last executing test programs:

4.972317493s ago: executing program 1 (id=907):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={0x0, 0xf0}}, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x2, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x90}}, 0x0)
r1 = open(&(0x7f00000002c0)='./bus\x00', 0x1c1042, 0x0)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x8)
pwrite64(r1, &(0x7f0000000200)="d3", 0x1, 0x4010040bffe)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fefdffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000000404000001000000b70500002a0000006a0a00fe00000000850000000b000000b70000005920000095000000000000006c8f5d76781dcb7729f41726a067818b990b13bfdd5db1b7ef826f015cd03018d546fa9b6827767c171a4f0720596bb3b4d821d976f5843061cc2e3afbae82d7932d4f91f718f0e56315040148e11bac31821236192321fa3b3042"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r4 = socket(0x1, 0x3, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, &(0x7f0000000cc0)=0x1, 0x4)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r4, &(0x7f0000003780)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000001f00)=""/169, 0x40000}], 0x1}, 0x0)
sendmmsg$unix(r4, &(0x7f0000002100)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000300)="d6", 0x33fe0}], 0x1}}], 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x34, &(0x7f0000000380)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xe5, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x19, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000000000000000000018120200", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b70800007f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180000000000000000000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffff96)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r6}, 0x10)
syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_4={0x3, 0x1, 0x0, "f7940ef7"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_012={0x2, 0x1, 0x1, "b8ef"}, @local=@item_012={0x2, 0x2, 0x0, "1a70"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r3, 0x81, 0x1, &(0x7f0000000000)='B')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0)

4.911015948s ago: executing program 2 (id=908):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0)
r6 = getpid()
process_vm_readv(r6, 0x0, 0x0, &(0x7f0000008640), 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r7 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, 0x0, 0x0)
add_key(&(0x7f00000002c0)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x4c, &(0x7f0000000100)={[{@dioread_nolock}, {@user_xattr}, {@quota}, {@noinit_itable}, {@stripe={'stripe', 0x3d, 0x5}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7ff}}, {@errors_remount}, {@delalloc}, {@min_batch_time={'min_batch_time', 0x3d, 0x7fffffff}}, {@noblock_validity}, {@errors_continue}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0xee, 0x43a, &(0x7f00000008c0)="$eJzs289vFFUcAPDvzLag/GpFREHQKhobf7S0oHLwotHEgyYmesBjbQtBFmpoTYQ0Wo3BoyHxbjya+Bd40otRTyZe9W5IiDYmoKea2Z0pu0u39Mcui8znkwy8t/N23/vum7fz9r1uAKU1lP2TROyIiN8iYqCebS4wVP/v2uL85D+L85NJLC29+WdSK3d1cX6yKFo8b3ueGU4j0k+TvJJms+cvnJ6oVqfP5fnRuTPvjc6ev/DMqTMTJ6dPTp8dP3bs6JGx558bf7YjcWZxXd3/4cyBfa++fen1yeOX3vnpm6y9ew/WzzfG0SlDWeB/LdW0nnu805X12M6GdNLXw4awLpWIyLqrvzb+B6IS1ztvIF75pKeNA7oquzdtbX96YQm4gyXR6xYAvVHc6LPvv8Vxi6Yet4UrL9a/AGVxX8uP+pm+SPMy/V2sfygiji/8+2V2RJfWIQAAGn2XzX+eXmn+l8behnK78j2UwYi4JyJ2R8S9EbEnIu6LqJW9PyIeWGf9rVtDN85/0ssbCmyNsvnfC/neVvP8r5j9xWAlz+2sxd+fnDhVnT6cvyfD0b81y4+tUsf3L//6ebtzjfO/7MjqL+aCeTsu97Us0E1NzE10alJ65eOI/X0rxZ8s7wQkEbEvIvav76V3FYlTT359oF2hm8e/ig7sMy19FfFEvf8XoiX+QrL6/uToXVGdPjxaXBU3+vmXi2+0q39T8XdA1v/bmq//lhIDfyeN+7Wz66/j4u+ftf1Os9Hrf0vyVm3Pekv+2AcTc3PnxiK2JK/V8k2Pj19/bpEvymfxDx9aefzvzp+Txf9gRGQX8cGIeCgiHs7b/khEPBoRh1aJ/8eXHnt34/F3Vxb/1Iqff8vX/2Bz/68/UTn9w7ft6l9b/x+tpYbzR2qffzex1gZu5r0DAACA/4s0InZEko4sp9N0ZKT+N/x7YltanZmde+rEzPtnp+q/ERiM/rRY6RpoWA8dSxbyV6znx/O14uL8kXzd+IvK3bX8yORMdarHsUPZbW8z/jN/VHrdOqDr/F4Lyqt1/Kc9agdw67n/Q3kZ/1Bexj+U10rj/6OWvL0AuDO5/0N5Gf9QXsY/lJfxD6W0md/1S5Q5Eelt0QyJLiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGf8FAAD//yWS7pw=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000400)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3e, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x5}, [{}]}, 0x78)
close(r8)

4.499573532s ago: executing program 0 (id=910):
r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c00990000000200000000000800a0"], 0x48}}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYRES32=r0], 0x0)
capset(&(0x7f0000000080)={0x20071026}, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000080)='\x00', 0x1}])
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

4.000592442s ago: executing program 2 (id=913):
r0 = gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2) (fail_nth: 3)

3.824232317s ago: executing program 2 (id=914):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', <r1=>0x0, 0x1, 0x10, 0x80000001, 0x0, {{0x1b, 0x4, 0x0, 0x38, 0x6c, 0x66, 0x0, 0x7, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0xc, 0x5a, 0x3, 0x3, [{@dev={0xac, 0x14, 0x14, 0x38}, 0x3}]}, @timestamp_addr={0x44, 0x4c, 0x30, 0x1, 0x1, [{@loopback, 0x2}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0x740}, {@rand_addr=0x64010100, 0x200}, {@loopback, 0xd9c}, {@local, 0xfffffff9}, {@empty, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@remote, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}]}]}}}}})
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000140)={0x0, 0x0, 0xa, r1, 0x6}, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000690000000000000100000094"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000400000000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001400)={0x0, 0xfe, &(0x7f00000002c0)={&(0x7f0000000240)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000012c0)=@newqdisc={0x58, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{}, {}, 0x0, 0x0, 0x40}}]}}]}, 0x58}}, 0x0)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x29, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f00000008c0)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00220a0000007706000000"], 0x0}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3)

3.823574627s ago: executing program 0 (id=915):
r0 = io_uring_setup(0x30d5, &(0x7f00000001c0))
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$inet6(0xa, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, 0x1c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x4, 0xad, &(0x7f00000003c0)=""/173}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
setsockopt(0xffffffffffffffff, 0xff, 0x0, &(0x7f0000000900)="7c73c6e9", 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = syz_open_dev$usbmon(&(0x7f0000007040), 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
ioctl$MON_IOCX_MFETCH(r2, 0x4b47, &(0x7f00000070c0)={0x0, 0x0, 0x80})
creat(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

3.754587762s ago: executing program 0 (id=917):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x800, &(0x7f0000000840)=ANY=[], 0x1, 0x36e, &(0x7f0000000880)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="2598ccde00000000b70800004e9d00007b8af8ff00000000bfa20000fbff000007020000f8fffffdb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000187b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e8500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x541c, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_bytes\x00', 0x100002, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x900}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.496527614s ago: executing program 3 (id=921):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f0000000140), 0x0, 0x4c9, &(0x7f0000001a40)="$eJzs3FtrHFUcAPD/bC5tbGtivfaijVYxeEma9Prgi6LQF0FQpD6uSVpq01aaCG0JNopU8EHpJ/DyIAh+AvHFF1GfFF8VX0Uokpe2PsjI7M6mm+5ukm022dj9/WDbc2bOzDn/OTO7M+cwCaBjDWb/JBFbI+K3iOgvZxcXGCz/d31+dvzG/Ox4Emn66t9Jqdy1+dnxStHKdlvyzFAhovBBErvq1Dt94eKp4tTU5Lk8PzJz+u2R6QsXnz15unhi8sTkmbEjRw7s7zt8aOxgS+LM2nRt57tnd+84+saVl8ePXXnzx6+z9qb5+uo4ygaarKGrZslgDC4+llWeaHLvG922qnTS3caG0JTsrM26q6d0/fdHV9zsvP546f22Ng5YU2mapptqli78ls2l1ZKkvAFwh0hc0tChKj/01+azJ9XZ8drn4Dvb1eej9ASUxX09/5TXdEche4YfKD8b9axR/fdFxLG5fz7NPlF3HAIAoNW6I54p33dUPuXlhXigqtTd+dzQQETcExHbI+Le/P7l/ohS2Qcj4qGqbbI7ytqxpcUGb8nX3v/80req8JaR3f89l89tLb7/K1SKDHTluW2l+HuS4yenJvflx2QoejZl+dHaXX9bSXz34q+fNKp/sOr+L/tk9VfuBfN2/NV9y0GcKM4UVxt3xdX3SkN6l2rjTxZmArJ+3BERO29j/9kxO/nUV7sbrV8+/o8b77wF80zp5xFPlvt/Lm6JP9Obp+rPT44ePjR2cGRzTE3uG6mcFbV++vnyK3my5jFi+fjXVtb/d9U9/xdmLgeS6vna6ebruPz7hw2faW73/O9NXiule/Nl54szM+dGI3qTudrlYze3PV/sW1Q+i39ob/3rf3vEv5/l2+2KiOwkfjgiHomIPXnbH42IxyJi7xLx//DC4281eoTcCP0/0VT/N5/oOvX9NzUVfzS4wviz/j9QSg3lSyaKM5uXCKl0nFfawJYcRAAAANjg9kTE1kgKw/kY59YoFIaHI7YsjKBMzzx9/Ow7ZybK7wgMRE+hMtLVXzUeOpqPDWf5bKuxqny2fn9p3DhN07SvlB8ePzu1rb2hQ8fb0uD6z/xZ+0oLcKdpah6t0RttwP/S7c+jpy1tB7D+vK8NnavR9T+3zu0A1t+Kf//X6i04oG3qXf+XIq63oSnAOqt3/b/ehnYA68/4H3Qu1z90rCtf3vANAB1oNe/1L5XYfnSJMkn32lTaOFGIpf8KwEBEczv8oxDRmhZ2tTTSvhX06eZoRV1RWLZMdxN/iGF9E4UN0Izs6JQSmyqJxmfvwsl2qZK4uNYtLH09fNHu7ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDV+i8AAP//R4vb+Q==")
r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$packet(0x11, 0x0, 0x300)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0x0, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7fffffff, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x3}, 0x48)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000180), &(0x7f00000001c0)={0x0, 0xfb, 0x10e, 0x0, 0x9, "30095d821c8e1ec346ec22391b5b2f66", "dc7266f4ab56712def04ce656b26e7a207b00258133ac4838f4e33280ea310d7f1130294d420033eaa33ccb151396e3d773eb595a2da9c8a263d9ce9125b204f796b1d52f3734ae15616313a330de3a61de46101319b66bb4528e882b82a862cd4a93c31fce130454483d1721709934615396674b3ebf59793b0b620d4f4e70f0bab951b14dde31b9f0f43be1e798b352c0f3fdd660d73bc3aba46ad42b7ca2c6358b7aba853f56c8b5d3c0547b3b19e605d95b78b7bac65fab59696cf60f35d5386cbfb2b4e2549a5dea0006a6934cfc2b03c7a04f379fca86a4b1d6db5ecc257e71fed5760ca96ad60fe2dbb8cf2a5e05a67307f7b4260fd"}, 0x10e, 0x0)

2.884442304s ago: executing program 0 (id=924):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000600)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0) (fail_nth: 6)

2.660058362s ago: executing program 4 (id=925):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000580)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007\x00\x00\x00\x00=', @ANYRESHEX, @ANYBLOB="2c646d61736b3d30303030303030303030303030303030303030303135322c696f636861727365743d69736f383835392d312c6769643d2e3c6ed4a8ef60448e7648b551ff627d8d20ccce91ad98c189e7aa48d53bb8cebc2fda12085cacd87f0629776139de150c92e067a6ac6428e218", @ANYRESHEX, @ANYRES32=0x0, @ANYRESOCT, @ANYBLOB="0a5064dcbb983304ffc9721bca5c2842b0e33e7c8c006625f49a6ba33f03f8d4fcc955734bcd3687a7df4485f28b63072ded049625786711908c94c1a74006f641ca41f8b62ecdc9f9972249329142002d3ceb3bbe41e01ce72f492d37cf71422e7a62bb1b6091e4bff8d121d1f1054a6c59ebb28dd304bdd46b547d0ad8adb4806ec122add845b75a5d9d765b0be0a73c25dae34b4a618fb17ae8a02276a5463109add6b846ad9325"], 0xff, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020006c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000027f0588f850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000007c2300000300000095000000000000003918d4459ff45608e054eff2037403ebc755606c3e58a134a2267fbe8de095fb2358c897f95d6696481a440f0f729926986c1ac27527307562c71b36c544b8be1fdb1016fc5d71b9de8c6a28684b7ef4d8d56741ede59c2106b5cbdbe3dc4a9bf75bafe9b95d8769a0b0e1366b3b293191c8bf7259ce"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="6d809833b0f66f9b31d1091827261500000065ffff03000000080039503230d03204aeef9e41321cd964ed85cee6b5f0ca8b7ad09de5518b0b61e1adbad0248b6ab6ef88"], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000200)={<r6=>0xffffffffffffffff, 0x9, 0x9, 0x1})
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, r6}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00'}, 0x10)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014001100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2}, 0x48) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r9, <r10=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r10, 0x0, 0x0}, 0x20) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r10, 0x0, 0x0}, 0x20)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)

2.656594312s ago: executing program 0 (id=926):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000680)={0x0, 0x1b0}}, 0x4004044)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='ext4_request_blocks\x00', r4}, 0x10)
write$binfmt_script(r1, &(0x7f0000000380), 0x208e24b)

2.504913445s ago: executing program 4 (id=927):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000680)={0x0, 0x1b0}}, 0x4004044)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='ext4_request_blocks\x00', r4}, 0x10)
write$binfmt_script(r1, &(0x7f0000000380), 0x208e24b)

2.504456125s ago: executing program 3 (id=928):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@llu, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000e00)='percpu_alloc_percpu\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000959800001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x468, 0xc, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x0, 0x0, [{}, {0x16}]}}, @common=@ttl={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4c8)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.44548624s ago: executing program 4 (id=929):
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000140)={[{@test_dummy_encryption}, {@test_dummy_encryption}, {@grpid}, {@minixdf}, {@errors_remount}, {@quota}]}, 0x3, 0x455, &(0x7f0000000f00)="$eJzs3MtvG0UYAPBv10n6pDGlPPoAAgUR8UiatEAPXEAgcQAJCQ7lGJK0KnUb1ASJVhUYhMoRVeKOOCLxF3CCCwJOSFzhjipVqJcWTkZr7yaOY6dxmsSl/v2kTWZ2Zz3zeXfs2Z1sAuhbI9mPJGJ3RPwREcON7PICI41fN69fmv7n+qXtEVF7+++kXu7G9UvTRdFiv115ZjSNSD9P4mCbeucvXDwzVanMns/z4wtnPxifv3DxudNnp07Nnpo9N3n8+LGjEy++MPn8in0vD3cfZ7bLjQMfzx3a//q7V96cPnHlvV++S4r4W+Jor9xtlSOrbXyyVuv29e5o9zSlk4EeNoSulCIiO1yD9f4/HKVYOnjD8dpnPW0csKlquQ6bqzXgLpZEr1sA9EbxRZ9d/xbL1o0+eu/ay40LoCzum/nS2DIQaV5msOX6diONRMSJ6r9fZ0us6T4EAMDt+SEb/zzbbvyXxgNN5fbkcyjliLg3IvZGxH0RsS8i7o+ol30wIh7qsv7WSZKV45/06roCW6Ns/PdSPre1fPyXRrWRKJfqucYYsByDycnTldkj+XsyGoPbsvzEKnX8+OrvX3ba1jz+y5as/mIsmLfj6sC25fvMTC1M3V7US659GnFgoF38yeJMQBIR+yPiwDrrOP30t4c6bRuJ6i3i72RjJplq30Q81Tj+1WiJv5CsPj85vj0qs0fGi7NipV9/u/xWp/pvffw3V3b8d7Y9/xfjLyfN87Xz3ddx+c8vOl7TrPf8H0reqaeH8nUfTS0snJ+IGEreaDS6ef3k0r5FviifxT96uH3/3xtL78TBiMhO4ocj4pGIeDRv+2MR8XhEHF4l/p9feeL99ce/ubL4Z7o6/kuJoWhd0z5ROvPT98sqLXcTf3b8j9VTo/matXz+raVd6zubAQAA4P8njYjdkaRji+k0HRtr/A3/vtiZVubmF545OffhuZnGMwLlGEyLO13DTfdDJxYv6xv5yTxfbD+a3zf+qrSjnh+bnqvM9Dp46HO7OvT/zF+ltrts29oWApvK81rQv/R/6F/6P/Qv/R/6V5v+v6MX7QC2Xrvv/0960A5g67X0//bTfsBdyfU/9C/9H/qX/g99aX5HrPqQfFT31Mut7Ul/iTsqEbERr1P8I4iWTZH2PkCJzUv09GMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw/wXAAD//7Jx47M=")
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x3ff, 0x0, 0x0, 0xffff, 0x0, "ec28a144f13d7607"})
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
lstat(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0xfffffc}, 0x10)
write(r2, &(0x7f0000000240)="240000001a005f0214f9f407000901000a000000034000030000000008001d0001000000", 0x24)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
fspick(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000001840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)

2.362457807s ago: executing program 1 (id=930):
r0 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000080)={'nicvf0\x00', 0x400})
ioctl$TUNSETTXFILTER(r0, 0x401054d5, &(0x7f0000000300)=ANY=[])
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x9, &(0x7f0000002340)=ANY=[@ANYBLOB="850000009e000000720a00ff0000000018150000", @ANYRES32, @ANYBLOB="0000000000000000950000000000000018100000", @ANYRESHEX=r0, @ANYRES64=r0], &(0x7f0000000140)='GPL\x00', 0x2, 0x9c, &(0x7f00000023c0)=""/156, 0x0, 0x20}, 0x90)
r1 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102})
r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fchdir(r2)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000140)='.\x00', 0x40000022)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r9, &(0x7f0000000200)={0x2020}, 0x202e)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002500)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960207142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe8023c889fd4cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337bc5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35db96c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae374bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986156666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c5966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0c4367ef4124bfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de589020000dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161520b7e7d37b581a0f51fe26167e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800af3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09229dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a411347051460326f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9c5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba33770ce3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fed612ec4ab493040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd73861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e3956ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f24600000000a80455f324746048ea24c0df0375e2cf333fa90a51cb4cc307e208a93d56368c920c239d0b3a21136d20d4c3ac328254adc96753ab34c4e31b500f71a49a75d9d598035765a72278bc823f63f770ee055e35c367be5301fcaf733e0caad10e0e1eb103b4783243c299729b4c9e26a4a6e0f2e1170e07c63fb58bcc8e145d9d9e54291361cd906ad379fa99b345a3002a2769af372eeadb9c8ebfd4402866f278781cc0d71ecbfcb16b0dfab8043f39b44cf8cc98266141918f7051437f3e42a8a71c1236e255775751acb5ae60cc65e087bc057ea049bde4cf90c9b7ce25e3055e41fbf5a60257ab81d75aae3b4671874324ac7121faf3e74cb931ec028916f5029ea7dae6e16e30c45fe0f2944dda09945f47fead67c52369087ebb44b7ec406707f21770eb4c154a19b8459739346697cc0a12fa78a7d7d21759579476f9351a699d946750963c36c7bfb9a4cd55d042290547425547e857740786e19d615b5e24f57dd00e4332ea2b6e4b1e567e253f7c8c6d4bd5181f1a1aae89e5777a88f57251bd641a4a60a7ebbb3a10d33aca568b64be5ef9aa20c96c7bf2ce3dbef6e27f829c76daf6d5029ede76a5d88c9e7151e8031767d4de0090a244bf3d8446192fff4f1ad3fecfb788f1e80db620267907ea9f3d54d03e4ed9c0f83b256b5d2afa7ae74de35464dafa37cff21fb9850585f207ab40167bc1d97d30b99db63dd2eceff8872dc4da887e9c76a3d100b921006f6f313723f35ff839e1741b350e68605f2e855a7ae4078a2a9696eae908cd389a985da82ffc780fe99d13afa7a00ab0ef1d8ae06f"], &(0x7f0000000140)='GPL\x00'}, 0x90)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)

1.809300522s ago: executing program 0 (id=931):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000404355420000000000000109022400c22d00000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00E'], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000070000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000b80)={0x14, &(0x7f0000000a40)={0x40, 0x24, 0x100, {0x100, 0x7, "ea9c737246003b201bd6a3765af30e373b62653b83fca9d004db2a45601c47b3853e58df2a512f7360716c319310ed79066190a4e7593fa0ddc0cdb974bb411db7c6db3d332e13a27952be46e3b5c3bbaec9f3d1b585d92450a52136b7a2636a581924d2cdc05b643f9f98c88bfa60f86ea5267781b2ba3a1ec5da4929af01b90abacab4afe6f88ef15c677483bd6a621bf9e350bf29045580b4d0803e723e0fc23f2f7fcb136f8754c2b820742aa84a5ecc6c4f99b7e2c360349518f921c3ff3b9b444dfb895a3496e4565e4de62d7b19a36be6ef6a3c252de9bf2a769efc735f850e9f2715aeafb9bf1be863d972528b9cf4bb23d35e7507b126a8ba8e"}}, &(0x7f0000000980)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000d00)={0x1c, &(0x7f00000003c0)=ANY=[@ANYBLOB="0030ba000000dc9024f67510a0a4d3674bfb7f19f35b9d254bacbc3d0aaf2c98ba343ab39bcef0e6f27099a3ab8233d3e75fce799a4c1ebc6b905c452a18c45fe51d53b2d0c66b7e36dc691849b881f78bca3b9955f4126b368d4ed92d8c449c9b2c9c2b7611417e7825fdae74bf6db391237e1352d7010089d1463670bd693a33f3173fed408f2b88802868a81647183463ed6a10b254eadb6bb7f4f4e5bdcedd91bfe9135ad14c59ffd7c29f7879a57349a03ba6b2cad06c97ae716f4e8fbad06579138a94b36b11646d73b60c308cbf3614097ba8f3afb9ee489ec604ecca23ce674467c6eb6179519cc6bcab23cea136902b568c94c5c892169e6200000000000000000000000080effe49770979e94252a141804b093a53cbc4740fb06114b03ec9199ecfd588a88bf7756b28e5d03d4e4439b17e72fd85eeed2edbea990177fca5309668df5d52b557d1a4b8e3df216acff0a85566925d20e0f101c47e9c8574e27ce914df4b913e"], &(0x7f0000000c80)={0x0, 0xa, 0x1, 0x30}, &(0x7f0000000cc0)={0x0, 0x8, 0x1, 0x5}})
listen(r6, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000002100000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de000000000000001418010000202015cb00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
accept$nfc_llcp(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)

1.596571919s ago: executing program 3 (id=932):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000600)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x7b)

1.596116439s ago: executing program 3 (id=933):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
dup(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000100))
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

1.516162766s ago: executing program 4 (id=934):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'ip6gre0\x00', 0x0})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
recvmmsg(r6, &(0x7f0000004940), 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000005b00)=ANY=[@ANYBLOB="757466383d312c73686f72746e61697865642c636f6465706167653d3828395b672fd42c73686f72746e616d653d77696e6e742c7574663c302c756e695f786c6174653d302c6e6f636173652c636f6465706167653d3132393d5857c22d35352c73686f72746e616d653d77696e79352c696f636861727365743d630008000000000000756d7461696c3d302c757466383d302c646973636172642c73686f72746e616d653d6c6f7765722c756e695f2c6c617465"], 0x3, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 3)

1.416429444s ago: executing program 2 (id=935):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000220000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1a, 0xc, &(0x7f0000000180)=ANY=[@ANYRES64=r1], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$packet(0x11, 0x3, 0x300) (async)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
close(r9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) (async)
write$binfmt_misc(r8, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r7, 0x0, r9, 0x0, 0x4ffe2, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r11=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x20, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}]}, 0x20}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'pim6reg1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00'}) (async)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000600), 0xffffffffffffffff) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000800)={'syz_tun\x00', <r15=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="01000000", @ANYRES16=r13, @ANYBLOB="01000000000000000000030000000c00018008000100", @ANYRES32=r15, @ANYBLOB], 0x20}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'geneve0\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x2f, 0x4, 0x51, 0x5, 0xffb80f382ea73488, @loopback, @mcast1, 0x8000, 0x20, 0x4, 0x3}}) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000400)={'ip6gre0\x00', &(0x7f00000004c0)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x9, 0x1c, 0x74, @private2={0xfc, 0x2, '\x00', 0x1}, @local, 0x0, 0x1, 0xcd8, 0x5}})

1.401280015s ago: executing program 3 (id=936):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), r4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r3, 0x40082102, &(0x7f0000000040)=r5)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x2})
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008302"])
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1400000000000000005e680d09"], 0x38}, 0x0)

1.249958647s ago: executing program 1 (id=937):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'ip6gre0\x00', 0x0})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
recvmmsg(r6, &(0x7f0000004940), 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000005b00)=ANY=[@ANYBLOB="757466383d312c73686f72746e61697865642c636f6465706167653d3828395b672fd42c73686f72746e616d653d77696e6e742c7574663c302c756e695f786c6174653d302c6e6f636173652c636f6465706167653d3132393d5857c22d35352c73686f72746e616d653d77696e79352c696f636861727365743d630008000000000000756d7461696c3d302c757466383d302c646973636172642c73686f72746e616d653d6c6f7765722c756e695f2c6c617465"], 0x3, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$overlay(0x11, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

975.42155ms ago: executing program 2 (id=938):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f0000000140), 0x0, 0x4c9, &(0x7f0000001a40)="$eJzs3FtrHFUcAPD/bC5tbGtivfaijVYxeEma9Prgi6LQF0FQpD6uSVpq01aaCG0JNopU8EHpJ/DyIAh+AvHFF1GfFF8VX0Uokpe2PsjI7M6mm+5ukm022dj9/WDbc2bOzDn/OTO7M+cwCaBjDWb/JBFbI+K3iOgvZxcXGCz/d31+dvzG/Ox4Emn66t9Jqdy1+dnxStHKdlvyzFAhovBBErvq1Dt94eKp4tTU5Lk8PzJz+u2R6QsXnz15unhi8sTkmbEjRw7s7zt8aOxgS+LM2nRt57tnd+84+saVl8ePXXnzx6+z9qb5+uo4ygaarKGrZslgDC4+llWeaHLvG922qnTS3caG0JTsrM26q6d0/fdHV9zsvP546f22Ng5YU2mapptqli78ls2l1ZKkvAFwh0hc0tChKj/01+azJ9XZ8drn4Dvb1eej9ASUxX09/5TXdEche4YfKD8b9axR/fdFxLG5fz7NPlF3HAIAoNW6I54p33dUPuXlhXigqtTd+dzQQETcExHbI+Le/P7l/ohS2Qcj4qGqbbI7ytqxpcUGb8nX3v/80req8JaR3f89l89tLb7/K1SKDHTluW2l+HuS4yenJvflx2QoejZl+dHaXX9bSXz34q+fNKp/sOr+L/tk9VfuBfN2/NV9y0GcKM4UVxt3xdX3SkN6l2rjTxZmArJ+3BERO29j/9kxO/nUV7sbrV8+/o8b77wF80zp5xFPlvt/Lm6JP9Obp+rPT44ePjR2cGRzTE3uG6mcFbV++vnyK3my5jFi+fjXVtb/d9U9/xdmLgeS6vna6ebruPz7hw2faW73/O9NXiule/Nl54szM+dGI3qTudrlYze3PV/sW1Q+i39ob/3rf3vEv5/l2+2KiOwkfjgiHomIPXnbH42IxyJi7xLx//DC4281eoTcCP0/0VT/N5/oOvX9NzUVfzS4wviz/j9QSg3lSyaKM5uXCKl0nFfawJYcRAAAANjg9kTE1kgKw/kY59YoFIaHI7YsjKBMzzx9/Ow7ZybK7wgMRE+hMtLVXzUeOpqPDWf5bKuxqny2fn9p3DhN07SvlB8ePzu1rb2hQ8fb0uD6z/xZ+0oLcKdpah6t0RttwP/S7c+jpy1tB7D+vK8NnavR9T+3zu0A1t+Kf//X6i04oG3qXf+XIq63oSnAOqt3/b/ehnYA68/4H3Qu1z90rCtf3vANAB1oNe/1L5XYfnSJMkn32lTaOFGIpf8KwEBEczv8oxDRmhZ2tTTSvhX06eZoRV1RWLZMdxN/iGF9E4UN0Izs6JQSmyqJxmfvwsl2qZK4uNYtLH09fNHu7ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDV+i8AAP//R4vb+Q==")
r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$packet(0x11, 0x0, 0x300)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0x0, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x7fffffff, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x3}, 0x48)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000180), &(0x7f00000001c0)={0x0, 0xfb, 0x10e, 0x0, 0x9, "30095d821c8e1ec346ec22391b5b2f66", "dc7266f4ab56712def04ce656b26e7a207b00258133ac4838f4e33280ea310d7f1130294d420033eaa33ccb151396e3d773eb595a2da9c8a263d9ce9125b204f796b1d52f3734ae15616313a330de3a61de46101319b66bb4528e882b82a862cd4a93c31fce130454483d1721709934615396674b3ebf59793b0b620d4f4e70f0bab951b14dde31b9f0f43be1e798b352c0f3fdd660d73bc3aba46ad42b7ca2c6358b7aba853f56c8b5d3c0547b3b19e605d95b78b7bac65fab59696cf60f35d5386cbfb2b4e2549a5dea0006a6934cfc2b03c7a04f379fca86a4b1d6db5ecc257e71fed5760ca96ad60fe2dbb8cf2a5e05a67307f7b4260fd"}, 0x10e, 0x0)

891.171487ms ago: executing program 3 (id=939):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978c3906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="b8"], 0xb8)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2db4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xb, "57ea5909"}]}}, 0x0}, 0x0)

392.483458ms ago: executing program 4 (id=940):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000680)={0x0, 0x1b0}}, 0x4004044)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='ext4_request_blocks\x00', r4}, 0x10)
write$binfmt_script(r1, &(0x7f0000000380), 0x208e24b)

392.123618ms ago: executing program 1 (id=941):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xc, 0x1000, 0x5, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7fffffff, 0x32, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7bffffff}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = open(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20004850)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sched_setscheduler(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newqdisc={0x110, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0x577}, @TCA_TBF_BURST={0x8, 0x6, 0x40000000}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0xe0a2ff6baa7cc2d2}, {0x1, 0x2, 0x2, 0x0, 0x0, 0x100}, 0xfffffffe, 0x0, 0x1ac4}}]}}, @TCA_STAB={0xa8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x2, 0xfffe, 0x28, 0x2, 0x0, 0x3}}, {0x4}}, {{0x1c, 0x1, {0x1, 0x0, 0x6a, 0x5, 0x0, 0x748, 0x6, 0x9}}, {0x16, 0x2, [0x4, 0x1, 0x6, 0xfffa, 0x7, 0x7, 0xdc7, 0x5, 0x9]}}, {{0x1c, 0x1, {0x2, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}}, {0xe, 0x2, [0x0, 0x401, 0x0, 0x4, 0x748e]}}, {{0x1c, 0x1, {0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x110}}, 0x400c040)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=r2, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r6}, &(0x7f0000000400), &(0x7f00000004c0)=r7}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r10, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x2, 0x80, 0xc2, 0xc}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)

375.576529ms ago: executing program 1 (id=942):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r2 = fcntl$dupfd(r0, 0x406, r0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r2, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_DEL_MFC(r5, 0x29, 0xd1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2808, &(0x7f0000000700)={[{@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8}}, {@i_version, 0x0}, {@noauto_da_alloc}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0x9d}}, {@block_validity}, {@minixdf}, {@noinit_itable}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@oldalloc}], [{@uid_eq}, {@flag='nomand'}, {@appraise_type}, {@subj_role={'subj_role', 0x3d, '\x00\x00\x00]\xd0B\xa41.9\xdf\xd7\x86\r.LV4\xbd\x8f\xd0\xc8\xc6\x9c\xa3\a\xa7\x1c\x01\xf6|\xe4\x81&Yv\xfc\x9b\xbb`\'\xe2y\x9cp\xff\xf8\xad\xe3Y\x88\x84\x84d+\x8d\b;\xef\xd5\xf3b\xa29\xa3\x98\xbc&\x18Q\xf9\xd4\v\x03'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}], 0x2c}, 0x0, 0x4f9, &(0x7f0000000a80)="$eJzs3ctrXNUfAPDvnTya/PrI/Pp7aB/aaBWDj6ZJnws3ikI3gqBIXcYkLbVpK02EtgQTRSoIKv0LfOwE/wJXuhF1pbhV3IpQJJtWFzJyZ+6dTjrJZKbJJG3m84Fpz7n33HvOueeezjn39CYBdKzB9I8kYltE/BwRA5Xo4gSDlb9uLsyO/7kwO55EqfTSH0k53Y2F2fE8aX7c1iwyVIgovJvEniXynb585ezY1NTkxSw+PFPIQufGTk+enjw/evz44UP9x46OHlmTeqZlurH7rQt7d5149doL4yevvfbdF2l5S9n+2npUFFvMoatuy2AMLr6WNR5t8ex3u+014aR7AwtCS9K7Nm2unnL/H4iuuNV4A/H8OxtaOKCtSqVSaUvd1up32XypVpJUDgA2iaT5Lp2OidtaFmA95V/0NxbSmerseP08eHO7/kyUZ0BpvW9mn8qe7iikc/hiZW7U06b8/xsRJ+f/+jj9RN1ziHblCgB0sq/S8c+TlXFH/qnsKcT/a9LtyNaGihHx74jYGRH/ycYv/4sop70vIu6P3uox6Yiy/tnSYoO3xevHnz/2r7KKDaXjv6ezta3F4798PSqKXVlse7n+PcmpM1OTB7NrMhQ9W9L4SP2pq1X/+rmfPlou/8Ga8V/6SfPPx4JZOX7vvu0iTozNjK223rnrb5en9HNpvvPZdajsSaorAWk77oqI3c2csG9xNL1mZx7/fO9yyVeu/4fL57UG60ylTyMeq9R7Pha1f2XlrjcLDc+ce2N4+vKVp87Urk+OHDs6emS4L6YmDw7nd0W973+4+mIWrBvQr1z/9krb/19L3v/VlctiUrteO916Hld/eW/ZOeWd3v+9ycvlcNo+H0TEpbGZmYsjEb3JfHV75NtHbx17aaz/1vaRSv2H9i/d/3dG/P1JdtyeiEhv4gci4sGI2JeV/aGIeDgi9jeo/7fPPvL6cpO5u6H9J1pq/9YDXWe/+bIu4/cHm6x/2v6Hy6GhbMvE2EzfSvVqtoCrvoAAAABwD9gXEdsiKRyoPOMszUUUDhyI2Fp9gjI988SpC2+en6i8I1CMnkL+pGug5nnoSPZsOI2nR41GdBdr9h8qPzculUql/jSezt+ntm9s1aHjbc36f1+2xrEtCuX+n/qt/pUWYLNpaR1tuTfagHvSHayjH93RjoIA68772tC59H/oXE33f++jwaZzW/8v9/K5iJsbVBxgHS31/f/KBpQDWH/m/9C59H/oXPo/dKTVvNffKLDzRIM0SXd7Ml0+UIjGPwWgGJFvyf+DY+MT/lqIWJsSdq1pTfubaNO+WIu8orBimu4WfhBDFsh/d8BKiQtNpGl0+Prefo0DWyJihbu3erPN5YEr7S5YuRk+28B/mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANbEPwEAAP//4nTJbg==")
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x160, 0x4c, 0x1a, 0x0, 0x73, 0x238, 0x258, 0x258, 0x238, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'veth0_to_team\x00', 'macvlan1\x00'}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0xffffffff, 0x0, 0x2, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x0, {@ipv4=@remote, 'team_slave_1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x3a, 0xb, 0x0, 0x0, {0x1}, [@nested={0x4}, @nested={0x4, 0x1}]}, 0x1c}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000014000000140a01020000000000000000000000002c000000180a01010000000000000000010000000900010073797ac4870000000c0005"], 0x88}}, 0x0)
r9 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r9, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r4}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

343.361142ms ago: executing program 4 (id=943):
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@noauto_da_alloc}, {@nobh}, {@noload}, {@jqfmt_vfsold}]}, 0x2, 0x46a, &(0x7f0000000980)="$eJzs289vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl93tLpRd6H4+yTbv7bzpe9+deTNv5s0EMLD2Zn+SiPsi4mJEjNayKyp5oazctSvnZv+9cm42iUrl3b+TarmrV87NFmWL9bbkmfE0Iv0iyStZbfHM2RMz5fL86Tw/uXTyw8nFM2dfOHZy5uj80flT04cOHTww9fJL0y+uS5xZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jv4+GODox3EGZvVng/1SqGpc93U1ld4GtdelkqI8NoSuliBjK9+eLMRqluL7xRuONz/vaOOC2ys5Nm1ovXq4AG1gS/W4B0B/FiT67/i0+PRp63BEuv1q7AMrivpZ/akuGIs3LDDdc366nvRFxePm/b7JP3MR9CACAbv2YjX+ebzb+S6N+jLgtnxsai4j7I2J7RDwQETsi4sGIeCgidkbEw51Ve7xINE4N3Tj+SS/daoztZOO/V/K5rdXjv2L0F2OlPLe1Gv9wcuRYeX5//puMx/CmLD/Vpo6fXv/jq1bL6sd/2Ser//CqyaX00lDDDbq5maWZjiagOnD5s4jdQ83iT1ZmApKI2BURu7v719uKxLFnv9vTqlDT+POx8JrWYZ6p8m3EM7XtvxwN8ReS9vOTk/dEeX7/ZLFX3Oi338+/06r+W4p/HWTbf/Pq/b+xyFhSP1+72H0d5//8suU1zdrxN9//R5L3qsejkfy7j2eWlk5PRYwkb9XWqv9++vq6Rb4on8U/vq95/9+er5PF/0hEZDvxoxHxWEQ8nrf9iYh4MiL2tYn/l9eeOt5l/Embf7eusvjnmh7/VprQsP27T5RO/PxDq/o72/4Hq6nx/Jvq8W8NnTbwVn47AAAAuFuk1Wfgk3RiJZ2mExO1Z/h3xOa0vLC49NyRhY9OzdWelR+L4bS40zVadz90KlnOnyaO6tX3dH6vuFh+IL9v/HXp3mp+YnahPNfn2GHQbanr/9t3Xu//mb9Kq8uuzIh4vwM2Dv0ZBldj/0/71A6g95z/YXDp/zC49H8YXM36/6cN+VKP2gL0lvM/DK61+n/P3kYCes75HwaX/g8Dqd278cnNv/Iv0d9ELN/+KtI7ItLblRjpoINs6MSNx4oh4wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//xjg70M=")
chdir(&(0x7f0000000000)='./file0\x00')
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000008181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==")
open(&(0x7f0000000040)='./file0\x00', 0x555502, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kvm_fpu\x00', r4}, 0x10)
open(&(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2040, 0x40)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4020ae46, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000000000000000000000000000020000000000ba"])
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r8, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x10040, &(0x7f0000001900)=ANY=[@ANYRES64, @ANYRES64, @ANYBLOB="ac6447f0cd6bc56af4f6be9f3bf2d1195127c1cb19cd3b534cf8da3467c69dea1a46aeb9902a7ec531c99a1c0fea9f6f6a822d7840f3df33742cd77c380554052bb8b646119263ffb692bb8b498e3ed767a6fff2c2063697397bb1382963891dae6105d9856ad0adf57d992750de23c2dd14aaa34679a1cc64267450aead567cb610f816a3452d8b6f9cc925db09e3b8e59a4e840752bf6bcdcff2054853feb77c89a48c4fc28d1688274b9e44ffcc5503262b747b66e864fa91a7dcd3d31e81bf8956bf562391595127fc8e5413e2fe5e959defc0b8ce3266218ddcabcce588b3e5b5e34c7043b899bad295e9f8f3b56cad97486ce6cc58fce0d47c5b899c65149f3d8e43b87850c56ac0aeedc55d2377fa218215e4f89cd59ea7f276caf7a23c44f415ce90097f0b933341549d5c9c46ac236cf7074d1504738d566cfa1839392601973384cebae20f3d3d8414caed913627dbded881660cea423823f8ecd14d2e4b00b867bfddb718140fa69ceba7f409fee5c903f43bfe7c27051a95855f39d986c1591171a1e36bc7af6b80a73fd0318095ed5abfc7b2dff56e4ad1f21afa08e87ae37fab8d28a62ca818e902f1770b4b0bc8e977b7fc0f8ca06827d4f275cac762a372c9867783c124f1a9c1692a22d6ab44030b0391bd612657c1baeefecdc41d1d52e512959a3cf16ddfa3e9a0afcbde38d700ce55a83c560f17a5dd6b16663b6c962b9284fa88f50d691a93d6efa744ec173dfb6059e2a5f033e0bc765f13b1f6d5acdccdfa164f87430538f436690a890baa9c487db0249ea34519654ba0f9842099eccd74e272d137c25d6d0cf554b182309c55469b4fce14477651d826f447a342755dca8a7d2af5123ef80efa65cef4ba0cd5924c7bd5448705eda2c28e0f47c82504999937efba04efe16651c6b53944e5cdbbe8ffb4bf86d2f886779227515a75596d6b3ffd88a85ac1f9fbaa801a17e508d9de550ba207b0527ce4d17699976c359636dc7e8be9b2061f6e0edc443e2dacecd46fd14725777a23387af1728e7aa05ae33d303b7aa0884d52cc70ddbeb2e2879f85456c962072453c1ba0c6ee89f5a1468055dc6da903978ae1a255fb26242bd65bc92ceada1c2daffd677d708e225de836b9d2323e51144fd469c40712fe5bd7c11b6ccbb81ea919b57acdc444571b129a1d9158b2c6fc940cdf517996cda2f13dfb6d9cd6fdaa9b380d2ad3f60716f588152c37be70735b3bd94040181404bd004822984f83ed24c8f5d773c69f08d3a11931e0cdb2110fba965c5dcd9892f0053107f43d16e3fe844a83f327f50bf96c147fac17081f62556ba9b766609ca68f37ea59f5880cfab41140f7cffd1de985f2f749fbba5161aed46ad496e85d9b517103eb228b8de1c81f4de62299749b3ff07887f5a9fbb926d4b139405a95c92d0e225675a870c7354c1c6ae6590e2fb86e475d0e2bbe500505187deb988241afa82acee274cbf92e546bdb73aae54fc7048a9615fdf3d9f4007381024c84833ff873c1300c16316d274fd79dac3b4c44a0be566b68ea87528d7b9b19ec937121b2c26fc4c82c3800a20be3fd905598ffa6160173c6a4ef87504a25344feabce5bcf6e8ad1e84255110851c0d132a5344434e5b8c85ecf8aed4a074bc43502d72445f4a4619520a94db2f492b417b04c13df465614a0b37af077b20496e905ac7815cf5fef02e13a9f9ae1f1431ea1ad185492852048372c8a8cc4dcc614a99beca7afd369e7ddf71f59d8fd92f82948a0b76f3cd89dd5397016433b4dd817350fe774b7f7b208de1772f2793aec6d4c6b5b77c176ea41b484f630173c037643b5a75f8b08b0f8fc69e9c84b381cf5fc03a91ddd502e2dad6729298875f7e55210f2a021038366dcb668fee225c30c1b37b7313497d5ee3a24ae501b9244cc092b037dec9b0a40528187c0491bb3314c7fe1f6b735b530eda569e31082866b1612b91f11da075a25605c1d94791382075b8ee3539c16d588e1618971b69eaeb6eb10e077a369ea2737b99e4ccd756ea4a049d111143ad5ee9e654c517cd33b8002fdacb630be54444d9db71285f631970f4b81a66724b6aecea3ac63419eeea62f41d98ab40294c68a01b93ecd435ecb2f0aa47af47ae3775cd536a286b1f88c692ffb409b087629e1af48b28bfd7ee88d0ab8e539fdd76f88a2f95872f55550cb00fad052369582d884632fe90a9bd5733a470b301ecbd643172326d101c20d1c426b46862e3aaf92459b432fbfbbd4699961fab0bf15d427ca0d049b7255dd0d6d1e8bcba44932fbeb5cc5ac854042eda0e45098701aa0a4096679d14fde2bcf1cc02df3e558262463111dbed782eb6ebc2a7ee107a69a3ca87c326cb147719e8791f4150f3da80deeeb54456b52e8c2d077a6f64bef12fee17b2d15f49789c0c7362da3e7cae01f5ca51556d66325f16304d9107fa6d958ffe0fc1121b49d666dc6638eb979d7b720748da5e6c322eb14faa1e9738d7210815d7d63c02a830123bf16002514212a5177eaca470e0c5bbf860fe15e83769193b3dfab91a9f6fe4c6a97f82b2876fa6aa44c7714a26da56d962b289963100f9d5129449296787d130da0e30e15eb302c14c61efa4a72c47b7f33d46b67bab5e570d92b36f4cbcbde5169bcb99d2d471a4347f0f8ceb138753e85760d58ce393c0288c922d8f5fa3d3bfd01917c848a7c54ae86c73bd1d4ecea104c2182bf4f5dfb9715a43993de0eed2df247e45d033b8a91f568dc8f38cfcc39da033962465e0a8da901648dfc40bd02b146ae70aacf3a96e04741076bc78e6bd2e4c56049f27d279bb1ec75ef1084dee07aa5172566846a0f9339101c59c1528a64426b4940a22b1c44adae43db8c9e0bd3aac52baede1af2d264cacce244c340e613b29676a2e4ce05c710f9f865c6ce4592d11458b639d5dd38a9328ff2c1bcbed9f71aa6dde5db55cad1af7ef84a2dbd6fed21c8cc2e7ca35dc583219e022bd68572b066ce9b881776b3a2cfbc1a4c5a85495a0ea7fcc69a2f81c674c38b57841925d04072b64d465999c2335580cc0b8031529c6bfb8365085c2031486c1bdd67cf9bbd9335b058d448144023704e86c124f4daa11b46c178a33d40099ded181c1c27003026145b35e9fc475b87de1336355da323b702e954422ee0915582cbe7527a11390bd6be7310243be572512b0af9d35b103c0f1ead5b32098f65e68714d1bfa1a8e12b5714c797be5dd661c80c404a2494e7867f2d608ebb7282e9fae6a9a696dbe41f8a5c3591f30fe8ab0bc6331f3b8bf9bb212bc883fed18636652efbd0f544d75b9a6a9f16f8f3818b269691178f2473dcae88b5e6aa10d1cdbb2f707e7f463fee97266ee93247ae374ff7bfc4384198d28613d26328cfad78cfc126ed1dee439e60911dde210cbbb6800b1380849ce9daefb3fef7585e7e2a2f2b8fceb3c5a08e29ed857f3de23b6a31b8a7eba073b2300acb98c3937407dba631871a75b3dc524b8d44718eb9b6578a4563366a58211ee31c7e6f2accd18536e16f61502becd9ebdf4e8f6aeda2e70f5071cedebfcfd3129047fd0e4c3193e3ea5a57cef225d038b28b6a1f3781bddae4180d4a33ae5a07e64d9753e827d99b3a52ae44a24de8eafd29a13bce33d9986b9168e13dcc3b5081c7fd106ee2dd707c10258c5327bba7971ae908ddb200eb8c5452656f547a84aa86f8d85b8de5cd81dfd1c9aa40b87a5ccc8173482cb568704b2f4c8a39025361e3413df588844b028e26772d0f9ea9a71ddac8ef9df31ba0d57f9347c410c719c3adc0f2c97a907715ca6e7a784fa5b1637dffa28c2b8a0c5d589ad23253ebef60b70d401e01ffb4790eaa4c0bd9b6be6e588fbdb05250ef9b95b2727a6671dd53b9451a114a60a025b3a9209577687cdea1b4bb88dd0568440bcd5bbf41e2480f8fd7c709804eceec3f62046018a75ab488208e9ab86518ef34f8ea48f758ebefcb63bd24a9d9e70b284d7047f99fe1d294f2ebc64b1fd087f5c1fbb5274d3d2c1a428150ffc0eae5a291fd048aae60a5f3d292b00dd87a5f7b45b852465902d924786ec44915cd3bf60b469abb8f5c423546bebd45f20ddc0476a120bfe5eadb8803f63227ac0226e20b3099b36e88f3e65126a0945a7e11c9a270e820ca722b1cac5f25f3120771dac46aa35e8b5620bc91527de001219ea4eee25716c85b980d9ed160474b0a7acc9edac0d97a4ad892feab775e09af78b150332e81ed891197282d26802377cca9740600db079fab74c600c091458430aa5092fb752b6774370022d5b8089536f7c17dd9d93f67b74d7203313b48e6aa9cb324346ae4401e480c285a30f9fc2364e8c54c84749d5d6e852a04beef4d1d65707e8f2b160e40fd51c460fd3c8f31e821bed5a1068bcc86f7f568505032b9b46261c0171af66db430043693f822c21e6d6b889af8d46cf85bfa2c9f2d2dca8629a9a09291dcf3a61d6e88588044bc10a6b49a1bbd1f9c075637dfca833d6b181fc76bfa352676145533f411106aa39e1cca2c8fc7d55b23fa5e50117f7669d74a28d53809024f09081f383b71e0f3685f2f9ac16394ed1b55cb86d8c79629c756c7dd143b6d9c0698873fb25097c5ffde6fd1d8390b53ea86b6203230f8f76ff13826c7f4cb3d7c678f7b51186b4e9f24c8e2a1368ed563d99c5e5fc455edc1da03d1c5b8901eb48d800520efc1f554d8befdeb2942a89e05cc8abb209581d5d7533bbe51c856a2789664755f0500c68605e5f7a7e4b005a8eaa16665708b0f33d0f0b7e9161b945df175b72f3c721bc8d28a7771cf8e8e32dacc9bbce767cb08a652e176d8afd0a58093f676284617f671a330847461e681d3b9a829084a7e1c6bdbd748d929de98a73790a568d00d0524421a6aeb1a48a70541cc8b6fe5e9467f108592a0f9c392bea765debb6c652dd4d464944b3795b7c5653a494de56a097fef80bc3f2ce11187e322eafe7824f7f07b4bad3f53ed2d392b8a2062517860b6909c4a5417f049bcb94239b2d3bbcaa496a22e1587decee57f8c72b7003d717bdfbb0cde9c743549d3995a4f227c9c9aed5c0091330d6004de1ed0687355980740eb744ae9c0cb2c5cae32fd4ef5dbd83e435e0d4d1ca34937a9f99fbf5169818b116f1c2bb0388e92aa0bac685c7d1daa301f90538d978f3cbeadc9d925400d3d6ec790179aa69d0bc687d04c4090453ad78ed44734faba3f8343939dc686859cb93ec571c3aae2d0e6276af06c2ce20ce263056021d3f10787d36f2d427ed53b5d00c8af5a5cdda949ff5d8e4354df1a0959ffa955cdbf4dc493a941960ece67764187f154f4401df57ef56e9c1ea39b9ca048367328e1426650560697fc63fab0721343a921115a3bf4d4007e428d465871a578025e99ce38b8938a1de4afdc9fb47d2e9ffe0710f17d761f5f6d1c3d334fe9e9f23fbc129b3f8406893479af18b99c97cb849fb73ea6965841b569df79e6d8256086fb5e9da73a5d303e0290230e9b79a4ac2e9a4015482ed41a4c22b1904470054c86ee670fe96e32504ed362c03e54e10dacb01c70a32ea1d44df866b1602e1d5721582c5c19b613a3dc039cafd586bfcb5f2f9e98446a13dc6c8d44adeedb2abe5c594656a26a343d2da9e5f87ea9be2349b826c4458af614f95cad2c9f46d22529795621571886f9b7c090e209d04ee661b5c3fce9b14807a1feebeab37e7338bde8470dc9737af7fa7ad465ca26df2a5071f7df30530bbc3e7e55ab8c6beabe72edd", @ANYRES16=r0, @ANYRESDEC=r8, @ANYRES8=r1, @ANYRESOCT=r8, @ANYRES64=r1], 0x7d, 0x222, &(0x7f00000016c0)="$eJzs2k2LW2UUB/Bz25HWKdNEfKMF8UE3urk0Wblw0UFaEAOKNoIK0lvnRkMyyZAbBiLSzs6tH8G1uHQnSL/AbPwEXbibzSy7EK+0KZ0X4mIQJ9j5/TY5cPKH5+FcLmdx9979YXPQq/JeMY1zWRYr12MnHmbRjHNxPuZ24u277zx47ZPPPv9gvdO58XFKN9dvtdoppcuv//bFdz+/cX966dNfLv96IXabX+7tt//YfWX3yt5ft77pV6lfpdF4mop0ZzyeFneGZdroV4M8pY+GZVGVqT+qysmRfm843tqapWK0sba6NSmrKhWjWRqUszQdp+lkloqvi/4o5Xme1laDf6P708O6jv36udtR1/XzP8al+7H2IBqRvZCyF69nL9/OXt3JruzXdWPZR+U/Yf5nm/mfbeZ/th1a6i5GbH6/3d3uzn/n/fVe9GMYZVyLRvwZjx6TJ+b1zfc7N66lx5qRNu89yd/b7p4/mm9FI5qL8615Ph3NX4jVw/l2NOKlxfn2wvzFeOvNQ/k8GvH7VzGOYWzEo+xB/m4rpfc+7BzLX338PwCAZ02enlq4v+X5P/Xn+RPsh8f2q5W4urLcuxNRzb4dFMNhOVEoFIqnxbLfTJyGg6Ev+yQAAAAAAAAAAACcxGl8TrjsOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w9/BwAA///8j/If")
creat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

328.210523ms ago: executing program 1 (id=944):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x315c, r0}, 0x48)
getpid()
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000)="fa", 0xfffffdef)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0x12, 0x0, 0x2000e881)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
getrandom(&(0x7f0000000080)=""/240, 0xfffffffffffffe77, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
dup2(r4, 0xffffffffffffffff)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x2088010, 0x0, 0x3, 0x0, 0x0)
mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000700), &(0x7f0000000640)='./file0\x00', 0x810000, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c696f636861727365743d69736f383835392d312c646d61736b3d30303030303030303030303033373737373737373737372c696f636861727365743d6b6f69382d72752c696f636861727365743d63703433372c6e616d65636173653d312c6e616d65636173653d312c009a8d4d9016e3d8128333e260a1b926dd0c5f7619710e03ea1ae6521494f87e5737dc0c5bec3f76668140a15258818b6fbc51f9a13940e63c378688559c351287f0e09ef0b7330db20eef797e5004484649e7f5fb64b746683a75b9ed822f5ae34fac"], 0x1, 0x1503, &(0x7f0000002a80)="$eJzs3AuYzlW7MPB1r7X+jGnS0ySHYd3r/vOkwTJJkkNCDkmSJElOCUmTJAmJIackJDkfJslhCMlhGpPG+XzIOWnySpMkITmF9V1629v77t79tvf3tj/ftef+Xde6Zt2znns995p7rnn+/+e65vm++8g6zerWbEJE4l8Cf/2SIoSIEUIMEULcIIQIhBAV4ivEX1nPpyDlX3sS9ud6NO1aV8CuJe5/7sb9z924/7kb9z934/7nbtz/3I37n7tx/xnLzbbPKXIjj9w7+P3/3Ixf//8XySk7+euNZW/u8d9I4f7nbtz/3I37n7tx/3M37n/uxv3/36/GP1nj/udu3H/GcrNr/f4zj2s7rvXvH2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx3OGcv0oLIf5tfq3rYowxxhhjjDHG2J/H573WFTDGGGOMMcYYY+x/HggplNAiEHlEXhEj8olYcZ2IE9eL/OIGERE3inhxkyggbhYFRSFRWBQRCaKoKCaMQGEFiVAUFyVEVNwiSopbRaIoJUqLMsKJsiJJ3CbKidtFeXGHqCDuFBXFXaKSqCyqiKriblFN3COqixqiprhX1BK1RR1RV9wn6on7RX3xgGggHhQNxUOikXhYNBaPiCbiUdFUPCaaicdFc/GEaCFailaitWjzf5X/iugtXhV9RF+RIvqJ/uI1MUAMFIPEYDFEvC6GijfEMPGmGC5GiJHiLTFKvC1Gi3fEGDFWjBPjxQQxUUwSk8UUMVWkinfFNPGemC7eFzPETDFLzBZpYo6YKz4Q88R8sUB8KBaKj8QisVgsEUtFuvhYZIhlIlN8IpaLT0WWWCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu/hM7BA7xS6xW+wRe8U+8bnYL74QB8SXIlt89d/MP/sf8nuAAAESJGjQkAfyQAzEQCzEQhzEQX7IDxGIQDzEQwEoAAWhIBSGwpAACVAMigECAgFBcSgOUYhCSSgJiZAIpaE0OHCQBElQDm6H8lAeKkAFqAgVoRJUhspQFapCNagG1aE61ISaUAtqQR2oA/fBfXA/1If60AAaQENoCI2gETSGxtAEmkBTaArNoBk0h+bQAlpAK2gFbaANtIW20A7aQQfoAB2hI3SCTpAMydAZOkMX6AJdoSt0g27QHbpDD+gJPeEVeAVehVehL9SS/aA/9IcBMAAGwWAYDK/DUHgD3oA3YTiMgJHwFrwFb8NoOANjYCyMg3FQTU6ESTAZSE6FVEiFaTANpsN0mAEzYSbMhjSYA3NhLsyD+TAfPoSF8BF8BIthMSyFdEiHDFgGmZAJy+EsZMEKWAmrYDWsgdWwDtbDOtgIm2AjbIEtsA22wWfwGeyEnbAbdsNe2Aufw+fwBXwBwyEbsuEgHIRDcAgOw2HIgRw4AkfgKByFY3AMjsNxOAEn4RSchNNwGs7AWTgH5+ACXICL8FLCt033ltowXMgrtNQyj8wjY2SMjJWxMk7Gyfwyv4zIiIyX8bKALCALyoKysCwsE2SCLCaLSZQoSYayuCwuozIqS8qSMlEmytKytHTSySSZJMvJcrK8LC8ryDtlRXmXrCQry/auqqwqq8kOrrqsIWvKmrKWrC3ryLqyrqwn68n6sr5sIBvIhrKhbCQflo1lPxgEj8ornWkmR0BzORJayJaylWwt34YnZVs5GtrJ9rKDfFqOhTHQSbZ1yfI52VlOgi7yBTkZXpTd5FToLl+WPWRP2Uu+InvLdq6P7CtnQD/ZX86GAXKgHCQHy3lQW17pWB35phwuR8iR8i25FN6Wo+U7cowcK8fJ8XKCnCgnyclyipwqU+W7cpp8T06X78sZcqacJWfLNDlHzpUfyHlyvlwgP5QL5UdykVwsl8ilMl1+LDPkMpkpP5HL5acyS66QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2uV1+JnfInXKX3C33yL1yn/xc7pdfyAPyS5ktv5IH5V/kIfm1PCy/kTnyW3lEfiePyu/lMfmDPC5/lCfkSXlK/iRPy5/lGXlWnpPn5QX5i7woL8nL0kuhQEmllFaByqPyqhiVT8Wq61Scul7lVzeoiLpRxaubVAF1syqoCqnCqohKUEVVMWUUKqtIhaq4KqGi6hZVUt2qElUpVVqVUU6VVUnqNlVO3a7KqztUBXWnqqjuUpVUZVVFVVV3q2rqHlVd1VA11b2qlqqt6qi66j5VT92v6qsHVAP1oGqoHlKN1MOqsXpENVGPqqbqMdVMPa6aqydUC9VStVKtVRv1pGqrnlLtVHvVQT2tOqpnVCf1rEpWz6nO6nnVRb2guqoXVTf1kuquXlY9VE/VS11Sl5VXfVRflaL6qf7qNTVADVSD1GA1RL2uhqo31DD1phquRqiR6i01Sr2tRqt31Bg1Vo1T49UENVFNUpPVFDVVpap31TT1npqu3lcz1Ew1S81WaWqOGvTbTgv+C/nv/YP8Yb8++za1XX2mdqidapfarfaovWqf2qf2q/3qgDqgslW2OqgOqkPqkDqsDqsclaOOqCPqqDqqjqlj6rg6rk6ok+q8+kmdVj+rM+qsOqvOqwvqgrr4289AaNBSK611oPPovDpG59Ox+jodp6/X+fUNOqJv1PH6Jl1A36wL6kK6sC6iE3RRXUwbjdpq0qEurkvoqL5Fl9S36kRdSpfWZbTTZXWSvu1fzv+j+troNrqtbqvb6Xa6g+6gO+qOupPupJN1su6sO+suuovuqrvqbrqb7q676x66h+6le+neurfuo/voFJ2i++vX9AA9UA/Sg/UQ/boeqofqYXqYHq6H65F6pB6lR+nRerQeo8focXqcnqAn6El6kp6ip+hUnaqn6Wl6up6uZ+gZepaepdN0mp6r5+p5ep5eoBfohXqhXqQX6SV6iU7X6TpDZ+hMnamX6+U6S6/QK/QqvUqv0Wv0Or1Ob9Ab9Ca9SW/RW3SW3q636x16h96ld+k9eo/ep/fp/Xq/PqAP6GydrQ/qg/qQPqQP68M6R+foI/qIPqqP6mP6mD6uj+sT+oQ+pU/p0/q0PqPP6HP6nL6gL+iL+qK+rC9fuewLZCADHeggT5AniAligtggNogL4oL8Qf4gEkSC+CA+KBDcHBQMCgWFgyJBQlA0KBaYAAMbUBAGxYMSQTS4JSgZ3BokBqWC0kGZwAVlg6TgtqBccHtQPrgjqBDcGVQM7goqBZWDKkHV4O6gWnBPUD2oEdQM7g1qBbWDOkHd4L6gXnB/UD94IGgQPBg0DB4KGgUPB42DR4ImwaNB0+CxoFnweNA8eCJoEbQMWgWtgzZ/6v7enyn0lOtj+poU08/0N6+ZAWagGWQGmyHmdTPUvGGGmTfNcDPCjDRvmVHmbTPavGPGmLFmnBlvJpiJZpKZbKaYqSbVvGummffMdPO+mWFmmllmtkkzc8xc84GZZ+abBeZDs9B8ZBaZxWaJWWrSzccmwywzmeYTs9x8arLMCrPSrDKrzRqz1qwz680Gs9FsMpvNFrPVbDPbzWdmh9lpdpndZo/Za/aZz81+84U5YL402eYrc9D8xRwyX5vD5huTY741R8x35qj53hwzP5jj5kdzwpw0p8xP5rT52ZwxZ805c95cML+Yi+aSuWz8lYv7Ky/vqFFjHsyDMRiDsRiLcRiH+TE/RjCC8RiPBbAAFsSCWBgLYwImYDEshlcQEhbH4hjFKJbEkpiIiVgaS6NDh0mYhOWwHJbH8lgBK2BFrIiVsBJWwSp4N96N9+A9WANr4L14L9bG2lgX62I9rIf1sT42wAbYEBtiI2yEjbExNsEm2BSbYjNshs2xObbAFtgKW2EbbINtsS22w3bYATtgR+yInbATJmMydsbO2AW7YFfsit2wG3bH7tgDe2Av7IW9sTf2wT6YginYH/vjAByAg3AQDsEhOBSH4jAchuPLbapx5c5pFI7C0Tgax+BYHIfjcQJOxEk4GafgVEzFVJyG03A6TscZOANn4SxMwzSci3NxHs7DBbgAF+JCXISLcAkuwXRMxwzMwEzMxOW4HLMwC1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAbs/EgHsRDeAgP42HMwRw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/AC/oIX8RJeRo8xVopYe52Ns9fb/PYGG2Pz2b+NC9siNsEWtcWssQVtob+L0VqbaEvZ0raMdbasTbK3/S6uZCvbKraqvdtWs/fY6r+L69n7bX37gG1gH7R17X1/Fze0D9lG9nHb2D5hm9iWtqltbZvZx21z+4RtYVvaVra17WifsZ3sszbZPmc72+d/F2fYZXa93WA32k12v/3CnrPn7VH7vb1gf7F9bF87xL5uh9o37DD7ph1uR/wuHmfH2wl2op1kJ9spdurv4ll2tk2zc+xc+4GdZ+f/Lk63H9uFNtMusovtErv01/hKTZn2E7vcfmqz7Aq70q6yq+0au9au+/daV9ktdqvdZvfZz+0Ou9PusrvtHrv31/jKOQ7YL222/coesd/ZQ/Zre9geszn221/jK+cT4gd73P5oT9iT9pT9yZ62P9sz9uyv579y9p/sJXvZeisISJIiTQHlobwUQ/kolq6jOLqe8tMNFKEbKZ5uogJ0MxWkQlSYilACFaViZAjJElFIxakERekWKkm3UiKVotJUhhyVpSS6jcrR7VSe7qAKdCdVpLuoElWmKlSV7qZqdA9VpxpUk+6lWlSb6lBduo/q0f1Unx6gBvQgNaSHqBE9TI3pEWpCj1JTeoya0ePUnJ6gFtSSWlFrakNPUlt6itpRe+pAT1NHeoY60bOUTM9RZ3qeutAL1JVepG70EnWnl6kH9aRe9Ar1plepD/WlFOpH/ek1GkADaRANpiH0Og2lN2gYvUnDaQSNpLdoFL1No+kdGkNjaRyNpwk0kSbRZJpCUymV3qVp9B5Np/dpBs2kWTSb0mgOzaUPaB7NpwX0IS2kj2gRLaYltJTS6WPKoGWUSZ/QcvqUsmgFraRVtJrW0FpaR+tpA22kTbSZttBW2kbb6TPaQTtpF+2mPbSX9tHntJ++oAP0JWXTV3SQ/kKH6Gs6TN9QDn1LR+g7Okrf0zH6gY7Tj3SCTtIp+olO0890hs7SOTpPF+gXukiX6DJ5EiGEMlShDoMwT5g3jAnzhbHhdWFceH2YP7whjIQ3hvHhTWGB8OawYFgoLBwWCRPComGx0IQY2pDCMCwelgij4S1hyfDWMDEsFZYOy4QuLBsmhbeF5cLbw/LhHWGF8M6wYnhXWCmsHD7+YNXw7rBaeE9YPawR1gzvDWuFtcM6Yd3wvrBeeH9YP3wgbBA+GJYPHwobhQ+HjcNHwibho2HT8LGwWfh42Dx8ImwRtgxbha3DNuGTYdvwqbBd2D7sED4ddgyfCTuFz4bJ4XNh5/D5P1xPCfuF/cPXwtdC7x9QS6JLo+nRj6MZ0WXRzOgn0eXRT6NZ0RXRldFV0dXRNdG10XXR9dEN0Y3RTdHN0S3RrdFtUe/r5hUOnHTKaRe4PC6vi3H5XKy7zsW5611+d4OLuBtdvLvJFXA3u4KukCvsirgEV9QVc8ahs45c6Iq7Ei7qbnEl3a0u0ZVypV0Z51xZl+RauzaujWvrnnLtXHvXwT3tnnbPuGfcs+5Z95zr7J53XdwLrqt70XVzL7mX3Muuh+vperlXXG/3quvj+roUl+L6u/5ugBvgBrlBbogb4oa6oW6YG+aGu+FupBvpRrlRbrQb7ca4MW6cG+cmuAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5h4kK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvuiP0xX0JH/W3+JL+Vp/oS/nSvox3vqxP8rf5cv52X97f4Sv4O31Ff5ev5Cv7Kv4J38K39K18a9/GP+nb+qd8O9/ed/BP+47+Gd/JP+uT/XO+s3/ed/Ev+K7+Rd/Nv+S7+5d9D9/T9/Kv+N7+Vd/H9/Upvp/v71/zA/xAP8gP9kP8636of8MP82/64X6EH+nf8qP82360f8eP8WP9OD/eT/AT/SQ/2U/xU32qf9dP8+/56f59P8PP9LP8bJ/m5/i5/gM/z8/3C/yHfqH/yC/yi/0Sv9Sn+499hl/mM/0nfrn/1Gf5FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+8/8Dr/T7/K7/R6/1+/zn/v9/gt/wH/ps/1X/qD/iz/kv/aH/Tc+x3/rj/jv/FH/vT/mf/DH/Y/+hD/pT/mf/Gn/sz/jz/pz/ry/4H/xF/0lf/m/+j9ref6n309njDHGGPv/W+ofrPf7B9+Tv40r+gshrt9ZJOdv15UQYnPBv84HyoSOESHEc327P/pvo1atlJSU3x6bpURQYrEQInI1/9dLtN/iFaKDeEYki/ai3D+sb6DseYH+YP/onULE/k1OzF8/5uA/7H/7f7L/k0+Py6gYnov/J/svFiKxxNWcfOJqfHX/8v/J/oXa/kH9+b5OFaLd3+TEiavx1f2TxFPieZH8d49kjDHGGGOMMcb+aqCs0pWu3BGLf35/nqCv5uQVV+M/uj9njDHGGGOMMcbYtfdiz17PPpmc3L4rT3jCE578++Ra/2VijDHGGGOM/dmuXvRf60oYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLHc6//Fx4ld6zMyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj19r/CQAA//9YKT35")
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, 0x0, 0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x367)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000008c0)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@usrjquota}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}]}, 0x0, 0x576, &(0x7f0000000f80)="$eJzs3d9vU1UcAPDv7VoYA2UkhKgPZgkPYpCObaiY+ICPRokk+o7NVpZlHSVrR9gkER7kxRdDTIyRxPgH+O4j8R/wryBREmLIog++zNzudqus3Q/oaKWfT3LpOfdc9j2n557Tc3vbNICBNZb+k4t4NSK+SSKOtpTlIyscWz9u9fHN6XRLYm3t0z+TSLJ9zeOT7PFwlnklIn79KuJ0bmvc2vLKfKlSKS9m+fH6wrXx2vLKmbmF0mx5tnx1cmrq/NtTk++9+07X2vrmpb+//+T+h+e/Prn63c8Pj91N4kIcycpa2/EMbrVmxmIse04KceGJAye6EKyfJL2uAE9lKBvnhUjngKMxlI164MX3ZUSsAQMqMf5hQDXXAc1r+y5dB/9vPPpg/QJoa/vz6++NxHDj2mhkNfnPlVF6vTvahfhpjF/+uHc33aJ770MA7OjW7Yg4m89vnf+SbP57emd3ccyTMcx/8PzcT9c/b7Vb/+Q21j/RZv1zuM3YfRo7j//cwy6E6Shd/73fdv27cdNqdCjLvdRY8xWSK3OVcjq3vRwRp6Jw8MpcZWS7GOdXH6x1Kmtd/6VbGr+5Fszq8TB/sJkuZI/10jM1usWj2xGvtV3/Jhv9n7Tp//T5uLTLGCfK917vVLZz+/fX2k8Rb7Tt/807Wsn29yfHG+fDePOs2OqvOyd+6xS/1+1P+39k+/aPJq33a2t7j/Hj8D/lTmV7O//XzZTqpQPJZ430gWzfjVK9vjgRcSD5eOv+yc3/28ynj/lz6+0/dXL7+a/d+X8oIj7fZfvvHL/T8dB+6P+ZPfX/3hMPPvrih07xd9f/5xqpU9metP93atduK/gszx0AAAAAAAD0m1xEHIkkV9xI53LF4vrnO47HSK5SrdVPX6kuXZ2JxndlR6OQa97pPtryeYiJ7POwzfzkE/mpiDgWEd8OHWrki9PVykyvGw8AAAAAAAAAAAAAAAAAAAB94nDEcLvv/6d+H+p17YB95ye/YXB1Hv9ZSTd+6QnoS17/YXAZ/zC4jH8YXM3xX+hxPYDnz+s/DC7jHwaX8Q+Dy/gHAAAAAAAAAAAAAAAAAAAAAAAAAACArrp08WK6ra0+vjmd5meuLy/NV6+fmSnX5osLS9PF6eriteJstTpbKRenqws7/b1KtXptYjKWbozXy7X6eG155fJCdelq/fLcQmm2fLnsJ4YAAAAAAAAAAAAAAAAAAABgq9ryynypUikvvjCJyPVFNV6MRG7nY/J9UtUsMRx9UY39ShyMzT1JDEfEfsXq9cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJv+DQAA//9d9DGb")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="757466383d312c757466383d312c756e695f786c6174653d312c756e695f786c6174653d312c696f636861727365743d6d616363656e746575726f2c756e695f786c6174653d302c756e695f786c6174653d312c73686f72746e616d653d77696e39352c696f636861253f581c5a375d55382d752c6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d69736f383835392d372c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c757466383d302c00"], 0x1, 0x2ad, &(0x7f0000000580)="$eJzs3U+LG2UYAPBnstlk1ENy8CSKA3rwVLr9BFlkC8WclBzUg4ptQZogtBDwD8aeBE9ePPoJBKE3v4QXv4EfQPBmD4VXJpnpJDXJ7sBmRf39Ln36vu8z7zPzzu6yhzz74cuze7eLuPvwy98iz7PojGIUj7MYRidqX8eG0XcBAPybPU4p/kgrbfKyiMgPVxYAcECtf/4/OnhJAMCBvfPue2+djsdnbxdFHjdn38wn5W/25b+r+dO78UlM405cj0E8iUhPreKbKaVFtygN4/XZYj4pM2cf/FJd//T3iGX+SQxiuBzazL81PjspVtbyF2Udz1f7j8r8GzGIF7fsf2t8dmNLfkx68cZra/Vfi0H8+nF8GtO4vSyiyf/qpCjeTN//+cX7ZXnzSeSxmE/6y3WNdNTE3as6HgAAAAAAAAAAAAAAAAAAAAAA/qOuVb1z+rHs31MOVf13jp6U/zmOojbc7M+zys/qCz3TH2iR4oe6v871oihStbDJ78ZLXY10AAAAAAAAAAAAAAAAAAAAoPTgs8/vfTSd3rl/KUHdDaD+WH/76zxaZo3WRl6N/Vn9Zq9OFe7ZIo7qNVnE3nrKm7ikx3Je8Nyumn/8qe0F8/PXHJd75bvWlEfYctP6uNdGoh7Jtj/D/tPFef2S/FyPpJRSLy64e2/XVGr1+vW2Tg1aH2XvhWWw2LMmsl2FfftK83VZTWXP3kVv4zlvBMdVELtOMG/1Pv/9e0WmWwcAAAAAAAAAAAAAAAAAABxU86HfLZMP96Z2Uv9gZQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlWr+/n+LYFElX2BxL+4/+IdvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwIAAP//kBZbSA==")
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000040)={0x28}, 0x28)
pwritev2(r6, &(0x7f00000001c0)=[{&(0x7f0000000200)='y', 0x1}], 0x1, 0x7fff, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)

0s ago: executing program 2 (id=945):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1e, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xbc, 0x3, 0x0, [{@multicast1}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@empty, 0xffd200}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x4, 0xfc}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr=0x64010100]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
dup(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x4, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaddc}, [@call={0x85, 0x0, 0x0, 0xc9}]}, &(0x7f0000000340)='GPL\x00'}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)}], 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000003200)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000100))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(r5, 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004005, &(0x7f0000b63fe4)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)

kernel console output (not intermixed with test programs):

ndpoint 0x81 has invalid wMaxPacketSize 0
[  157.107087][  T314] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  157.124935][  T314] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  157.136886][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.170510][  T314] usb 5-1: config 0 descriptor??
[  157.335960][  T837] EXT4-fs (loop2): unmounting filesystem.
[  157.382762][   T28] audit: type=1400 audit(1721012967.541:571): avc:  denied  { ioctl } for  pid=2987 comm="syz.2.680" path="socket:[28658]" dev="sockfs" ino=28658 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  157.445035][ T2990] device bridge0 entered promiscuous mode
[  157.463413][ T2990] device vlan2 entered promiscuous mode
[  157.485818][ T2990] device bridge0 left promiscuous mode
[  157.630573][ T2959] loop4: detected capacity change from 0 to 1024
[  157.654684][ T2959] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.665718][ T2984] loop0: detected capacity change from 0 to 40427
[  157.674726][ T2984] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  157.688022][ T2984] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  157.705345][ T2984] F2FS-fs (loop0): Unrecognized mount option "00000000000000000000003" or missing value
[  157.719485][ T2959] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  157.776498][  T314] microsoft 0003:045E:07DA.0034: ignoring exceeding usage max
[  157.788454][  T314] microsoft 0003:045E:07DA.0034: invalid report_size -642572308
[  157.804635][  T314] microsoft 0003:045E:07DA.0034: item 0 4 1 7 parsing failed
[  157.818479][  T314] microsoft 0003:045E:07DA.0034: parse failed
[  157.830840][  T314] microsoft: probe of 0003:045E:07DA.0034 failed with error -22
[  157.889956][ T3013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.898526][ T3013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.155717][   T28] audit: type=1400 audit(1721012968.281:572): avc:  denied  { append } for  pid=3014 comm="syz.3.685" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  158.355455][ T1224] usb 5-1: USB disconnect, device number 24
[  158.491112][ T3022] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  158.571010][ T3027] FAULT_INJECTION: forcing a failure.
[  158.571010][ T3027] name failslab, interval 1, probability 0, space 0, times 0
[  158.583495][ T3027] CPU: 0 PID: 3027 Comm: syz.0.688 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  158.592877][ T3027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  158.595585][ T2450] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  158.602773][ T3027] Call Trace:
[  158.602781][ T3027]  <TASK>
[  158.602789][ T3027]  dump_stack_lvl+0x151/0x1b7
[  158.620574][ T3027]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  158.625860][ T3027]  ? stack_trace_save+0x113/0x1c0
[  158.630720][ T3027]  dump_stack+0x15/0x1b
[  158.634711][ T3027]  should_fail_ex+0x3d0/0x520
[  158.639225][ T3027]  ? p9_client_prepare_req+0x16c/0xd70
[  158.644521][ T3027]  __should_failslab+0xaf/0xf0
[  158.649119][ T3027]  should_failslab+0x9/0x20
[  158.653458][ T3027]  kmem_cache_alloc+0x3b/0x2c0
[  158.658059][ T3027]  p9_client_prepare_req+0x16c/0xd70
[  158.663177][ T3027]  ? do_getxattr+0x182/0x380
[  158.667605][ T3027]  ? path_getxattr+0x2e8/0x410
[  158.672211][ T3027]  ? trace_raw_output_9p_fid_ref+0x160/0x160
[  158.678030][ T3027]  p9_client_rpc+0x18b/0xaa0
[  158.682450][ T3027]  ? debug_smp_processor_id+0x17/0x20
[  158.687653][ T3027]  ? kfree+0x7a/0xf0
[  158.691403][ T3027]  ? v9fs_fid_xattr_get+0x302/0x400
[  158.696421][ T3027]  ? p9_fid_create+0x360/0x360
[  158.701025][ T3027]  ? __kasan_slab_free+0x11/0x20
[  158.705793][ T3027]  ? kmem_cache_free+0x291/0x510
[  158.710567][ T3027]  ? p9_req_put+0x18d/0x1e0
[  158.714908][ T3027]  ? p9_req_put+0x18d/0x1e0
[  158.719250][ T3027]  p9_client_clunk+0x76/0x1a0
[  158.723761][ T3027]  v9fs_fid_xattr_get+0x316/0x400
[  158.728622][ T3027]  ? p9_fid_get+0xa0/0xa0
[  158.732790][ T3027]  ? v9fs_fid_lookup+0x118/0x160
[  158.737577][ T3027]  v9fs_xattr_get+0x4f/0x100
[  158.741991][ T3027]  v9fs_xattr_handler_get+0x3d/0x50
[  158.747019][ T3027]  ? v9fs_listxattr+0x40/0x40
[  158.751540][ T3027]  vfs_getxattr+0x666/0x740
[  158.755878][ T3027]  ? __vfs_getxattr+0x3f0/0x3f0
[  158.760563][ T3027]  ? __check_object_size+0xa1/0x650
[  158.765597][ T3027]  do_getxattr+0x182/0x380
[  158.769847][ T3027]  path_getxattr+0x2e8/0x410
[  158.774275][ T3027]  ? setxattr+0x2b0/0x2b0
[  158.778443][ T3027]  ? fput+0x15b/0x1b0
[  158.782261][ T3027]  ? ksys_write+0x260/0x2c0
[  158.786599][ T3027]  ? debug_smp_processor_id+0x17/0x20
[  158.791812][ T3027]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  158.797709][ T3027]  __x64_sys_lgetxattr+0x9e/0xb0
[  158.802485][ T3027]  do_syscall_64+0x3d/0xb0
[  158.806736][ T3027]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  158.812464][ T3027] RIP: 0033:0x7f154ad75bd9
[  158.816713][ T3027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.836155][ T3027] RSP: 002b:00007f154bb88048 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  158.844402][ T3027] RAX: ffffffffffffffda RBX: 00007f154af03f60 RCX: 00007f154ad75bd9
[  158.852214][ T3027] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000020000000
[  158.860033][ T3027] RBP: 00007f154bb880a0 R08: 0000000000000000 R09: 0000000000000000
[  158.867836][ T3027] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  158.875646][ T3027] R13: 000000000000000b R14: 00007f154af03f60 R15: 00007ffe563a4418
[  158.883463][ T3027]  </TASK>
[  158.919363][ T3029] netlink: 20 bytes leftover after parsing attributes in process `syz.0.689'.
[  158.941275][ T3033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.949833][ T3033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.965736][ T2450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.976782][ T2450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.986519][ T2450] usb 3-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  158.995351][ T2450] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.010630][ T2450] usb 3-1: config 0 descriptor??
[  159.045657][  T314] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  159.247719][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  159.302812][ T3031] loop3: detected capacity change from 0 to 131072
[  159.309326][  T314] usb 2-1: Using ep0 maxpacket: 8
[  159.314453][ T3031] F2FS-fs (loop3): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  159.322999][ T3031] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  159.331567][ T3031] F2FS-fs (loop3): invalid crc value
[  159.338110][ T3031] F2FS-fs (loop3): Found nat_bits in checkpoint
[  159.369795][ T3031] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  159.376785][ T3031] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  159.445791][  T314] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  159.455044][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.475514][  T314] usb 2-1: config 0 descriptor??
[  159.487460][ T2450] wacom 0003:056A:0029.0035: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  159.518952][ T2450] wacom 0003:056A:0029.0035: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.2-1/input0
[  159.535577][ T1224] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  159.550270][ T2450] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0029.0035/input/input79
[  159.626175][ T3042] FAULT_INJECTION: forcing a failure.
[  159.626175][ T3042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.639172][ T3042] CPU: 1 PID: 3042 Comm: syz.0.693 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  159.648618][ T3042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  159.658513][ T3042] Call Trace:
[  159.661639][ T3042]  <TASK>
[  159.664425][ T3042]  dump_stack_lvl+0x151/0x1b7
[  159.668928][ T3042]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  159.674221][ T3042]  dump_stack+0x15/0x1b
[  159.678211][ T3042]  should_fail_ex+0x3d0/0x520
[  159.682725][ T3042]  should_fail+0xb/0x10
[  159.686717][ T3042]  should_fail_usercopy+0x1a/0x20
[  159.691580][ T3042]  _copy_to_user+0x1e/0x90
[  159.695832][ T3042]  simple_read_from_buffer+0xc7/0x150
[  159.701041][ T3042]  proc_fail_nth_read+0x1a3/0x210
[  159.705904][ T3042]  ? proc_fault_inject_write+0x390/0x390
[  159.711365][ T3042]  ? fsnotify_perm+0x470/0x5d0
[  159.715971][ T3042]  ? security_file_permission+0x86/0xb0
[  159.721347][ T3042]  ? proc_fault_inject_write+0x390/0x390
[  159.726817][ T3042]  vfs_read+0x26c/0xad0
[  159.730814][ T3042]  ? kernel_read+0x1f0/0x1f0
[  159.735232][ T3042]  ? mutex_lock+0xb1/0x1e0
[  159.739579][ T3042]  ? bit_wait_io_timeout+0x120/0x120
[  159.744698][ T3042]  ? __fdget_pos+0x2e2/0x390
[  159.745659][  T314] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  159.749115][ T3042]  ? ksys_read+0x77/0x2c0
[  159.749145][ T3042]  ksys_read+0x199/0x2c0
[  159.766741][ T3042]  ? vfs_write+0xeb0/0xeb0
[  159.770991][ T3042]  ? debug_smp_processor_id+0x17/0x20
[  159.776199][ T3042]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  159.782103][ T3042]  __x64_sys_read+0x7b/0x90
[  159.786437][ T3042]  do_syscall_64+0x3d/0xb0
[  159.790689][ T3042]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  159.796419][ T3042] RIP: 0033:0x7f154ad746bc
[  159.800671][ T3042] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  159.820112][ T3042] RSP: 002b:00007f154bb88040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  159.828358][ T3042] RAX: ffffffffffffffda RBX: 00007f154af03f60 RCX: 00007f154ad746bc
[  159.836285][ T3042] RDX: 000000000000000f RSI: 00007f154bb880b0 RDI: 0000000000000008
[  159.844096][ T3042] RBP: 00007f154bb880a0 R08: 0000000000000000 R09: 0000000000000000
[  159.851909][ T3042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.859719][ T3042] R13: 000000000000000b R14: 00007f154af03f60 R15: 00007ffe563a4418
[  159.867538][ T3042]  </TASK>
[  159.995629][ T1224] usb 5-1: Using ep0 maxpacket: 16
[  160.115610][ T1224] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.126335][ T1224] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.136087][ T1224] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  160.144927][ T1224] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.153304][ T1224] usb 5-1: config 0 descriptor??
[  160.175648][  T314] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  160.185507][  T314] asix: probe of 2-1:0.0 failed with error -61
[  160.637683][ T1224] savu 0003:1E7D:2D5A.0036: hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  160.839265][ T1224] usb 5-1: USB disconnect, device number 25
[  160.959538][ T3065] loop3: detected capacity change from 0 to 512
[  160.971198][ T3065] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  160.982524][ T3065] EXT4-fs (loop3): 1 truncate cleaned up
[  160.988296][ T3065] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  161.332680][    T6] usb 3-1: USB disconnect, device number 28
[  161.407747][ T3075] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  161.630028][ T3078] loop0: detected capacity change from 0 to 256
[  161.639113][ T3078] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x3bed3e2a, utbl_chksum : 0xe619d30d)
[  161.667544][ T3080] loop0: detected capacity change from 0 to 512
[  161.673892][ T3080] ext4: Unknown parameter 'fowner<00000000000000000000'
[  161.715610][    T6] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  161.875831][   T28] audit: type=1400 audit(1721012972.011:573): avc:  denied  { bind } for  pid=3079 comm="syz.0.702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  161.919619][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  161.925499][   T28] audit: type=1400 audit(1721012972.011:574): avc:  denied  { bind } for  pid=3079 comm="syz.0.702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  161.950173][   T28] audit: type=1400 audit(1721012972.011:575): avc:  denied  { name_bind } for  pid=3079 comm="syz.0.702" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  161.971956][   T28] audit: type=1400 audit(1721012972.011:576): avc:  denied  { node_bind } for  pid=3079 comm="syz.0.702" saddr=::1 src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  162.001501][ T3084] overlayfs: './file0' not a directory
[  162.095592][    T6] usb 3-1: Using ep0 maxpacket: 16
[  162.215634][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.227456][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  162.247554][    T6] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  162.257419][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.270460][    T6] usb 3-1: config 0 descriptor??
[  162.276196][  T299] usb 2-1: USB disconnect, device number 21
[  162.584292][ T3103] loop0: detected capacity change from 0 to 512
[  162.606915][ T3103] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  162.615828][ T3103] ext4 filesystem being mounted at /51/bus supports timestamps until 2038 (0x7fffffff)
[  162.695584][  T299] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  162.750157][    T6] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0037/input/input82
[  162.830305][    T6] microsoft 0003:045E:07DA.0037: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  163.095638][  T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.110339][  T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.125607][  T299] usb 2-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  163.142948][  T299] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.156283][  T299] usb 2-1: config 0 descriptor??
[  163.161350][ T1224] usb 3-1: USB disconnect, device number 29
[  163.660474][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  163.676995][  T299] wacom 0003:056A:0029.0038: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  163.693916][  T299] wacom 0003:056A:0029.0038: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.1-1/input0
[  163.718969][  T299] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0029.0038/input/input83
[  163.731983][ T3120] loop0: detected capacity change from 0 to 1024
[  164.009615][ T3125] loop2: detected capacity change from 0 to 40427
[  164.115608][  T299] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  164.326334][ T3132] loop4: detected capacity change from 0 to 40427
[  164.346726][ T3132] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  164.357898][ T3132] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  164.385553][  T299] usb 4-1: Using ep0 maxpacket: 32
[  164.408835][ T3132] F2FS-fs (loop4): Found nat_bits in checkpoint
[  164.444655][ T3132] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  164.451579][ T3132] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  164.825659][  T299] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  164.835983][  T299] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  164.847721][ T3145] device erspan0 entered promiscuous mode
[  164.849240][  T299] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  164.855096][ T3145] device vlan2 entered promiscuous mode
[  164.868039][ T3148] loop4: detected capacity change from 0 to 512
[  164.874900][  T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.881169][ T3145] device erspan0 left promiscuous mode
[  164.883533][  T299] usb 4-1: config 0 descriptor??
[  164.892648][ T3148] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  164.900580][ T3148] System zones: 1-12
[  164.904713][ T3148] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #11: comm syz.4.720: iget: bogus i_mode (0)
[  164.915898][ T3148] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.720: couldn't read orphan inode 11 (err -117)
[  164.927701][ T3148] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  164.946142][  T299] hub 4-1:0.0: bad descriptor, ignoring hub
[  164.952139][  T299] hub: probe of 4-1:0.0 failed with error -5
[  164.958762][  T299] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  165.386055][ T1224] usb 2-1: USB disconnect, device number 22
[  165.415669][ T3160] loop1: detected capacity change from 0 to 128
[  165.437859][ T3160] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  165.448005][ T3160] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  165.776413][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  165.837984][ T3170] netlink: 12 bytes leftover after parsing attributes in process `syz.4.725'.
[  165.872539][   T28] audit: type=1400 audit(1721012976.031:577): avc:  denied  { create } for  pid=3169 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  166.175572][ T1224] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  166.415581][ T1224] usb 3-1: Using ep0 maxpacket: 16
[  166.498883][ T3183] loop0: detected capacity change from 0 to 256
[  166.545773][ T1224] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.611560][ T1224] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  166.625459][ T1224] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  166.634409][ T1224] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.643808][ T1224] usb 3-1: config 0 descriptor??
[  166.867705][ T3186] loop4: detected capacity change from 0 to 512
[  166.887109][  T501] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  167.251635][  T299] usb 4-1: USB disconnect, device number 25
[  167.295006][ T1224] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0039/input/input86
[  167.469943][ T3196] FAULT_INJECTION: forcing a failure.
[  167.469943][ T3196] name failslab, interval 1, probability 0, space 0, times 0
[  167.482590][ T3196] CPU: 1 PID: 3196 Comm: syz.0.732 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  167.492041][ T3196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  167.501940][ T3196] Call Trace:
[  167.505057][ T3196]  <TASK>
[  167.507837][ T3196]  dump_stack_lvl+0x151/0x1b7
[  167.512355][ T3196]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  167.517643][ T3196]  ? irqentry_exit+0x30/0x40
[  167.522072][ T3196]  ? sysvec_reschedule_ipi+0x80/0x160
[  167.527276][ T3196]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  167.532747][ T3196]  dump_stack+0x15/0x1b
[  167.536736][ T3196]  should_fail_ex+0x3d0/0x520
[  167.541257][ T3196]  ? v9fs_session_init+0xaf/0x1950
[  167.546198][ T3196]  __should_failslab+0xaf/0xf0
[  167.550801][ T3196]  should_failslab+0x9/0x20
[  167.555137][ T3196]  __kmem_cache_alloc_node+0x3d/0x250
[  167.560343][ T3196]  ? v9fs_mount+0xae/0xb60
[  167.564599][ T3196]  ? v9fs_session_init+0xaf/0x1950
[  167.569545][ T3196]  __kmalloc_node_track_caller+0xa2/0x1e0
[  167.575098][ T3196]  ? do_new_mount+0x2ba/0xb30
[  167.579610][ T3196]  ? path_mount+0x671/0x1070
[  167.584039][ T3196]  ? __se_sys_mount+0x2c4/0x3b0
[  167.588726][ T3196]  kstrdup+0x39/0x70
[  167.592462][ T3196]  v9fs_session_init+0xaf/0x1950
[  167.597241][ T3196]  ? v9fs_show_options+0x570/0x570
[  167.602185][ T3196]  ? kasan_save_alloc_info+0x1f/0x30
[  167.607303][ T3196]  ? __kasan_kmalloc+0x9c/0xb0
[  167.611901][ T3196]  ? kmalloc_trace+0x44/0xa0
[  167.616326][ T3196]  v9fs_mount+0xca/0xb60
[  167.620408][ T3196]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  167.625870][ T3196]  ? incfs_get_verity_signature+0x420/0x420
[  167.631604][ T3196]  ? selinux_sb_eat_lsm_opts+0x85/0x9e0
[  167.636980][ T3196]  ? cap_capable+0x1d2/0x270
[  167.641413][ T3196]  legacy_get_tree+0xf1/0x190
[  167.645919][ T3196]  ? incfs_get_verity_signature+0x420/0x420
[  167.651649][ T3196]  vfs_get_tree+0x88/0x290
[  167.655900][ T3196]  do_new_mount+0x2ba/0xb30
[  167.660245][ T3196]  ? do_move_mount_old+0x160/0x160
[  167.665187][ T3196]  ? path_mount+0x255/0x1070
[  167.669621][ T3196]  path_mount+0x671/0x1070
[  167.673869][ T3196]  ? user_path_at_empty+0x14e/0x1a0
[  167.678909][ T3196]  __se_sys_mount+0x2c4/0x3b0
[  167.683413][ T3196]  ? __x64_sys_mount+0xd0/0xd0
[  167.688014][ T3196]  ? fpregs_restore_userregs+0x130/0x290
[  167.693489][ T3196]  __x64_sys_mount+0xbf/0xd0
[  167.697913][ T3196]  do_syscall_64+0x3d/0xb0
[  167.702163][ T3196]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  167.707887][ T3196] RIP: 0033:0x7f154ad75bd9
[  167.712151][ T3196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.731585][ T3196] RSP: 002b:00007f154bb46048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  167.739857][ T3196] RAX: ffffffffffffffda RBX: 00007f154af04110 RCX: 00007f154ad75bd9
[  167.747639][ T3196] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[  167.755450][ T3196] RBP: 00007f154bb460a0 R08: 0000000020000580 R09: 0000000000000000
[  167.763269][ T3196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.771074][ T3196] R13: 000000000000006e R14: 00007f154af04110 R15: 00007ffe563a4418
[  167.778896][ T3196]  </TASK>
[  167.812492][ T1224] microsoft 0003:045E:07DA.0039: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  167.869541][ T1224] usb 3-1: USB disconnect, device number 30
[  168.030546][ T3202] loop4: detected capacity change from 0 to 512
[  168.038025][ T3202] EXT4-fs: Ignoring removed bh option
[  168.043609][ T3202] ext4: Unknown parameter 'obj_type'
[  168.248036][  T501] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  168.267289][ T3206] loop0: detected capacity change from 0 to 512
[  168.274570][ T3206] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  168.282370][ T3206] System zones: 1-12
[  168.287013][ T3206] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #11: comm syz.0.735: iget: bogus i_mode (0)
[  168.298197][ T3206] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.735: couldn't read orphan inode 11 (err -117)
[  168.309993][ T3206] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  168.515649][   T39] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  168.827138][ T3228] loop4: detected capacity change from 0 to 512
[  168.836037][ T3228] EXT4-fs (loop4): 1 orphan inode deleted
[  168.841629][ T3228] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  168.875623][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.887006][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.896589][   T39] usb 4-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  168.905411][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.914089][   T39] usb 4-1: config 0 descriptor??
[  169.158132][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  169.196601][ T3233] loop0: detected capacity change from 0 to 1024
[  169.216507][ T3233] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  169.386140][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  169.397063][   T39] wacom 0003:056A:0029.003A: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  169.407925][   T39] wacom 0003:056A:0029.003A: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.3-1/input0
[  169.419626][   T39] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0029.003A/input/input87
[  169.456172][ T3240] netem: change failed
[  169.633215][   T28] audit: type=1400 audit(1721012979.791:578): avc:  denied  { mount } for  pid=3241 comm="syz.2.744" name="/" dev="configfs" ino=5365 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  169.663664][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  170.145575][   T39] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  170.426231][ T3262] loop4: detected capacity change from 0 to 512
[  170.433493][ T3262] EXT4-fs: Ignoring removed bh option
[  170.439147][ T3262] ext4: Unknown parameter 'obj_type'
[  170.445711][   T39] usb 3-1: Using ep0 maxpacket: 16
[  170.566077][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.579342][   T39] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  170.592158][   T39] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  170.592481][  T501] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  170.613276][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.621684][   T39] usb 3-1: config 0 descriptor??
[  170.710466][ T3267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.718810][ T3267] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.095350][ T3269] loop4: detected capacity change from 0 to 512
[  171.102759][ T3269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  171.110949][ T3269] System zones: 1-12
[  171.113079][   T39] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.003B/input/input90
[  171.116942][ T3269] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #11: comm syz.4.752: iget: bogus i_mode (0)
[  171.137046][ T3269] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.752: couldn't read orphan inode 11 (err -117)
[  171.148797][ T3269] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  171.205584][   T39] microsoft 0003:045E:07DA.003B: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  171.254957][   T39] usb 4-1: USB disconnect, device number 26
[  171.273841][ T3275] loop3: detected capacity change from 0 to 512
[  171.336633][ T3275] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  171.507334][ T3275] EXT4-fs (loop3): 1 truncate cleaned up
[  171.517661][ T3275] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  171.595462][  T314] usb 3-1: USB disconnect, device number 31
[  172.008979][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  172.108612][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  172.176963][ T3294] kvm: emulating exchange as write
[  172.367838][  T299] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  172.380892][ T3299] loop3: detected capacity change from 0 to 512
[  172.407137][ T3299] EXT4-fs (loop3): Test dummy encryption mode enabled
[  172.431287][ T3299] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  172.443430][ T3306] binder: 3305:3306 ioctl 4018620d 0 returned -22
[  172.449403][ T3299] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.758: attempt to clear invalid blocks 2 len 1
[  172.451168][ T3306] netlink: 12 bytes leftover after parsing attributes in process `syz.0.762'.
[  172.471284][ T3299] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  172.486292][ T3299] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.758: invalid indirect mapped block 1819239214 (level 0)
[  172.505740][ T3299] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.758: invalid indirect mapped block 1819239214 (level 1)
[  172.540923][ T3299] EXT4-fs (loop3): 1 truncate cleaned up
[  172.550519][ T3299] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  172.564947][ T3309] loop0: detected capacity change from 0 to 2048
[  172.606872][ T3309] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  172.629168][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  172.723030][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  172.765751][  T299] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  172.785708][  T299] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 494, setting to 64
[  172.800741][  T299] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  172.810631][  T299] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  172.855307][ T3298] loop2: detected capacity change from 0 to 131072
[  172.873092][ T3298] F2FS-fs (loop2): Test dummy encryption mode enabled
[  172.888320][ T3298] F2FS-fs (loop2): Found nat_bits in checkpoint
[  172.905648][  T299] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  172.917839][  T299] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  172.935207][  T299] usb 5-1: SerialNumber: syz
[  172.957550][ T3298] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  172.965682][ T3292] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  172.995976][  T299] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  173.004503][  T299] cdc_acm: probe of 5-1:1.0 failed with error -12
[  173.105030][ T3324] loop2: detected capacity change from 0 to 512
[  173.112520][ T3324] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  173.120431][ T3324] System zones: 1-12
[  173.124631][ T3324] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #11: comm syz.2.766: iget: bogus i_mode (0)
[  173.135582][   T24] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  173.135875][ T3324] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.766: couldn't read orphan inode 11 (err -117)
[  173.154727][ T3324] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  173.204565][  T299] usb 5-1: USB disconnect, device number 26
[  173.535683][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.548741][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.559188][   T24] usb 4-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  173.568228][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.577350][   T24] usb 4-1: config 0 descriptor??
[  173.645069][ T3333] loop0: detected capacity change from 0 to 512
[  173.651685][ T3333] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  173.662868][ T3333] EXT4-fs (loop0): 1 truncate cleaned up
[  173.668577][ T3333] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  173.877292][ T3338] device bridge0 entered promiscuous mode
[  173.882885][ T3338] device vlan2 entered promiscuous mode
[  173.888920][ T3338] device bridge0 left promiscuous mode
[  173.998309][  T837] EXT4-fs (loop2): unmounting filesystem.
[  174.014812][ T3341] loop2: detected capacity change from 0 to 1024
[  174.031703][ T3341] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  174.056938][   T24] wacom 0003:056A:0029.003C: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  174.076051][   T24] wacom 0003:056A:0029.003C: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.3-1/input0
[  174.095986][   T24] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0029.003C/input/input91
[  174.295616][   T39] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  174.483284][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  174.546953][ T3354] FAULT_INJECTION: forcing a failure.
[  174.546953][ T3354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.559953][ T3354] CPU: 1 PID: 3354 Comm: syz.0.773 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  174.569352][ T3354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  174.579248][ T3354] Call Trace:
[  174.582373][ T3354]  <TASK>
[  174.585147][ T3354]  dump_stack_lvl+0x151/0x1b7
[  174.589661][ T3354]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  174.594956][ T3354]  ? bpf_test_run+0x912/0xa40
[  174.599476][ T3354]  dump_stack+0x15/0x1b
[  174.603463][ T3354]  should_fail_ex+0x3d0/0x520
[  174.607982][ T3354]  should_fail+0xb/0x10
[  174.611970][ T3354]  should_fail_usercopy+0x1a/0x20
[  174.616827][ T3354]  _copy_to_user+0x1e/0x90
[  174.621079][ T3354]  bpf_test_finish+0x22c/0x950
[  174.625682][ T3354]  ? convert_skb_to___skb+0x4f0/0x4f0
[  174.630912][ T3354]  ? convert_skb_to___skb+0x2da/0x4f0
[  174.636099][ T3354]  bpf_prog_test_run_skb+0xcfd/0x13a0
[  174.641308][ T3354]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  174.647035][ T3354]  ? __kasan_check_write+0x14/0x20
[  174.651983][ T3354]  ? fput+0x15b/0x1b0
[  174.655803][ T3354]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  174.661531][ T3354]  bpf_prog_test_run+0x3b0/0x630
[  174.666306][ T3354]  ? bpf_prog_query+0x260/0x260
[  174.670986][ T3354]  ? selinux_bpf+0xd2/0x100
[  174.675325][ T3354]  ? security_bpf+0x82/0xb0
[  174.679665][ T3354]  __sys_bpf+0x59f/0x7f0
[  174.683745][ T3354]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  174.688958][ T3354]  ? debug_smp_processor_id+0x17/0x20
[  174.694158][ T3354]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  174.700061][ T3354]  __x64_sys_bpf+0x7c/0x90
[  174.704313][ T3354]  do_syscall_64+0x3d/0xb0
[  174.708571][ T3354]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  174.714293][ T3354] RIP: 0033:0x7f154ad75bd9
[  174.718548][ T3354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.737992][ T3354] RSP: 002b:00007f154bb88048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  174.746235][ T3354] RAX: ffffffffffffffda RBX: 00007f154af03f60 RCX: 00007f154ad75bd9
[  174.754045][ T3354] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a
[  174.761859][ T3354] RBP: 00007f154bb880a0 R08: 0000000000000000 R09: 0000000000000000
[  174.769667][ T3354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.777479][ T3354] R13: 000000000000004d R14: 00007f154af03f60 R15: 00007ffe563a4418
[  174.785299][ T3354]  </TASK>
[  174.818957][ T3357] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  174.865658][   T39] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  174.882877][ T3357] loop0: detected capacity change from 0 to 512
[  174.889560][ T3357] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  174.899421][ T3357] EXT4-fs (loop0): can't mount with journal_async_commit, fs mounted w/o journal
[  174.955641][   T39] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  174.965339][  T837] EXT4-fs (loop2): unmounting filesystem.
[  174.969625][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  174.978985][   T39] usb 5-1: SerialNumber: syz
[  175.012230][   T28] audit: type=1400 audit(1721012985.171:579): avc:  denied  { read } for  pid=3361 comm="syz.2.776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  175.027959][ T3358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.774'.
[  175.041493][   T28] audit: type=1400 audit(1721012985.201:580): avc:  denied  { getopt } for  pid=3356 comm="syz.0.774" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  175.365590][  T299] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  175.517222][   T39] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  175.535411][   T28] audit: type=1400 audit(1721012985.691:581): avc:  denied  { read } for  pid=139 comm="dhcpcd" name="n16" dev="tmpfs" ino=7994 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.559111][   T28] audit: type=1400 audit(1721012985.691:582): avc:  denied  { open } for  pid=139 comm="dhcpcd" path="/run/udev/data/n16" dev="tmpfs" ino=7994 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.582094][   T28] audit: type=1400 audit(1721012985.701:583): avc:  denied  { getattr } for  pid=139 comm="dhcpcd" path="/run/udev/data/n16" dev="tmpfs" ino=7994 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.608261][   T28] audit: type=1400 audit(1721012985.771:584): avc:  denied  { create } for  pid=3372 comm="dhcpcd-run-hook" name="resolv.conf.usb0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.632985][   T28] audit: type=1400 audit(1721012985.771:585): avc:  denied  { write } for  pid=3372 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.usb0.link" dev="tmpfs" ino=7997 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.635576][  T299] usb 3-1: Using ep0 maxpacket: 16
[  175.659081][   T28] audit: type=1400 audit(1721012985.771:586): avc:  denied  { append } for  pid=3372 comm="dhcpcd-run-hook" name="resolv.conf.usb0.link" dev="tmpfs" ino=7997 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.687816][   T28] audit: type=1400 audit(1721012985.771:587): avc:  denied  { unlink } for  pid=3383 comm="rm" name="resolv.conf.usb0.link" dev="tmpfs" ino=7997 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  175.717378][    T6] usb 5-1: USB disconnect, device number 27
[  175.726268][    T6] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  175.806548][  T314] usb 4-1: USB disconnect, device number 27
[  175.821803][ T1816] EXT4-fs (loop1): unmounting filesystem.
[  175.825896][  T299] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.863028][  T299] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  175.899425][  T299] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  175.912559][  T320] tipc: Disabling bearer <udp:syz2>
[  175.917590][  T299] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.924603][  T299] usb 3-1: config 0 descriptor??
[  175.932809][  T320] tipc: Left network mode
[  176.029086][ T3428] loop0: detected capacity change from 0 to 512
[  176.035841][ T3428] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  176.050192][ T3428] EXT4-fs (loop0): 1 truncate cleaned up
[  176.063387][ T3409] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.065647][ T3428] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  176.070512][ T3409] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.086569][ T3409] device bridge_slave_0 entered promiscuous mode
[  176.098689][ T3409] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.105581][ T3409] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.112887][ T3409] device bridge_slave_1 entered promiscuous mode
[  176.164705][ T3405] loop3: detected capacity change from 0 to 40427
[  176.177316][ T3405] F2FS-fs (loop3): Wrong NAT boundary, start(2560) end(0) blocks(1024)
[  176.185569][ T3405] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  176.193538][ T3405] F2FS-fs (loop3): Unrecognized mount option "18446744073709551615017777777777777777777770xffffffffffffffffÿÿÿÿ" or missing value
[  176.199917][ T3409] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.213512][ T3409] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.220631][ T3409] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.227427][ T3409] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.229796][ T3434] loop4: detected capacity change from 0 to 512
[  176.240919][ T3434] ext4: Bad value for 'init_itable'
[  176.269726][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  176.318859][ T3405] loop3: detected capacity change from 0 to 512
[  176.338438][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.345453][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.366781][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  176.374781][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.381631][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.389004][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  176.397024][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.403853][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.411045][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  176.421410][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  176.438372][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  176.448863][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  176.462211][  T299] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.003D/input/input94
[  176.482178][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  176.491965][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  176.517753][   T28] audit: type=1400 audit(1721012986.681:588): avc:  denied  { view } for  pid=3433 comm="syz.4.785" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  176.519106][ T3409] device veth0_vlan entered promiscuous mode
[  176.561028][  T299] microsoft 0003:045E:07DA.003D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  176.596064][ T3409] device veth1_macvtap entered promiscuous mode
[  176.613082][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  176.636366][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  176.654916][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  176.667190][  T320] device bridge_slave_1 left promiscuous mode
[  176.673978][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.693379][  T320] device bridge_slave_0 left promiscuous mode
[  176.699668][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.707606][  T320] device veth1_macvtap left promiscuous mode
[  176.713528][  T320] device veth0_vlan left promiscuous mode
[  176.868560][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  176.879296][ T1224] usb 3-1: USB disconnect, device number 32
[  176.894088][ T3443] loop0: detected capacity change from 0 to 256
[  176.901547][ T3443] exFAT-fs (loop0): invalid boot record signature
[  176.907876][ T3443] exFAT-fs (loop0): failed to read boot sector
[  176.913866][ T3443] exFAT-fs (loop0): failed to recognize exfat type
[  177.026683][ T3446] loop1: detected capacity change from 0 to 512
[  177.090531][ T3446] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  177.109698][ T3446] System zones: 1-12
[  177.118551][ T3446] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #11: comm syz.1.780: iget: bogus i_mode (0)
[  177.144136][ T3450] loop3: detected capacity change from 0 to 1024
[  177.155784][ T3446] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.780: couldn't read orphan inode 11 (err -117)
[  177.167835][ T3446] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  177.171489][ T3450] EXT4-fs: quotafile must be on filesystem root
[  177.226071][ T3456] netlink: 16 bytes leftover after parsing attributes in process `syz.4.789'.
[  177.238836][ T3456] loop4: detected capacity change from 0 to 256
[  177.253238][ T3456] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  177.307590][ T3459] loop0: detected capacity change from 0 to 128
[  177.649058][ T3459] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  177.663805][ T3459] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  177.760007][ T3469] loop4: detected capacity change from 0 to 512
[  177.767581][ T3469] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  177.829845][ T3469] EXT4-fs (loop4): 1 orphan inode deleted
[  177.835565][ T3469] EXT4-fs (loop4): 1 truncate cleaned up
[  177.840993][ T3469] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  177.887937][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  177.952873][ T3409] EXT4-fs (loop1): unmounting filesystem.
[  177.992709][ T3479] loop4: detected capacity change from 0 to 512
[  178.009785][ T3479] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  178.040104][ T3479] EXT4-fs (loop4): 1 truncate cleaned up
[  178.050082][ T3479] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  178.098285][ T3478] loop1: detected capacity change from 0 to 8192
[  178.120136][ T3478] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  178.234333][ T3485] loop3: detected capacity change from 0 to 512
[  178.276746][ T1696] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  178.287552][ T3487] loop1: detected capacity change from 0 to 512
[  178.312534][ T3487] EXT4-fs (loop1): Test dummy encryption mode enabled
[  178.319602][ T3487] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  178.339412][ T3487] EXT4-fs (loop1): 1 truncate cleaned up
[  178.345068][ T3487] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  178.367916][ T3487] EXT4-fs: journaled quota format not specified
[  178.378134][ T3409] EXT4-fs error (device loop1): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0
[  178.398648][ T3409] EXT4-fs (loop1): Remounting filesystem read-only
[  178.407076][ T3409] EXT4-fs (loop1): unmounting filesystem.
[  178.684334][ T3471] loop2: detected capacity change from 0 to 131072
[  178.697067][ T3471] F2FS-fs (loop2): Found nat_bits in checkpoint
[  178.745597][ T3471] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  178.832229][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  178.861230][ T3496] loop4: detected capacity change from 0 to 256
[  179.041066][ T3490] loop1: detected capacity change from 0 to 131072
[  179.078212][ T3490] F2FS-fs (loop1): invalid crc value
[  179.116686][ T3490] F2FS-fs (loop1): Found nat_bits in checkpoint
[  179.149585][ T3490] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  179.369128][ T3490] input: syz0 as /devices/virtual/input/input95
[  179.395579][  T336] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  179.755602][  T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.766421][  T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.775746][ T1170] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  179.775943][  T336] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  179.795894][  T336] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  179.804729][  T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.813325][  T336] usb 4-1: config 0 descriptor??
[  179.877443][ T3523] loop4: detected capacity change from 0 to 512
[  179.885356][ T3523] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  179.893228][ T3523] System zones: 1-12
[  179.897905][ T3523] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #11: comm syz.4.807: iget: bogus i_mode (0)
[  179.909298][ T3523] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.807: couldn't read orphan inode 11 (err -117)
[  179.921404][ T3523] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  180.035576][ T1170] usb 2-1: Using ep0 maxpacket: 16
[  180.255696][  T336] usbhid 4-1:0.0: can't add hid device: -71
[  180.261880][  T336] usbhid: probe of 4-1:0.0 failed with error -71
[  180.318499][ T3538] loop3: detected capacity change from 0 to 512
[  180.324851][  T336] usb 4-1: USB disconnect, device number 28
[  180.339470][ T3538] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.348906][ T3538] EXT4-fs (loop3): Test dummy encryption mode enabled
[  180.357915][ T3538] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz.3.810: iget: bogus i_mode (0)
[  180.369424][ T3538] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.810: couldn't read orphan inode 17 (err -117)
[  180.381289][ T3538] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  180.395644][ T1170] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.407044][ T1170] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  180.419869][ T1170] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  180.432574][ T1170] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.441402][ T1170] usb 2-1: config 0 descriptor??
[  180.677800][ T3541] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.810: bg 0: block 7: invalid block bitmap
[  180.690258][ T3541] incfs: Can't find or create .index dir in ./file0
[  180.696773][ T3541] incfs: mount failed -28
[  180.768327][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  181.096638][ T3552] loop2: detected capacity change from 0 to 128
[  181.099880][ T1170] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.003E/input/input96
[  181.146544][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  181.187598][ T1170] microsoft 0003:045E:07DA.003E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  181.465590][  T336] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  181.497894][ T1170] usb 2-1: USB disconnect, device number 23
[  181.653080][ T3563] loop4: detected capacity change from 0 to 512
[  181.659919][ T3563] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  181.669706][ T3563] EXT4-fs (loop4): orphan cleanup on readonly fs
[  181.675921][ T3563] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.817: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  181.692911][ T3563] EXT4-fs error (device loop4): ext4_quota_enable:6946: comm syz.4.817: Bad quota inode: 3, type: 0
[  181.703788][ T3563] EXT4-fs warning (device loop4): ext4_enable_quotas:6987: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  181.718292][ T3563] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  181.724847][ T3563] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  181.739352][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  181.825604][  T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.836311][  T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.846393][  T336] usb 4-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  181.855236][  T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.866577][  T336] usb 4-1: config 0 descriptor??
[  182.043225][ T3571] loop1: detected capacity change from 0 to 512
[  182.175401][ T3566] loop4: detected capacity change from 0 to 131072
[  182.190242][ T3566] F2FS-fs (loop4): invalid crc value
[  182.205254][ T3566] F2FS-fs (loop4): Found nat_bits in checkpoint
[  182.233014][ T3579] loop2: detected capacity change from 0 to 512
[  182.246107][ T3579] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  182.253924][ T3579] System zones: 1-12
[  182.256419][ T3566] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  182.259081][ T3579] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #11: comm syz.2.821: iget: bogus i_mode (0)
[  182.276084][ T3579] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.821: couldn't read orphan inode 11 (err -117)
[  182.287933][ T3579] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  182.388284][  T336] wacom 0003:056A:0029.003F: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  182.398042][  T336] wacom 0003:056A:0029.003F: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.3-1/input0
[  182.409758][  T336] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0029.003F/input/input97
[  182.765928][ T3582] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 361: padding at end of block bitmap is not set
[  183.290099][  T837] EXT4-fs (loop2): unmounting filesystem.
[  183.445906][ T2450] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  183.550508][ T3601] loop2: detected capacity change from 0 to 512
[  183.557277][ T3601] EXT4-fs: Ignoring removed nomblk_io_submit option
[  183.568405][ T3601] EXT4-fs (loop2): Test dummy encryption mode enabled
[  183.576820][ T3601] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #17: comm syz.2.825: iget: bogus i_mode (0)
[  183.587988][ T3601] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.825: couldn't read orphan inode 17 (err -117)
[  183.599902][ T3601] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  183.702529][ T3598] loop4: detected capacity change from 0 to 40427
[  183.709297][ T3598] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  183.716929][ T3598] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  183.725496][ T3598] F2FS-fs (loop4): invalid crc value
[  183.786899][ T3608] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.825: bg 0: block 7: invalid block bitmap
[  183.800444][ T3608] incfs: Can't find or create .index dir in ./file0
[  183.807120][ T3608] incfs: mount failed -28
[  183.829560][ T3598] F2FS-fs (loop4): Found nat_bits in checkpoint
[  183.909971][ T3598] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  183.917104][ T3598] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  184.384518][  T347] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  184.393588][  T347] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  184.416496][  T837] EXT4-fs (loop2): unmounting filesystem.
[  184.461677][ T3616] loop2: detected capacity change from 0 to 512
[  184.481301][ T3616] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  184.494672][ T1224] usb 4-1: USB disconnect, device number 29
[  184.518277][ T3616] EXT4-fs (loop2): 1 truncate cleaned up
[  184.523853][ T3616] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  184.925597][ T1224] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  185.285658][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  185.299110][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.308737][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10
[  185.313083][  T837] EXT4-fs (loop2): unmounting filesystem.
[  185.319377][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  185.319400][ T1224] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  185.319432][ T1224] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  185.355910][ T1224] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.359119][ T3629] loop2: detected capacity change from 0 to 512
[  185.364652][ T1224] usb 4-1: config 0 descriptor??
[  185.381039][ T3629] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.830: Invalid inode bitmap blk 4 in block_group 0
[  185.393634][ T3629] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  185.489802][ T3634] 9pnet_fd: Insufficient options for proto=fd
[  185.544158][ T3636] FAULT_INJECTION: forcing a failure.
[  185.544158][ T3636] name failslab, interval 1, probability 0, space 0, times 0
[  185.556837][ T3636] CPU: 0 PID: 3636 Comm: syz.4.833 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  185.566285][ T3636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  185.576180][ T3636] Call Trace:
[  185.579303][ T3636]  <TASK>
[  185.582083][ T3636]  dump_stack_lvl+0x151/0x1b7
[  185.586596][ T3636]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  185.591895][ T3636]  dump_stack+0x15/0x1b
[  185.595882][ T3636]  should_fail_ex+0x3d0/0x520
[  185.600395][ T3636]  ? sk_prot_alloc+0xf9/0x330
[  185.604908][ T3636]  __should_failslab+0xaf/0xf0
[  185.609510][ T3636]  should_failslab+0x9/0x20
[  185.613849][ T3636]  __kmem_cache_alloc_node+0x3d/0x250
[  185.619056][ T3636]  ? sk_prot_alloc+0xf9/0x330
[  185.623569][ T3636]  __kmalloc+0xa3/0x1e0
[  185.627571][ T3636]  sk_prot_alloc+0xf9/0x330
[  185.631903][ T3636]  sk_alloc+0x38/0x440
[  185.635807][ T3636]  ? bpf_test_init+0x169/0x190
[  185.640407][ T3636]  bpf_prog_test_run_skb+0x384/0x13a0
[  185.645618][ T3636]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  185.651345][ T3636]  ? __kasan_check_write+0x14/0x20
[  185.656290][ T3636]  ? fput+0x15b/0x1b0
[  185.660107][ T3636]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  185.665836][ T3636]  bpf_prog_test_run+0x3b0/0x630
[  185.670611][ T3636]  ? bpf_prog_query+0x260/0x260
[  185.675296][ T3636]  ? selinux_bpf+0xd2/0x100
[  185.675562][  T336] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  185.679635][ T3636]  ? security_bpf+0x82/0xb0
[  185.679663][ T3636]  __sys_bpf+0x59f/0x7f0
[  185.695433][ T3636]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  185.700645][ T3636]  ? debug_smp_processor_id+0x17/0x20
[  185.705862][ T3636]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  185.711753][ T3636]  __x64_sys_bpf+0x7c/0x90
[  185.716027][ T3636]  do_syscall_64+0x3d/0xb0
[  185.720255][ T3636]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  185.725983][ T3636] RIP: 0033:0x7f5968775bd9
[  185.730237][ T3636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.749677][ T3636] RSP: 002b:00007f59694da048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  185.757926][ T3636] RAX: ffffffffffffffda RBX: 00007f5968903f60 RCX: 00007f5968775bd9
[  185.765734][ T3636] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  185.773545][ T3636] RBP: 00007f59694da0a0 R08: 0000000000000000 R09: 0000000000000000
[  185.781360][ T3636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.789183][ T3636] R13: 000000000000000b R14: 00007f5968903f60 R15: 00007ffdb51f9498
[  185.796987][ T3636]  </TASK>
[  185.809515][ T3638] loop4: detected capacity change from 0 to 512
[  185.817458][ T3638] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  185.825217][ T3638] System zones: 1-12
[  185.829494][ T3638] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #11: comm syz.4.834: iget: bogus i_mode (0)
[  185.840860][ T3638] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.834: couldn't read orphan inode 11 (err -117)
[  185.852703][ T3638] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  186.075813][  T336] usb 3-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f
[  186.085011][  T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.113319][  T336] usb 3-1: config 0 descriptor??
[  186.164123][  T336] rndis_host 3-1:0.0: More than one union descriptor, skipping ...
[  186.172252][  T336] usb 3-1: bad CDC descriptors
[  186.177868][  T336] cdc_acm 3-1:0.0: More than one union descriptor, skipping ...
[  186.188307][ T3644] loop3: detected capacity change from 0 to 256
[  186.216915][ T1224] ntrig 0003:1B96:000A.0040: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.3-1/input0
[  186.357134][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  186.357150][   T28] audit: type=1400 audit(1721012996.521:596): avc:  denied  { append } for  pid=3628 comm="syz.2.830" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  186.385006][   T28] audit: type=1400 audit(1721012996.521:597): avc:  denied  { mounton } for  pid=3628 comm="syz.2.830" path="/147/file0/file0/file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  186.467217][ T3645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.475716][ T3645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.484050][ T3645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.492397][ T3645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.697683][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  186.883432][ T1170] usb 3-1: USB disconnect, device number 33
[  186.890169][  T837] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0
[  186.914376][  T837] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 20: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0
[  186.936302][  T837] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0
[  186.960418][  T837] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 20: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0
[  186.983964][ T3653] FAULT_INJECTION: forcing a failure.
[  186.983964][ T3653] name failslab, interval 1, probability 0, space 0, times 0
[  186.996490][ T3653] CPU: 1 PID: 3653 Comm: syz.4.836 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  187.005839][ T3653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  187.015737][ T3653] Call Trace:
[  187.018861][ T3653]  <TASK>
[  187.021638][ T3653]  dump_stack_lvl+0x151/0x1b7
[  187.026151][ T3653]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  187.031454][ T3653]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[  187.037464][ T3653]  ? irqentry_exit+0x30/0x40
[  187.041890][ T3653]  dump_stack+0x15/0x1b
[  187.045882][ T3653]  should_fail_ex+0x3d0/0x520
[  187.049076][  T837] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0
[  187.050396][ T3653]  ? copy_pid_ns+0x263/0x8d0
[  187.072490][  T837] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 20: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0
[  187.076516][ T3653]  __should_failslab+0xaf/0xf0
[  187.076542][ T3653]  should_failslab+0x9/0x20
[  187.096629][  T837] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0
[  187.100903][ T3653]  kmem_cache_alloc+0x3b/0x2c0
[  187.105421][  T837] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 20: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0
[  187.126944][ T3653]  copy_pid_ns+0x263/0x8d0
[  187.126969][ T3653]  ? proc_alloc_inum+0xf/0x90
[  187.131863][  T837] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor: path /147/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0
[  187.151331][ T3653]  ? cmp_extents_reverse+0xb0/0xb0
[  187.151359][ T3653]  ? copy_utsname+0x25b/0x440
[  187.156967][  T837] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 20: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0
[  187.160097][ T3653]  create_new_namespaces+0x2f6/0x670
[  187.216174][ T3653]  unshare_nsproxy_namespaces+0x126/0x180
[  187.221752][ T3653]  ksys_unshare+0x542/0xa00
[  187.226058][ T3653]  ? unshare_fd+0x240/0x240
[  187.230396][ T3653]  ? __kasan_check_write+0x14/0x20
[  187.235344][ T3653]  ? switch_fpu_return+0xe/0x10
[  187.240030][ T3653]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  187.245497][ T3653]  __x64_sys_unshare+0x38/0x40
[  187.250097][ T3653]  do_syscall_64+0x3d/0xb0
[  187.254351][ T3653]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  187.260086][ T3653] RIP: 0033:0x7f5968775bd9
[  187.264331][ T3653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.283775][ T3653] RSP: 002b:00007f5969498048 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  187.292021][ T3653] RAX: ffffffffffffffda RBX: 00007f5968904110 RCX: 00007f5968775bd9
[  187.299828][ T3653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600
[  187.307641][ T3653] RBP: 00007f59694980a0 R08: 0000000000000000 R09: 0000000000000000
[  187.315453][ T3653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.323265][ T3653] R13: 000000000000006e R14: 00007f5968904110 R15: 00007ffdb51f9498
[  187.331078][ T3653]  </TASK>
[  187.337958][  T837] EXT4-fs (loop2): unmounting filesystem.
[  187.358144][ T2419] EXT4-fs (loop0): unmounting filesystem.
[  187.454444][ T3657] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.461759][ T3657] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.469367][ T3657] device bridge_slave_0 entered promiscuous mode
[  187.477734][ T3657] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.484586][ T3657] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.491936][ T3657] device bridge_slave_1 entered promiscuous mode
[  187.535266][ T1224] usb 4-1: USB disconnect, device number 30
[  187.573936][ T3657] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.580818][ T3657] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.587920][ T3657] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.594669][ T3657] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.656034][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  187.663576][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.672156][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.683255][ T3663] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.691028][ T3663] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.698500][ T3663] device bridge_slave_0 entered promiscuous mode
[  187.706287][ T3663] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.713137][ T3663] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.720720][ T3663] device bridge_slave_1 entered promiscuous mode
[  187.741880][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.749905][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.768319][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  187.786496][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  187.794433][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  187.801933][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  187.809595][ T3657] device veth0_vlan entered promiscuous mode
[  187.859121][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  187.868798][  T347] device bridge_slave_1 left promiscuous mode
[  187.874710][  T347] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.882527][  T347] device bridge_slave_0 left promiscuous mode
[  187.888798][  T347] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.896909][  T347] device veth1_macvtap left promiscuous mode
[  187.902765][  T347] device veth0_vlan left promiscuous mode
[  187.908310][ T1224] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  188.020656][ T3657] device veth1_macvtap entered promiscuous mode
[  188.041263][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  188.066135][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  188.078042][   T28] audit: type=1400 audit(1721012998.241:598): avc:  denied  { mount } for  pid=3657 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  188.128192][ T3673] loop0: detected capacity change from 0 to 512
[  188.137456][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  188.151491][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  188.159740][ T3673] EXT4-fs: Ignoring removed nomblk_io_submit option
[  188.166262][ T1224] usb 4-1: Using ep0 maxpacket: 16
[  188.169659][ T1170] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.177958][ T1170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.185629][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  188.193612][ T1170] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.195268][ T3673] EXT4-fs (loop0): Test dummy encryption mode enabled
[  188.200466][ T1170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.200955][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  188.233983][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  188.241310][ T3673] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #17: comm syz.0.838: iget: bogus i_mode (0)
[  188.242539][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  188.261552][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  188.269387][ T3673] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.838: couldn't read orphan inode 17 (err -117)
[  188.273735][ T3663] device veth0_vlan entered promiscuous mode
[  188.287868][ T3673] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  188.295704][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.306979][ T1224] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  188.310679][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  188.327248][ T1224] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  188.331902][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  188.343617][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  188.366988][ T3663] device veth1_macvtap entered promiscuous mode
[  188.384093][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.396403][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  188.402705][ T1224] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.412959][ T1224] usb 4-1: config 0 descriptor??
[  188.420401][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  188.447342][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  188.461295][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  188.524306][ T3678] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.838: bg 0: block 7: invalid block bitmap
[  188.598861][ T3678] incfs: Can't find or create .index dir in ./file0
[  188.605665][ T3678] incfs: mount failed -28
[  188.667487][ T3681] loop2: detected capacity change from 0 to 512
[  188.739866][ T3681] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  188.760597][ T3681] EXT4-fs (loop2): 1 truncate cleaned up
[  188.766242][ T3681] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  188.801677][ T3671] loop4: detected capacity change from 0 to 131072
[  188.809509][ T3671] F2FS-fs (loop4): invalid crc value
[  188.816625][ T3671] F2FS-fs (loop4): Found nat_bits in checkpoint
[  188.853957][ T3671] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  188.949627][ T1224] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0041/input/input100
[  188.992259][ T3657] EXT4-fs (loop0): unmounting filesystem.
[  189.056807][ T1224] microsoft 0003:045E:07DA.0041: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  189.343502][ T1170] usb 4-1: USB disconnect, device number 31
[  189.351264][  T347] device bridge_slave_1 left promiscuous mode
[  189.357462][  T347] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.364879][  T347] device bridge_slave_0 left promiscuous mode
[  189.371234][  T347] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.378860][  T347] device veth1_macvtap left promiscuous mode
[  189.478506][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  193.686495][  T347] device bridge_slave_1 left promiscuous mode
[  193.692414][  T347] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.699770][  T347] device bridge_slave_0 left promiscuous mode
[  193.705788][  T347] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.713384][  T347] device veth1_macvtap left promiscuous mode
[  193.719285][  T347] device veth0_vlan left promiscuous mode
[  196.817145][ T3703] loop4: detected capacity change from 0 to 128
[  196.818972][ T3704] loop3: detected capacity change from 0 to 128
[  196.826326][ T3700] loop2: detected capacity change from 0 to 512
[  196.848444][ T3704] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  196.848662][ T3703] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  196.871855][ T3703] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  196.947349][ T3700] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  196.955324][ T3700] System zones: 1-12
[  196.960224][ T3700] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #11: comm syz.2.846: iget: bogus i_mode (0)
[  196.973339][ T3700] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.846: couldn't read orphan inode 11 (err -117)
[  196.986155][ T3700] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  196.998158][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.019948][ T3710] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.031845][ T3710] device bridge_slave_0 entered promiscuous mode
[  197.046608][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.063585][ T3710] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.076128][ T3710] device bridge_slave_1 entered promiscuous mode
[  197.696404][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.703275][ T3710] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.710406][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.717178][ T3710] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.743953][ T1170] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.751501][ T1170] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.759042][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  197.765274][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  197.785010][ T1170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  197.807041][ T3410] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.815102][ T3410] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.821966][ T3410] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.847775][ T3410] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.857073][ T3410] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.864083][ T3410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.873201][ T3410] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  197.881041][ T3410] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  197.899875][ T1224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  197.920358][ T3710] device veth0_vlan entered promiscuous mode
[  197.936902][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  197.944870][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  197.952557][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  197.962505][ T3738] netlink: 12 bytes leftover after parsing attributes in process `syz.3.852'.
[  197.989526][ T3710] device veth1_macvtap entered promiscuous mode
[  198.002303][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  198.016187][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  198.034888][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  198.058196][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  198.066345][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  198.074505][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  198.083192][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  198.112583][ T3744] netlink: 60 bytes leftover after parsing attributes in process `syz.1.845'.
[  198.177142][ T3747] loop2: detected capacity change from 0 to 512
[  198.189120][ T3747] EXT4-fs: Ignoring removed nomblk_io_submit option
[  198.196032][ T3747] EXT4-fs (loop2): Test dummy encryption mode enabled
[  198.205167][ T3747] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #17: comm syz.2.854: iget: bogus i_mode (0)
[  198.236400][ T3747] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.854: couldn't read orphan inode 17 (err -117)
[  198.249611][ T3747] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  198.425766][   T24] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  198.468410][ T3753] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.854: bg 0: block 7: invalid block bitmap
[  198.533940][ T3753] incfs: Can't find or create .index dir in ./file0
[  198.540648][ T3753] incfs: mount failed -28
[  198.548847][ T1224] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  198.675592][   T24] usb 2-1: Using ep0 maxpacket: 16
[  198.742819][ T3757] loop0: detected capacity change from 0 to 512
[  198.749554][ T3757] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  198.760296][ T3757] EXT4-fs (loop0): 1 truncate cleaned up
[  198.765893][ T3757] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  198.795686][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  198.806708][   T24] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  198.815476][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.824030][   T24] usb 2-1: config 0 descriptor??
[  198.828879][ T1224] usb 4-1: Using ep0 maxpacket: 16
[  198.966172][ T1224] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  198.977001][ T1224] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  198.989596][ T1224] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  198.998437][ T1224] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.007078][ T1224] usb 4-1: config 0 descriptor??
[  199.033344][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  199.301878][ T3744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.318809][ T3744] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.362674][   T24] hid (null): unknown global tag 0x83
[  199.368027][   T24] hid (null): unknown global tag 0xc
[  199.374287][   T24] hid-generic 0003:0158:0100.0042: unknown main item tag 0x1
[  199.381588][   T24] hid-generic 0003:0158:0100.0042: unexpected long global item
[  199.389061][   T24] hid-generic: probe of 0003:0158:0100.0042 failed with error -22
[  199.560553][ T1224] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0043/input/input101
[  199.577695][ T3410] usb 2-1: USB disconnect, device number 25
[  199.590657][ T3657] EXT4-fs (loop0): unmounting filesystem.
[  199.603995][ T3773] loop0: detected capacity change from 0 to 512
[  199.611942][ T3773] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  199.619847][ T3773] System zones: 1-12
[  199.624097][ T3773] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #11: comm syz.0.859: iget: bogus i_mode (0)
[  199.635272][ T3773] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.859: couldn't read orphan inode 11 (err -117)
[  199.647162][ T3773] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  199.664904][ T1224] microsoft 0003:045E:07DA.0043: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  200.093365][ T3410] usb 4-1: USB disconnect, device number 32
[  200.355599][ T1170] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  200.706848][ T3657] EXT4-fs (loop0): unmounting filesystem.
[  200.915832][ T1170] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.938812][ T1170] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.975767][ T1170] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  201.011863][ T1170] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.020658][ T1170] usb 3-1: config 0 descriptor??
[  201.237284][   T28] audit: type=1400 audit(1721013011.401:599): avc:  denied  { unmount } for  pid=3710 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  201.420733][ T3806] Driver unsupported XDP return value 0 on prog  (id 680) dev N/A, expect packet loss!
[  201.600137][ T3810] loop3: detected capacity change from 0 to 512
[  201.610297][ T3810] EXT4-fs: Ignoring removed nomblk_io_submit option
[  201.617176][ T3810] EXT4-fs (loop3): Test dummy encryption mode enabled
[  201.624922][ T3810] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz.3.868: iget: bogus i_mode (0)
[  201.636219][ T3810] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.868: couldn't read orphan inode 17 (err -117)
[  201.648044][ T3810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  201.821346][ T3819] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.868: bg 0: block 7: invalid block bitmap
[  201.867276][ T3819] incfs: Can't find or create .index dir in ./file0
[  201.873906][ T3819] incfs: mount failed -28
[  202.225645][ T1170] uclogic 0003:256C:006D.0044: interface is invalid, ignoring
[  202.434944][    T6] usb 3-1: USB disconnect, device number 34
[  202.460555][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  202.631059][ T3830] loop3: detected capacity change from 0 to 256
[  202.648629][ T3830] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  202.664076][ T3830] exFAT-fs (loop3): error, invalid access to FAT bad cluster (entry 0x00000005)
[  202.673181][ T3830] exFAT-fs (loop3): failed to initialize root inode
[  202.986850][ T3834] netlink: 24 bytes leftover after parsing attributes in process `syz.1.873'.
[  202.996159][ T3834] netlink: 'syz.1.873': attribute type 1 has an invalid length.
[  203.003646][ T3834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.873'.
[  203.275596][ T1224] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  203.285696][   T39] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  203.346480][ T3840] loop3: detected capacity change from 0 to 512
[  203.353717][ T3840] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  203.361585][ T3840] System zones: 1-12
[  203.366765][ T3840] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #11: comm syz.3.876: iget: bogus i_mode (0)
[  203.377924][ T3840] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.876: couldn't read orphan inode 11 (err -117)
[  203.389673][ T3840] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  203.477713][ T3844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.486183][ T3844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.595690][ T1224] usb 3-1: Using ep0 maxpacket: 16
[  203.716674][ T1224] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.745367][ T1224] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  203.764055][ T3852] loop0: detected capacity change from 0 to 2048
[  203.770594][ T1224] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  203.779688][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.794618][ T3852] EXT4-fs: Ignoring removed bh option
[  203.800256][ T1224] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.808525][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.815616][ T3852] EXT4-fs: Ignoring removed nomblk_io_submit option
[  203.825218][   T39] usb 2-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  203.834142][ T3852] EXT4-fs: Ignoring removed nobh option
[  203.834393][ T1224] usb 3-1: config 0 descriptor??
[  203.847854][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.857318][ T3852] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  203.859847][   T39] usb 2-1: config 0 descriptor??
[  203.874111][ T3848] EXT4-fs (loop0): shut down requested (2)
[  203.884058][ T3848] device pim6reg1 entered promiscuous mode
[  204.246619][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  204.261101][ T3856] loop3: detected capacity change from 0 to 512
[  204.267800][ T3856] EXT4-fs (loop3): Test dummy encryption mode enabled
[  204.275305][ T3856] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  204.283916][ T3856] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.878: attempt to clear invalid blocks 2 len 1
[  204.296787][ T3856] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  204.311126][ T3856] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.878: invalid indirect mapped block 1819239214 (level 0)
[  204.324943][ T3856] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.878: invalid indirect mapped block 1819239214 (level 1)
[  204.339252][ T3856] EXT4-fs (loop3): 1 truncate cleaned up
[  204.344750][ T3856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  204.362892][   T39] wacom 0003:056A:0029.0045: unknown main item tag 0x0
[  204.369677][   T39] wacom 0003:056A:0029.0045: unknown main item tag 0x0
[  204.370525][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  204.382693][ T1224] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0046/input/input102
[  204.394160][   T39] wacom 0003:056A:0029.0045: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  204.403941][   T39] wacom 0003:056A:0029.0045: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.1-1/input0
[  204.415511][   T39] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0029.0045/input/input103
[  204.466947][ T1224] microsoft 0003:045E:07DA.0046: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  204.558293][ T3657] EXT4-fs (loop0): unmounting filesystem.
[  204.582799][ T1224] usb 2-1: USB disconnect, device number 26
[  204.666242][ T3863] netlink: 24 bytes leftover after parsing attributes in process `syz.0.880'.
[  204.675401][ T3863] netlink: 'syz.0.880': attribute type 1 has an invalid length.
[  204.683077][ T3863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.880'.
[  204.692236][ T3863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  204.701175][ T3863] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.785920][ T1170] usb 3-1: USB disconnect, device number 35
[  205.221943][ T3868] FAULT_INJECTION: forcing a failure.
[  205.221943][ T3868] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.234901][ T3868] CPU: 0 PID: 3868 Comm: syz.0.882 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  205.244348][ T3868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  205.254245][ T3868] Call Trace:
[  205.257369][ T3868]  <TASK>
[  205.260145][ T3868]  dump_stack_lvl+0x151/0x1b7
[  205.264804][ T3868]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  205.270094][ T3868]  ? __kasan_check_write+0x14/0x20
[  205.275041][ T3868]  ? kvm_arch_vcpu_load+0x577/0x760
[  205.280074][ T3868]  dump_stack+0x15/0x1b
[  205.284065][ T3868]  should_fail_ex+0x3d0/0x520
[  205.288580][ T3868]  should_fail+0xb/0x10
[  205.292590][ T3868]  should_fail_usercopy+0x1a/0x20
[  205.297435][ T3868]  _copy_from_user+0x1e/0xc0
[  205.301867][ T3868]  kvm_arch_vcpu_ioctl+0x203/0x2430
[  205.306898][ T3868]  ? kvm_arch_vcpu_put+0x620/0x620
[  205.311852][ T3868]  ? 0xffffffffa0001f98
[  205.315837][ T3868]  ? is_bpf_text_address+0x172/0x190
[  205.320956][ T3868]  ? stack_trace_save+0x1c0/0x1c0
[  205.325817][ T3868]  ? kernel_text_address+0xa9/0xe0
[  205.329147][ T3874] loop2: detected capacity change from 0 to 1024
[  205.330763][ T3868]  ? __kernel_text_address+0xd/0x40
[  205.341965][ T3868]  ? unwind_get_return_address+0x4d/0x90
[  205.347431][ T3868]  ? arch_stack_walk+0xf3/0x140
[  205.347532][ T3874] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  205.352113][ T3868]  ? _parse_integer_limit+0x19b/0x1e0
[  205.364970][ T3868]  ? _parse_integer+0x2a/0x40
[  205.369470][ T3868]  ? kstrtoull+0x1cd/0x2e0
[  205.373723][ T3868]  ? _parse_integer+0x40/0x40
[  205.378235][ T3868]  ? __stack_depot_save+0x36/0x480
[  205.383182][ T3868]  ? putname+0xfa/0x150
[  205.387177][ T3868]  ? putname+0xfa/0x150
[  205.391170][ T3868]  ? kstrtouint+0xf6/0x180
[  205.395594][ T3868]  ? kmem_cache_free+0x291/0x510
[  205.400367][ T3868]  ? putname+0xfa/0x150
[  205.404361][ T3868]  ? _kstrtol+0x150/0x150
[  205.408527][ T3868]  ? do_vfs_ioctl+0xba7/0x29a0
[  205.413126][ T3868]  ? kstrtouint_from_user+0x124/0x180
[  205.418334][ T3868]  ? __x64_compat_sys_ioctl+0x90/0x90
[  205.423539][ T3868]  ? kstrtol_from_user+0x180/0x180
[  205.428492][ T3868]  ? __kasan_check_write+0x14/0x20
[  205.433434][ T3868]  ? ioctl_has_perm+0x1f8/0x560
[  205.438134][ T3868]  ? memcpy+0x56/0x70
[  205.441947][ T3868]  ? __kasan_check_write+0x14/0x20
[  205.446886][ T3868]  ? mutex_lock_killable+0xb1/0x1e0
[  205.452126][ T3868]  ? __mutex_lock_interruptible_slowpath+0x10/0x10
[  205.458458][ T3868]  ? vfs_write+0xbb3/0xeb0
[  205.462716][ T3868]  kvm_vcpu_ioctl+0x6d6/0xcf0
[  205.467232][ T3868]  ? xa_release+0x40/0x40
[  205.471419][ T3868]  ? selinux_file_ioctl+0x3cc/0x540
[  205.476439][ T3868]  ? __mutex_lock_slowpath+0x10/0x10
[  205.481549][ T3868]  ? selinux_file_alloc_security+0x120/0x120
[  205.487362][ T3868]  ? __fget_files+0x2cb/0x330
[  205.491878][ T3868]  ? security_file_ioctl+0x84/0xb0
[  205.496821][ T3868]  ? xa_release+0x40/0x40
[  205.500987][ T3868]  __se_sys_ioctl+0x114/0x190
[  205.505503][ T3868]  __x64_sys_ioctl+0x7b/0x90
[  205.509931][ T3868]  do_syscall_64+0x3d/0xb0
[  205.514181][ T3868]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  205.519910][ T3868] RIP: 0033:0x7fddea375bd9
[  205.524161][ T3868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.543600][ T3868] RSP: 002b:00007fddeb196048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  205.551848][ T3868] RAX: ffffffffffffffda RBX: 00007fddea503f60 RCX: 00007fddea375bd9
[  205.559667][ T3868] RDX: 00000000200005c0 RSI: 000000004008ae89 RDI: 0000000000000008
[  205.567469][ T3868] RBP: 00007fddeb1960a0 R08: 0000000000000000 R09: 0000000000000000
[  205.575282][ T3868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.583092][ T3868] R13: 000000000000004d R14: 00007fddea503f60 R15: 00007ffe0498de48
[  205.590907][ T3868]  </TASK>
[  206.508362][ T3886] loop2: detected capacity change from 0 to 512
[  206.525234][ T3888] FAULT_INJECTION: forcing a failure.
[  206.525234][ T3888] name failslab, interval 1, probability 0, space 0, times 0
[  206.535804][ T3886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  206.537661][ T3888] CPU: 1 PID: 3888 Comm: syz.3.887 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  206.545389][ T3886] System zones: 
[  206.554818][ T3888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  206.554832][ T3888] Call Trace:
[  206.554837][ T3888]  <TASK>
[  206.554845][ T3888]  dump_stack_lvl+0x151/0x1b7
[  206.565569][ T3886] 1-12
[  206.568098][ T3888]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  206.575751][ T3886] 
[  206.578511][ T3888]  ? call_rcu+0xd98/0x1340
[  206.586060][ T3886] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #11: comm syz.2.888: iget: bogus i_mode (0)
[  206.586327][ T3888]  dump_stack+0x15/0x1b
[  206.588686][ T3886] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.888: couldn't read orphan inode 11 (err -117)
[  206.592746][ T3888]  should_fail_ex+0x3d0/0x520
[  206.613987][ T3886] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  206.619221][ T3888]  ? fdb_create+0x37/0xd10
[  206.619247][ T3888]  __should_failslab+0xaf/0xf0
[  206.640833][ T3888]  should_failslab+0x9/0x20
[  206.645168][ T3888]  kmem_cache_alloc+0x3b/0x2c0
[  206.649771][ T3888]  fdb_create+0x37/0xd10
[  206.653848][ T3888]  ? br_fdb_find_rcu+0x30/0x30
[  206.658454][ T3888]  fdb_add_local+0x142/0x270
[  206.662876][ T3888]  br_fdb_changeaddr+0x18f/0x1c0
[  206.667649][ T3888]  br_device_event+0x3c4/0x7d0
[  206.672251][ T3888]  ? br_boolopt_multi_get+0x130/0x130
[  206.677457][ T3888]  ? packet_notifier+0x8c0/0x8e0
[  206.682233][ T3888]  ? ip6mr_device_event+0x1e3/0x210
[  206.687265][ T3888]  ? ipv6_mc_netdev_event+0xa4/0x480
[  206.692993][ T3888]  raw_notifier_call_chain+0x8c/0xf0
[  206.698118][ T3888]  dev_set_mac_address+0x325/0x470
[  206.703061][ T3888]  ? dev_pre_changeaddr_notify+0x220/0x220
[  206.708701][ T3888]  dev_set_mac_address_user+0x31/0x50
[  206.713908][ T3888]  dev_ifsioc+0x843/0x1150
[  206.718160][ T3888]  ? dev_ioctl+0xe60/0xe60
[  206.722416][ T3888]  ? __kasan_check_write+0x14/0x20
[  206.727361][ T3888]  ? mutex_lock+0xb1/0x1e0
[  206.731615][ T3888]  ? bit_wait_io_timeout+0x120/0x120
[  206.736735][ T3888]  dev_ioctl+0x543/0xe60
[  206.740814][ T3888]  sock_do_ioctl+0x26b/0x450
[  206.745239][ T3888]  ? has_cap_mac_admin+0x3c0/0x3c0
[  206.750187][ T3888]  ? sock_show_fdinfo+0xa0/0xa0
[  206.754883][ T3888]  ? selinux_file_ioctl+0x3cc/0x540
[  206.759908][ T3888]  sock_ioctl+0x455/0x740
[  206.764075][ T3888]  ? sock_poll+0x400/0x400
[  206.768326][ T3888]  ? __fget_files+0x2cb/0x330
[  206.772840][ T3888]  ? security_file_ioctl+0x84/0xb0
[  206.777785][ T3888]  ? sock_poll+0x400/0x400
[  206.782042][ T3888]  __se_sys_ioctl+0x114/0x190
[  206.786557][ T3888]  __x64_sys_ioctl+0x7b/0x90
[  206.790979][ T3888]  do_syscall_64+0x3d/0xb0
[  206.795234][ T3888]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  206.800962][ T3888] RIP: 0033:0x7f24e4b75bd9
[  206.805211][ T3888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.824653][ T3888] RSP: 002b:00007f24e59e7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  206.832900][ T3888] RAX: ffffffffffffffda RBX: 00007f24e4d03f60 RCX: 00007f24e4b75bd9
[  206.840709][ T3888] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000008
[  206.848520][ T3888] RBP: 00007f24e59e70a0 R08: 0000000000000000 R09: 0000000000000000
[  206.856337][ T3888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.864144][ T3888] R13: 000000000000004d R14: 00007f24e4d03f60 R15: 00007fffe330cce8
[  206.871970][ T3888]  </TASK>
[  206.886982][ T2593] EXT4-fs (loop4): unmounting filesystem.
[  207.081613][ T3904] netlink: 24 bytes leftover after parsing attributes in process `syz.3.892'.
[  207.137502][ T3898] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.153374][ T3898] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.170773][ T3898] device bridge_slave_0 entered promiscuous mode
[  207.185600][ T3904] netlink: 'syz.3.892': attribute type 1 has an invalid length.
[  207.195322][ T3904] netlink: 4 bytes leftover after parsing attributes in process `syz.3.892'.
[  207.218601][ T3898] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.225593][ T3898] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.232940][ T3898] device bridge_slave_1 entered promiscuous mode
[  207.245670][    T6] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  207.375680][ T3898] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.382642][ T3898] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.389766][ T3898] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.396675][ T3898] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.407403][ T3913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.425620][ T1170] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  207.430086][ T3913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.448108][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  207.456352][  T299] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.463544][  T299] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.484905][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  207.493004][  T299] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.499859][  T299] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.507273][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  207.515690][  T299] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.522549][  T299] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.530796][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  207.538705][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  207.538832][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  207.562839][ T3410] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  207.573577][ T3898] device veth0_vlan entered promiscuous mode
[  207.579972][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  207.587775][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  207.594940][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  207.606800][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.612801][ T3898] device veth1_macvtap entered promiscuous mode
[  207.623588][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.633226][  T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  207.641333][    T6] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  207.645468][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  207.650210][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.666765][    T6] usb 2-1: config 0 descriptor??
[  207.673426][ T2450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  207.726441][  T320] device bridge_slave_1 left promiscuous mode
[  207.732487][  T320] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.740207][  T320] device bridge_slave_0 left promiscuous mode
[  207.746428][  T320] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.754314][  T320] device veth1_macvtap left promiscuous mode
[  207.760406][  T320] device veth0_vlan left promiscuous mode
[  207.805641][ T1170] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.825577][ T2450] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  207.898534][ T3920] overlayfs: missing 'workdir'
[  208.065594][ T2450] usb 3-1: Using ep0 maxpacket: 16
[  208.104082][ T1170] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.113934][ T1170] usb 4-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  208.122871][ T1170] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.133134][ T1170] usb 4-1: config 0 descriptor??
[  208.140839][ T3925] loop1: detected capacity change from 0 to 16
[  208.151976][ T3925] erofs: (device loop1): mounted with root inode @ nid 36.
[  208.166692][ T3925] erofs: (device loop1): erofs_read_inode: unsupported i_format 36 of nid 37
[  208.167299][ T3925] erofs: (device loop1): erofs_read_inode: unsupported i_format 36 of nid 37
[  208.175605][    T6] usbhid 2-1:0.0: can't add hid device: -71
[  208.195097][ T3925] erofs: (device loop1): erofs_read_inode: unsupported i_format 36 of nid 37
[  208.204788][    T6] usbhid: probe of 2-1:0.0 failed with error -71
[  208.212320][    T6] usb 2-1: USB disconnect, device number 27
[  208.226060][ T2450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.234868][ T3932] loop1: detected capacity change from 0 to 256
[  208.243183][ T3932] FAT-fs (loop1): Unrecognized mount option "fmask=0p000000000000000000006" or missing value
[  208.262475][ T2450] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  208.276870][ T2450] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  208.286189][ T2450] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.297614][ T2450] usb 3-1: config 0 descriptor??
[  208.400250][ T3932] loop1: detected capacity change from 0 to 40427
[  208.425141][ T3932] F2FS-fs (loop1): Unrecognized mount option "errors=remount-ro" or missing value
[  208.584929][ T3938] loop4: detected capacity change from 0 to 256
[  208.614983][   T28] audit: type=1400 audit(1721013018.771:600): avc:  denied  { remount } for  pid=3937 comm="syz.4.901" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  208.653601][ T3938] loop4: detected capacity change from 0 to 128
[  208.665038][ T3938] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  208.667178][ T1170] wacom 0003:056A:0029.0047: unknown main item tag 0x0
[  208.680052][ T1170] wacom 0003:056A:0029.0047: unknown main item tag 0x0
[  208.687314][ T1170] wacom 0003:056A:0029.0047: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  208.687493][ T3938] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038 (0x7fffffff)
[  208.706539][ T1170] wacom 0003:056A:0029.0047: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.3-1/input0
[  208.724629][ T1170] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0029.0047/input/input106
[  208.793938][ T2450] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0048/input/input109
[  208.878044][ T1170] usb 4-1: USB disconnect, device number 33
[  208.931009][ T2450] microsoft 0003:045E:07DA.0048: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  208.988444][   T28] audit: type=1400 audit(1721013019.151:601): avc:  denied  { read } for  pid=3937 comm="syz.4.901" path="socket:[36118]" dev="sockfs" ino=36118 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  209.056233][ T3898] EXT4-fs (loop4): unmounting filesystem.
[  209.203858][ T2450] usb 3-1: USB disconnect, device number 36
[  209.406540][ T3952] loop3: detected capacity change from 0 to 512
[  209.440045][ T3952] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  209.459216][ T3952] System zones: 1-12
[  209.463443][ T3952] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #11: comm syz.3.904: iget: bogus i_mode (0)
[  209.565786][ T3952] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.904: couldn't read orphan inode 11 (err -117)
[  209.585703][ T3952] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  209.888092][ T3962] device bridge0 entered promiscuous mode
[  209.893765][ T3962] device vlan2 entered promiscuous mode
[  209.924476][ T3962] device bridge0 left promiscuous mode
[  210.125826][ T3970] loop4: detected capacity change from 0 to 512
[  210.132525][ T3970] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  210.146997][ T3970] EXT4-fs (loop4): 1 truncate cleaned up
[  210.152658][ T3970] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  210.239372][ T3972] loop2: detected capacity change from 0 to 512
[  210.284765][ T1224] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  210.305326][ T3972] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  210.393785][ T3972] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.908: casefold flag without casefold feature
[  210.407592][ T3972] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.908: missing EA_INODE flag
[  210.419769][ T3972] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.908: error while reading EA inode 12 err=-117
[  210.432023][ T3972] EXT4-fs (loop2): 1 orphan inode deleted
[  210.437828][ T3972] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  210.459486][ T3977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.473937][ T3977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.483290][ T3977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.493427][ T3977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.540688][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  210.562426][   T28] audit: type=1400 audit(1721013020.721:602): avc:  denied  { create } for  pid=3980 comm="syz.3.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  210.582707][   T28] audit: type=1400 audit(1721013020.721:603): avc:  denied  { write } for  pid=3980 comm="syz.3.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  210.602952][   T28] audit: type=1400 audit(1721013020.721:604): avc:  denied  { nlmsg_read } for  pid=3980 comm="syz.3.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  210.623511][   T28] audit: type=1400 audit(1721013020.721:605): avc:  denied  { read } for  pid=3980 comm="syz.3.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  210.675553][ T1224] usb 2-1: Using ep0 maxpacket: 16
[  210.825584][ T1224] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.836476][ T1224] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  210.849039][ T1224] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  210.857857][ T1224] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.866600][ T1224] usb 2-1: config 0 descriptor??
[  210.910348][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  210.933306][ T3984] FAULT_INJECTION: forcing a failure.
[  210.933306][ T3984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.946239][ T3984] CPU: 1 PID: 3984 Comm: syz.2.913 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  210.955588][ T3984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  210.965483][ T3984] Call Trace:
[  210.968606][ T3984]  <TASK>
[  210.971381][ T3984]  dump_stack_lvl+0x151/0x1b7
[  210.975983][ T3984]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  210.981278][ T3984]  ? get_sigframe+0x378/0x4b0
[  210.985790][ T3984]  dump_stack+0x15/0x1b
[  210.989784][ T3984]  should_fail_ex+0x3d0/0x520
[  210.994299][ T3984]  should_fail+0xb/0x10
[  210.998289][ T3984]  should_fail_usercopy+0x1a/0x20
[  211.003149][ T3984]  _copy_to_user+0x1e/0x90
[  211.007399][ T3984]  copy_siginfo_to_user+0x28/0xa0
[  211.012263][ T3984]  arch_do_signal_or_restart+0x8b3/0x16f0
[  211.017820][ T3984]  ? get_sigframe_size+0x10/0x10
[  211.022610][ T3984]  exit_to_user_mode_loop+0x74/0xa0
[  211.027629][ T3984]  exit_to_user_mode_prepare+0x5a/0xa0
[  211.032924][ T3984]  syscall_exit_to_user_mode+0x26/0x130
[  211.038306][ T3984]  do_syscall_64+0x49/0xb0
[  211.042553][ T3984]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  211.048280][ T3984] RIP: 0033:0x7fa56eb75bd7
[  211.052549][ T3984] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  211.071976][ T3984] RSP: 002b:00007fa56f99e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  211.080219][ T3984] RAX: 0000000000000049 RBX: 00007fa56ed03f60 RCX: 00007fa56eb75bd9
[  211.088032][ T3984] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  211.095843][ T3984] RBP: 00007fa56f99e0a0 R08: 0000000000000000 R09: 0000000000000000
[  211.103653][ T3984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.111474][ T3984] R13: 000000000000000b R14: 00007fa56ed03f60 R15: 00007ffd701f6468
[  211.119282][ T3984]  </TASK>
[  211.144167][ T3898] EXT4-fs (loop4): unmounting filesystem.
[  211.156185][ T3986] netlink: 24 bytes leftover after parsing attributes in process `syz.2.914'.
[  211.167673][ T3991] loop0: detected capacity change from 0 to 128
[  211.178485][ T3986] netlink: 'syz.2.914': attribute type 1 has an invalid length.
[  211.187875][ T3986] netlink: 4 bytes leftover after parsing attributes in process `syz.2.914'.
[  211.205316][ T3994] 9pnet_fd: Insufficient options for proto=fd
[  211.373920][ T4002] device bridge0 entered promiscuous mode
[  211.379789][ T4002] device vlan2 entered promiscuous mode
[  211.386559][ T4002] device bridge0 left promiscuous mode
[  211.411155][   T28] audit: type=1400 audit(1721013021.571:606): avc:  denied  { unmount } for  pid=2928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  211.443165][ T1224] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0049/input/input110
[  211.464556][ T4008] loop3: detected capacity change from 0 to 512
[  211.470957][  T725] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  211.480574][ T4008] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  211.488682][ T4008] System zones: 1-12
[  211.493262][ T4008] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #11: comm syz.3.921: iget: bogus i_mode (0)
[  211.504753][ T4008] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.921: couldn't read orphan inode 11 (err -117)
[  211.516749][ T4008] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  211.534384][ T1224] microsoft 0003:045E:07DA.0049: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  211.905483][  T336] usb 2-1: USB disconnect, device number 28
[  212.032852][ T4020] FAULT_INJECTION: forcing a failure.
[  212.032852][ T4020] name failslab, interval 1, probability 0, space 0, times 0
[  212.045342][ T4020] CPU: 1 PID: 4020 Comm: syz.0.924 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  212.054712][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  212.064605][ T4020] Call Trace:
[  212.067727][ T4020]  <TASK>
[  212.070502][ T4020]  dump_stack_lvl+0x151/0x1b7
[  212.075020][ T4020]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  212.080316][ T4020]  dump_stack+0x15/0x1b
[  212.084305][ T4020]  should_fail_ex+0x3d0/0x520
[  212.088818][ T4020]  ? vm_area_alloc+0xea/0x1b0
[  212.093330][ T4020]  __should_failslab+0xaf/0xf0
[  212.098433][ T4020]  should_failslab+0x9/0x20
[  212.102771][ T4020]  kmem_cache_alloc+0x3b/0x2c0
[  212.107387][ T4020]  vm_area_alloc+0xea/0x1b0
[  212.111714][ T4020]  mmap_region+0xf03/0x2410
[  212.116056][ T4020]  ? file_mmap_ok+0x150/0x150
[  212.120568][ T4020]  ? cap_mmap_addr+0x169/0x2e0
[  212.125163][ T4020]  ? __kasan_check_read+0x11/0x20
[  212.130030][ T4020]  ? shmem_get_unmapped_area+0x2e3/0x710
[  212.135493][ T4020]  ? arch_get_unmapped_area+0x780/0x780
[  212.140877][ T4020]  ? file_mmap_ok+0x104/0x150
[  212.145388][ T4020]  do_mmap+0x853/0xe30
[  212.149296][ T4020]  ? mlock_future_check+0x110/0x110
[  212.154335][ T4020]  vm_mmap_pgoff+0x208/0x430
[  212.158754][ T4020]  ? account_locked_vm+0x250/0x250
[  212.163704][ T4020]  ? __fget_files+0x2cb/0x330
[  212.168218][ T4020]  ksys_mmap_pgoff+0x15d/0x1e0
[  212.172816][ T4020]  __x64_sys_mmap+0x103/0x120
[  212.177331][ T4020]  do_syscall_64+0x3d/0xb0
[  212.181581][ T4020]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  212.187310][ T4020] RIP: 0033:0x7fddea375bd9
[  212.191564][ T4020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.211001][ T4020] RSP: 002b:00007fddeb196048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  212.219248][ T4020] RAX: ffffffffffffffda RBX: 00007fddea503f60 RCX: 00007fddea375bd9
[  212.227058][ T4020] RDX: 000000000000000a RSI: 0000000000b36000 RDI: 0000000020000000
[  212.234869][ T4020] RBP: 00007fddeb1960a0 R08: 0000000000000006 R09: 0000000000000000
[  212.242678][ T4020] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000001
[  212.250491][ T4020] R13: 000000000000004d R14: 00007fddea503f60 R15: 00007ffe0498de48
[  212.258310][ T4020]  </TASK>
[  212.261245][  T725] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.271905][  T725] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.281911][  T725] usb 3-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  212.304181][ T4022] loop0: detected capacity change from 0 to 512
[  212.310223][ T4024] loop4: detected capacity change from 0 to 256
[  212.316330][  T725] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.325118][  T725] usb 3-1: config 0 descriptor??
[  212.330695][ T4022] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  212.343864][ T4022] EXT4-fs (loop0): 1 truncate cleaned up
[  212.350617][ T4022] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  212.352026][ T4024] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  212.373073][   T28] audit: type=1400 audit(1721013022.531:607): avc:  denied  { append } for  pid=4023 comm="syz.4.925" path="/9/file0/cgroup.controllers" dev="loop4" ino=1048694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  212.417225][ T4028] loop4: detected capacity change from 0 to 512
[  212.430911][ T2928] EXT4-fs (loop3): unmounting filesystem.
[  212.436558][ T4028] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.466225][ T4028] EXT4-fs (loop4): 1 truncate cleaned up
[  212.471685][ T4028] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  212.508418][ T3898] EXT4-fs (loop4): unmounting filesystem.
[  212.538987][ T4035] loop4: detected capacity change from 0 to 512
[  212.545820][ T4035] EXT4-fs (loop4): Test dummy encryption mode enabled
[  212.552458][ T4035] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.562108][ T4035] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  212.597828][ T4038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.930'.
[  212.598298][   T28] audit: type=1400 audit(1721013022.761:608): avc:  denied  { watch } for  pid=4037 comm="syz.1.930" path="/proc/39/task/40" dev="proc" ino=35827 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  212.617869][ T4036] xt_bpf: check failed: parse error
[  212.682459][ T4040] netlink: 'syz.4.929': attribute type 29 has an invalid length.
[  212.796758][  T725] wacom 0003:056A:0029.004A: unknown main item tag 0x0
[  212.803566][  T725] wacom 0003:056A:0029.004A: unknown main item tag 0x0
[  212.812374][  T725] wacom 0003:056A:0029.004A: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  212.826750][  T725] wacom 0003:056A:0029.004A: hidraw0: USB HID v0.00 Device [HID 056a:0029] on usb-dummy_hcd.2-1/input0
[  212.843214][  T725] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0029.004A/input/input111
[  212.999945][  T336] usb 3-1: USB disconnect, device number 37
[  213.145778][ T3657] EXT4-fs (loop0): unmounting filesystem.
[  213.161685][ T4043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.170830][ T4043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.377746][ T4048] device bridge0 entered promiscuous mode
[  213.383727][ T4048] device vlan2 entered promiscuous mode
[  213.393965][ T4048] device bridge0 left promiscuous mode
[  213.648925][ T4064] loop4: detected capacity change from 0 to 256
[  213.656926][ T4064] FAT-fs (loop4): Unrecognized mount option "shortnaixed" or missing value
[  213.766444][ T4054] FAULT_INJECTION: forcing a failure.
[  213.766444][ T4054] name failslab, interval 1, probability 0, space 0, times 0
[  213.779022][ T4054] CPU: 1 PID: 4054 Comm: syz.4.934 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  213.788396][ T4054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  213.798293][ T4054] Call Trace:
[  213.801444][ T4054]  <TASK>
[  213.804194][ T4054]  dump_stack_lvl+0x151/0x1b7
[  213.808711][ T4054]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  213.814025][ T4054]  dump_stack+0x15/0x1b
[  213.817998][ T4054]  should_fail_ex+0x3d0/0x520
[  213.822509][ T4054]  ? __se_sys_mount+0x156/0x3b0
[  213.827193][ T4054]  __should_failslab+0xaf/0xf0
[  213.831794][ T4054]  should_failslab+0x9/0x20
[  213.836134][ T4054]  __kmem_cache_alloc_node+0x3d/0x250
[  213.841345][ T4054]  ? __kasan_check_write+0x14/0x20
[  213.846291][ T4054]  ? _copy_from_user+0x90/0xc0
[  213.850903][ T4054]  ? __se_sys_mount+0x156/0x3b0
[  213.855575][ T4054]  kmalloc_trace+0x2a/0xa0
[  213.859829][ T4054]  __se_sys_mount+0x156/0x3b0
[  213.864344][ T4054]  ? __x64_sys_mount+0xd0/0xd0
[  213.868950][ T4054]  __x64_sys_mount+0xbf/0xd0
[  213.873369][ T4054]  do_syscall_64+0x3d/0xb0
[  213.877623][ T4054]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  213.883350][ T4054] RIP: 0033:0x7f89ca375bd9
[  213.887601][ T4054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.907043][ T4054] RSP: 002b:00007f89ca1ff048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  213.915287][ T4054] RAX: ffffffffffffffda RBX: 00007f89ca504038 RCX: 00007f89ca375bd9
[  213.923097][ T4054] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  213.930908][ T4054] RBP: 00007f89ca1ff0a0 R08: 0000000020000280 R09: 0000000000000000
[  213.938718][ T4054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.946531][ T4054] R13: 000000000000006e R14: 00007f89ca504038 R15: 00007ffd165c1988
[  213.954354][ T4054]  </TASK>
[  213.959103][ T4067] loop1: detected capacity change from 0 to 256
[  213.965466][ T4067] FAT-fs (loop1): Unrecognized mount option "shortnaixed" or missing value
[  213.982291][ T4070] loop2: detected capacity change from 0 to 512
[  213.999536][ T4070] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  214.007537][ T3709] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  214.015665][ T4070] System zones: 1-12
[  214.023374][ T4070] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #11: comm syz.2.938: iget: bogus i_mode (0)
[  214.035081][ T4070] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.938: couldn't read orphan inode 11 (err -117)
[  214.048255][ T4070] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  214.082738][ T4073] overlayfs: workdir and upperdir must reside under the same mount
[  214.098092][ T4073] overlayfs: statfs failed on './file0'
[  214.523715][ T4079] loop4: detected capacity change from 0 to 512
[  214.533917][ T4079] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  214.537916][ T4081] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) !
[  214.546460][ T4079] EXT4-fs (loop4): 1 truncate cleaned up
[  214.557272][ T4079] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  214.585572][  T725] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  214.588359][ T4084] loop1: detected capacity change from 0 to 512
[  214.608127][ T4084] xt_l2tp: v2 tid > 0xffff: 4294967295
[  214.612667][ T3898] EXT4-fs (loop4): unmounting filesystem.
[  214.659672][ T4088] loop4: detected capacity change from 0 to 512
[  214.666139][ T4088] EXT4-fs: Ignoring removed nobh option
[  214.676674][ T4088] EXT4-fs (loop4): 1 truncate cleaned up
[  214.682193][ T4088] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  214.720375][   T28] audit: type=1400 audit(1721013024.881:609): avc:  denied  { mounton } for  pid=4087 comm="syz.4.943" path="/14/file0/file0/bus" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  214.766824][ T4088] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  214.783386][ T4091] loop1: detected capacity change from 0 to 256
[  214.795860][ T4088] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.943: bg 0: block 114: padding at end of block bitmap is not set
[  214.812295][   T28] audit: type=1400 audit(1721013024.971:610): avc:  denied  { mounton } for  pid=4085 comm="syz.1.944" path="/15/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  214.839416][ T4091] exfat: Deprecated parameter 'namecase'
[  214.845287][ T4091] exfat: Deprecated parameter 'namecase'
[  214.858140][ T4091] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  214.907229][ T3663] EXT4-fs (loop2): unmounting filesystem.
[  214.934442][ T4088] ==================================================================
[  214.942334][ T4088] BUG: KASAN: use-after-free in ext4_convert_inline_data_nolock+0x311/0xa70
[  214.945667][  T725] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.950830][ T4088] Read of size 52 at addr ffff888127838459 by task syz.4.943/4088
[  214.950850][ T4088] 
[  214.950862][ T4088] CPU: 1 PID: 4088 Comm: syz.4.943 Not tainted 6.1.84-syzkaller-00005-g96d66062d076 #0
[  214.950882][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  214.950894][ T4088] Call Trace:
[  214.950900][ T4088]  <TASK>
[  214.950908][ T4088]  dump_stack_lvl+0x151/0x1b7
[  214.950937][ T4088]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  214.950961][ T4088]  ? _printk+0xd1/0x111
[  214.950979][ T4088]  ? __virt_addr_valid+0x242/0x2f0
[  214.951010][ T4088]  print_report+0x158/0x4e0
[  214.983806][  T725] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.990822][ T4088]  ? __virt_addr_valid+0x242/0x2f0
[  215.008204][  T725] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  215.010524][ T4088]  ? kasan_complete_mode_report_info+0x57/0x1b0
[  215.028581][  T725] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.029356][ T4088]  ? ext4_convert_inline_data_nolock+0x311/0xa70
[  215.043701][  T725] usb 4-1: config 0 descriptor??
[  215.049233][ T4088]  kasan_report+0x13c/0x170
[  215.049264][ T4088]  ? ext4_convert_inline_data_nolock+0x311/0xa70
[  215.078494][ T4088]  kasan_check_range+0x294/0x2a0
[  215.083259][ T4088]  ? ext4_convert_inline_data_nolock+0x311/0xa70
[  215.089422][ T4088]  memcpy+0x2d/0x70
[  215.093067][ T4088]  ext4_convert_inline_data_nolock+0x311/0xa70
[  215.099056][ T4088]  ? ext4_add_dirent_to_inline+0x4f0/0x4f0
[  215.104700][ T4088]  ext4_try_add_inline_entry+0x7ff/0xb60
[  215.110164][ T4088]  ? memcpy+0x56/0x70
[  215.113987][ T4088]  ? ext4_fname_setup_filename+0x2a2/0x370
[  215.119629][ T4088]  ? ext4_da_write_inline_data_begin+0xcc0/0xcc0
[  215.125789][ T4088]  ? __brelse+0x5b/0x90
[  215.129778][ T4088]  ? __ext4_new_inode+0x3452/0x40a0
[  215.134815][ T4088]  ext4_add_entry+0x5e4/0xed0
[  215.139331][ T4088]  ? ext4_inc_count+0x190/0x190
[  215.144013][ T4088]  ? dquot_initialize+0x20/0x20
[  215.148700][ T4088]  ? may_create+0x65a/0x900
[  215.153040][ T4088]  ext4_add_nondir+0x97/0x290
[  215.157553][ T4088]  ext4_create+0x372/0x550
[  215.161812][ T4088]  ? ext4_lookup+0x740/0x740
[  215.166232][ T4088]  ? selinux_inode_create+0x22/0x30
[  215.171265][ T4088]  ? security_inode_create+0xbc/0x100
[  215.176473][ T4088]  ? ext4_lookup+0x740/0x740
[  215.180902][ T4088]  path_openat+0x12ee/0x2d60
[  215.185335][ T4088]  ? do_filp_open+0x480/0x480
[  215.189845][ T4088]  do_filp_open+0x230/0x480
[  215.194182][ T4088]  ? vfs_tmpfile+0x480/0x480
[  215.198622][ T4088]  ? alloc_fd+0x4fa/0x5a0
[  215.202797][ T4088]  do_sys_openat2+0x13f/0x850
[  215.207286][ T4088]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  215.212928][ T4088]  ? do_sys_open+0x220/0x220
[  215.217357][ T4088]  ? bpf_trace_run2+0x138/0x290
[  215.222040][ T4088]  ? save_fpregs_to_fpstate+0x220/0x220
[  215.227422][ T4088]  __x64_sys_creat+0x11f/0x160
[  215.232021][ T4088]  ? __x64_compat_sys_openat+0x290/0x290
[  215.237488][ T4088]  ? __bpf_trace_sys_enter+0x62/0x70
[  215.242626][ T4088]  ? syscall_enter_from_user_mode+0x176/0x190
[  215.248512][ T4088]  do_syscall_64+0x3d/0xb0
[  215.252765][ T4088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  215.258489][ T4088] RIP: 0033:0x7f89ca375bd9
[  215.262743][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.282188][ T4088] RSP: 002b:00007f89cb079048 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  215.290429][ T4088] RAX: ffffffffffffffda RBX: 00007f89ca503f60 RCX: 00007f89ca375bd9
[  215.298853][ T4088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000440
[  215.306668][ T4088] RBP: 00007f89ca3e4e60 R08: 0000000000000000 R09: 0000000000000000
[  215.314477][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.322289][ T4088] R13: 000000000000000b R14: 00007f89ca503f60 R15: 00007ffd165c1988
[  215.330109][ T4088]  </TASK>
[  215.332963][ T4088] 
[  215.335130][ T4088] Allocated by task 837:
[  215.339214][ T4088]  kasan_set_track+0x4b/0x70
[  215.343635][ T4088]  kasan_save_alloc_info+0x1f/0x30
[  215.348584][ T4088]  __kasan_slab_alloc+0x6c/0x80
[  215.353273][ T4088]  slab_post_alloc_hook+0x53/0x2c0
[  215.358224][ T4088]  kmem_cache_alloc+0x175/0x2c0
[  215.362908][ T4088]  __kernfs_new_node+0xdb/0x700
[  215.367595][ T4088]  kernfs_new_node+0x130/0x230
[  215.369811][   T28] audit: type=1400 audit(1721013025.531:611): avc:  denied  { write } for  pid=4085 comm="syz.1.944" name="file1" dev="loop1" ino=1048696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  215.372196][ T4088]  kernfs_create_link+0xba/0x210
[  215.399290][ T4088]  sysfs_do_create_link_sd+0x89/0x110
[  215.404498][ T4088]  sysfs_create_link+0x68/0x80
[  215.409099][ T4088]  device_add+0x7bf/0xf10
[  215.413268][ T4088]  netdev_register_kobject+0x177/0x320
[  215.418558][ T4088]  register_netdevice+0xe43/0x1490
[  215.423506][ T4088]  veth_newlink+0x7fc/0xc70
[  215.427842][ T4088]  rtnl_newlink+0x14c6/0x2030
[  215.432359][ T4088]  rtnetlink_rcv_msg+0x9a5/0xca0
[  215.437131][ T4088]  netlink_rcv_skb+0x1cd/0x410
[  215.441736][ T4088]  rtnetlink_rcv+0x1c/0x20
[  215.445989][ T4088]  netlink_unicast+0x906/0xab0
[  215.446681][ T4091] exFAT-fs (loop1): hint_cluster is invalid (4278190089)
[  215.450580][ T4088]  netlink_sendmsg+0xa15/0xd30
[  215.450603][ T4088]  __sys_sendto+0x480/0x600
[  215.457738][ T4091] exFAT-fs (loop1): error, failed to bmap (inode : ffff88812bd400d0 iblock : 8, err : -5)
[  215.462038][ T4088]  __x64_sys_sendto+0xe5/0x100
[  215.462066][ T4088]  do_syscall_64+0x3d/0xb0
[  215.470355][ T4091] exFAT-fs (loop1): error, invalid access to FAT (entry 0xff000008)
[  215.476096][ T4088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  215.476122][ T4088] 
[  215.476127][ T4088] The buggy address belongs to the object at ffff8881278383e8
[  215.476127][ T4088]  which belongs to the cache kernfs_node_cache of size 136
[  215.476143][ T4088] The buggy address is located 113 bytes inside of
[  215.476143][ T4088]  136-byte region [ffff8881278383e8, ffff888127838470)
[  215.481286][ T4091] exFAT-fs (loop1): error, invalid access to FAT (entry 0xff000008)
[  215.484949][ T4088] 
[  215.484955][ T4088] The buggy address belongs to the physical page:
[  215.484964][ T4088] page:ffffea00049e0e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888127838320 pfn:0x127838
[  215.555778][ T4088] flags: 0x4000000000000200(slab|zone=1)
[  215.561277][ T4088] raw: 4000000000000200 ffffea00049e0d08 ffffea0004d93d08 ffff8881002a0f00
[  215.569668][ T4088] raw: ffff888127838320 000000000014000c 00000001ffffffff 0000000000000000
[  215.578078][ T4088] page dumped because: kasan: bad access detected
[  215.584341][ T4088] page_owner tracks the page as allocated
[  215.589885][ T4088] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 837, tgid 837 (syz-executor), ts 49527387965, free_ts 49212707716
[  215.607762][ T4088]  post_alloc_hook+0x213/0x220
[  215.612364][ T4088]  prep_new_page+0x1b/0x110
[  215.616702][ T4088]  get_page_from_freelist+0x27ea/0x2870
[  215.622083][ T4088]  __alloc_pages+0x3a1/0x780
[  215.626510][ T4088]  alloc_slab_page+0x6c/0xf0
[  215.630946][ T4088]  new_slab+0x90/0x3e0
[  215.634842][ T4088]  ___slab_alloc+0x6f9/0xb80
[  215.639275][ T4088]  __slab_alloc+0x5d/0xa0
[  215.643432][ T4088]  kmem_cache_alloc+0x1b9/0x2c0
[  215.648119][ T4088]  __kernfs_new_node+0xdb/0x700
[  215.652805][ T4088]  kernfs_new_node+0x130/0x230
[  215.657406][ T4088]  __kernfs_create_file+0x4a/0x270
[  215.662356][ T4088]  sysfs_add_file_mode_ns+0x1c8/0x270
[  215.667560][ T4088]  internal_create_group+0x545/0xed0
[  215.672680][ T4088]  sysfs_create_group+0x1f/0x30
[  215.677369][ T4088]  netdev_queue_update_kobjects+0x21c/0x4a0
[  215.683098][ T4088] page last free stack trace:
[  215.687611][ T4088]  free_unref_page_prepare+0x83d/0x850
[  215.692909][ T4088]  free_unref_page+0xb2/0x5c0
[  215.697503][ T4088]  __free_pages+0x61/0xf0
[  215.701674][ T4088]  __vunmap+0x9f3/0xb60
[  215.705661][ T4088]  vfree+0x5c/0x80
[  215.709222][ T4088]  kcov_close+0x2b/0x50
[  215.713212][ T4088]  __fput+0x3ab/0x870
[  215.717052][ T4088]  ____fput+0x15/0x20
[  215.720851][ T4088]  task_work_run+0x24d/0x2e0
[  215.725275][ T4088]  do_exit+0xbd5/0x2b80
[  215.729269][ T4088]  do_group_exit+0x21a/0x2d0
[  215.733716][ T4088]  __x64_sys_exit_group+0x3f/0x40
[  215.738558][ T4088]  do_syscall_64+0x3d/0xb0
[  215.742809][ T4088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  215.748539][ T4088] 
[  215.750706][ T4088] Memory state around the buggy address:
[  215.756189][ T4088]  ffff888127838300: fc fc fc fc fb fb fb fb fb fb fb fb fb fb fb fb
[  215.764077][ T4088]  ffff888127838380: fb fb fb fb fb fc fc fc fc fc fc fc fc fb fb fb
[  215.771976][ T4088] >ffff888127838400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  215.779870][ T4088]                                                     ^
[  215.786643][ T4088]  ffff888127838480: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[  215.794541][ T4088]  ffff888127838500: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fb
[  215.802440][ T4088] ==================================================================
[  215.814094][ T4088] Disabling lock debugging due to kernel taint
[  215.820315][ T4088] EXT4-fs error (device loop4): ext4_check_all_de:655: inode #12: block 7: comm syz.4.943: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=95227824, rec_len=26915, size=108 fake=0
[  215.829441][  T725] konepure 0003:1E7D:2DB4.004B: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.3-1/input0
[  215.860938][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.860938][  T564] loop1: rw=1, sector=34225520825, nr_sectors = 1 limit=256
[  215.874922][  T564] Buffer I/O error on dev loop1, logical block 34225520825, lost async page write
[  215.884036][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.884036][  T564] loop1: rw=1, sector=34225520826, nr_sectors = 1 limit=256
[  215.899319][  T564] Buffer I/O error on dev loop1, logical block 34225520826, lost async page write
[  215.908463][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.908463][  T564] loop1: rw=1, sector=34225520827, nr_sectors = 1 limit=256
[  215.922415][  T564] Buffer I/O error on dev loop1, logical block 34225520827, lost async page write
[  215.931558][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.931558][  T564] loop1: rw=1, sector=34225520828, nr_sectors = 1 limit=256
[  215.945418][  T564] Buffer I/O error on dev loop1, logical block 34225520828, lost async page write
[  215.954513][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.954513][  T564] loop1: rw=1, sector=34225520829, nr_sectors = 1 limit=256
[  215.968558][  T564] Buffer I/O error on dev loop1, logical block 34225520829, lost async page write
[  215.977778][  T564] kworker/u4:5: attempt to access beyond end of device
[  215.977778][  T564] loop1: rw=1, sector=34225520830, nr_sectors = 1 limit=256
[  215.982534][ T3898] EXT4-fs error (device loop4): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  215.991646][  T564] Buffer I/O error on dev loop1, logical block 34225520830, lost async page write
[  216.021087][  T564] kworker/u4:5: attempt to access beyond end of device
[  216.021087][  T564] loop1: rw=1, sector=34225520831, nr_sectors = 1 limit=256
[  216.021209][ T3898] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor: iget: bad extra_isize 21339 (inode size 256)
[  216.035327][  T564] Buffer I/O error on dev loop1, logical block 34225520831, lost async page write
[  216.054692][  T725] usb 4-1: USB disconnect, device number 34
[  216.058138][ T3898] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor: iget: bad extra_isize 21339 (inode size 256)
[  216.128686][ T3898] EXT4-fs (loop4): unmounting filesystem.
[  216.586034][  T564] device bridge_slave_1 left promiscuous mode
[  216.592152][  T564] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.600141][  T564] device bridge_slave_0 left promiscuous mode
[  216.606156][  T564] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.614895][  T564] device veth1_macvtap left promiscuous mode
[  216.621042][  T564] device veth0_vlan left promiscuous mode