xc360029f00000000-0xc360029f00000007]
[  198.662697][    T5] CPU: 0 PID: 5 Comm: kworker/0:0 Tainted: G    B   W         5.10.226-syzkaller-00184-g139a6bb26d9d #0
[  198.662712][    T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.701313][    T5] Workqueue: events binder_deferred_func
[  198.706770][    T5] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  198.712671][    T5] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 1c 97 51 ff 49 8b 17 4c 39 f2 75
[  198.732109][    T5] RSP: 0018:ffffc90000057c20 EFLAGS: 00010a07
[  198.738011][    T5] RAX: 186c0053e0000000 RBX: ffff88810858b800 RCX: ffffffff8256bf49
[  198.745821][    T5] RDX: dead000000000122 RSI: 0000000000000286 RDI: ffff88812357d080
[  198.753632][    T5] RBP: ffffc90000057c40 R08: ffffffff813e2a7b R09: 0000000000000003
[  198.761444][    T5] R10: fffffbfff0e10e48 R11: dffffc0000000001 R12: dffffc0000000000
[  198.769256][    T5] R13: ffff88812357d080 R14: ffff88812357d080 R15: c360029f00000005
[  198.777067][    T5] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  198.785831][    T5] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.792254][    T5] CR2: 00007f86a631b958 CR3: 000000010d23e000 CR4: 00000000003506b0
[  198.800158][    T5] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  198.807965][    T5] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  198.815771][    T5] Call Trace:
[  198.818911][    T5]  ? __die_body+0x62/0xb0
[  198.823067][    T5]  ? die_addr+0x9f/0xd0
[  198.827061][    T5]  ? exc_general_protection+0x3ff/0x490
[  198.832445][    T5]  ? check_panic_on_warn+0x65/0xb0
[  198.837387][    T5]  ? asm_exc_general_protection+0x1e/0x30
[  198.842943][    T5]  ? check_panic_on_warn+0x5b/0xb0
[  198.847890][    T5]  ? __list_del_entry_valid+0x49/0x120
[  198.853189][    T5]  ? __list_del_entry_valid+0x75/0x120
[  198.858480][    T5]  binder_release_work+0xcd/0x680
[  198.863340][    T5]  binder_deferred_func+0x1847/0x1bc0
[  198.868547][    T5]  ? read_word_at_a_time+0x12/0x20
[  198.873494][    T5]  process_one_work+0x6dc/0xbd0
[  198.878201][    T5]  worker_thread+0xaea/0x1510
[  198.882696][    T5]  kthread+0x34b/0x3d0
[  198.886602][    T5]  ? worker_clr_flags+0x180/0x180
[  198.891460][    T5]  ? kthread_blkcg+0xd0/0xd0
[  198.895889][    T5]  ret_from_fork+0x1f/0x30
[  198.900135][    T5] Modules linked in:
[  198.904002][    T5] ---[ end trace dcbf7bc3c24ebf10 ]---
[  198.909548][    T5] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  198.915430][    T5] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 1c 97 51 ff 49 8b 17 4c 39 f2 75
[  198.934914][    T5] RSP: 0018:ffffc90000057c20 EFLAGS: 00010a07
[  198.940799][    T5] RAX: 186c0053e0000000 RBX: ffff88810858b800 RCX: ffffffff8256bf49
[  198.948601][    T5] RDX: dead000000000122 RSI: 0000000000000286 RDI: ffff88812357d080
[  198.956392][    T5] RBP: ffffc90000057c40 R08: ffffffff813e2a7b R09: 0000000000000003
[  198.964227][    T5] R10: fffffbfff0e10e48 R11: dffffc0000000001 R12: dffffc0000000000
[  198.972035][    T5] R13: ffff88812357d080 R14: ffff88812357d080 R15: c360029f00000005
[  198.979851][    T5] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  198.988649][    T5] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.995027][    T5] CR2: 00007f86a631b958 CR3: 000000010d23e000 CR4: 00000000003526b0
[  199.002898][    T5] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  199.010651][    T5] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  199.018530][    T5] Kernel panic - not syncing: Fatal exception
[  199.024576][    T5] Kernel Offset: disabled
[  199.028699][    T5] Rebooting in 86400 seconds..