last executing test programs:

3m11.69577209s ago: executing program 4 (id=986):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000000380)={@empty, @broadcast, @val={@val={0x88a8, 0x4, 0x0, 0x1}, {0x8100, 0x5, 0x1, 0x4}}, {@generic={0x8100}}}, 0x0)

3m11.6952767s ago: executing program 4 (id=987):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000040)=0xb0, 0x4)
syz_emit_ethernet(0xfed7, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "00641a", 0x0, 0x3a, 0x0, @mcast1, @mcast1, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

3m11.69489021s ago: executing program 4 (id=988):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x28011, r1, 0x2000)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x300}, 0x8)
close_range(r0, 0xffffffffffffffff, 0x0)

3m11.538876178s ago: executing program 4 (id=989):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3c)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005880)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0xb, 0x0, 0x0, r5, {}, {}, {0xd}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x9}}]}}]}, 0x40}}, 0x0)
sendto$packet(r0, &(0x7f0000000100)="64ab23e6300b9b0bb31bfd890d00", 0x5ea, 0x0, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

3m11.394630625s ago: executing program 4 (id=992):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8fff8ffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc753463230e896cb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000180)={0x0, 0x0, 0x2, "8144"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r2, 0x0, &(0x7f0000000980)={0x1c, &(0x7f0000000540)={0x0, 0x16, 0x10, "d48dff614725df7ac31ff707b0310ffa"}, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)

3m9.080018965s ago: executing program 4 (id=1022):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
mkdirat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x1ff)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
write$cgroup_pid(r2, &(0x7f00000001c0), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)

31.773394326s ago: executing program 2 (id=2298):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

31.719935763s ago: executing program 2 (id=2300):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='huge=always'])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
chdir(&(0x7f0000000140)='./file0\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000500), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

31.647985431s ago: executing program 2 (id=2301):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vxcan1\x00', 0xf101})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
sync_file_range(r0, 0x5, 0x5, 0x5)
write$cgroup_devices(r0, &(0x7f0000000400)=ANY=[], 0xffdd)

31.592568018s ago: executing program 2 (id=2302):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000100)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000002140)={0x50, 0x0, r4}, 0x50)
read$FUSE(r2, &(0x7f0000002900)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r2, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r5}, 0x10)
syz_fuse_handle_req(r2, &(0x7f00000070c0)="a37b33352102270e8080da9acea18541f7a5c5c0ccac6b823171247e6e3675eaeae3fc94bd43baf4a099da2138a0fe4c613d6f13f998b175ae52341675e866014f466758a4fbd32928f56991cfdb381074d418d9690e966a9e10945f0a16abc6e27418ba809e9e22294a5f0c2ddb090d6849df842893a2f38c00c4c3689ec3875d021a3e221aa99d35e4660aa1796c2d4ea85bb91752c0c21dd01debd31e5d1eb7ddc9c64388008fa08a9871b9d158d0adbff0f57a19252b75100a980d86e9633cd793c8e2e33c00035a5ad72ef11437dc82e6e04d1a48d1f771d58f2f7dd978e9a4f3d462f03c0ca11026a9a15d1bd5c732b90d56a18ed5e16e4fc18739bd31eb7695369af1178a495890fc9e796d43f2f461e6d45634fb8e191c06c7c875fbad054f0ab21fecd7d3883a5d568426335c8902a1ef2e5856cf8888b91050dd50dd9e419b9a77dd6a135dbe314d769929a2ab34679406dc4314763867f7ad19945c550cce8d9243b1f602a47a7ca863895e5ddaff09fb773b1862a3757b2895054754c2a23a4b7975391972a9ad4f25245265bd77b634b9d834a88e9a16cc1a5b1dae4a46de0400000000000000778f126786aadd81950077de037b83550b1b897ebe50a3f660eb368cd771abb9fe1cf6fdd51e987757e3e7a6d9d1eebdacb8ecc00de9413f19b2a4063ad78b8eff9b5c420a06e21364d8c9fab06ee878e1344c767fe6e8d21dfe2f4dece09e2fbf405bc1008b2d0adf86fc70421952207b2265bacf5179efe10ba4c42e1f4d8f7c5b19352b866afd280c66b50d87c08a7e316270189f01397b70fe7b50e7426a5a760bafae1cd0c28469ccce09dd37afffce3ca4d5e05569bc145dc4ee1107097cee103a2215d87af81474231a8113b1f2924e6d5bf29742c3ef17d4f284db167a74f742b768bc3becc027c76d30e7921350746ababd6172895de2cd9e3a5e764edc8e2f3588b45574cc574993e84a47bb3d71867f412a7b20b82ac23e10a85f5f1984d25e42793798547837509bd94a7c8579f9181341b221f418cc0de373672ada07951cc7009300dbd0742426aba9eb1d533a0cd14a6b13f37854922228b9d0b1e20b67746102f84973405884ee2519227d3254c96e1146e08956cb1a474434b2ffe7a0b09e9437b303159abe4eca69f444be28ffe95a3935ad77dcb7291da653f9942926f6a3c750526dca116e7c278c628244e4b6c2da0eb2255e067bb11c42c03105bcb4ab9eb7a276e1f5d8cf7e779c158a2cc7f867d0e7fc5d77d797d725efd76ffde2c69b1abfa05dac952cf3ca5295845202341956d484859f7d5e2b3df31f9e2152674ecd71590605310c8fe238e33c0415469826c35aed0d65f3aa459ccf607e4b25f25cd08d65b48bd0f56461d995007dc5b00d8d91a9fa48286fa1d8dfb68fc9756cf928c05ba7f93f8285f7b6df63a5634c39da5ab555362339fd85dae4e952e06b8ad17bcf157733d55a30a05c0b6ac2ed2fd54ab1033dec41101f5251ed40c6f42e876328bad8f4fd21730cd1e2efb847dcb93ded254c4e66c6374ec40b124d32032f5ee5c52f0a51f2ca797b12f814a1f79e3e4d69412dbc834d620e72ee9648d67ff53eb126f7d382fd8f827fab96b7427cd0962e84542a98acc79cf429f004ce86f5841d0256c83a96087671365e3799951087a017f0a3ff7900b25515869ee524de62bd4e7c2c68e1c900f38b0f7bac92606a0d0eadfa9f1d5af8157f0d5a0d49dedb00bf5785f8b2f8c2f8c10f150a30c31141ca0545eda71841523c6986d7d5fbc1918d5c79e40b929c180153d34fc7c7faba1d471c10b52d3e93b8192fa4826d43ff9df160ab83041b0f647398964c108b7875d74d592d8ee2d5420316656626e58b4dba72bb09376592a062ba0cfa94469b2102ce05b68fd3d275f0941851dd6399cf386cb900441f0f762540ab58c1800e7e00bb34fe32eddc14f05d1537f6c23c8f5b5039b6a22b7d843476d22d4a1086f65aaad2699d402113e349ba58168fe5f9ed496f56d5c7864f6225b24562acad3aa8aac2cfc02e6d14fdaf89066022f61c3f7c0581bee46817ef95500a83e4dd6e6bbfec9ae785b59f29c61e23735543dc8d2596b5a787c00de7dd4209a656b398967d74d022f5a4be5c2ad5aa8e6fa76ebed097822c6b438655c05a5b5b9a3fefb8996c03aab4ef804f2145a9cecd2cc6ad2a54f4f13153da513ff3ff707ba8f34836fd7be482663557cf6923b2c417486a3bae32c28f5f9af211a4f60f202eb4bc5b4a9ac0c72f080c5ce3cd563b40dba488c6bb96f27935c2296e72063399bc0835f194e52d72efe2b0122728d6f841545bebd45b3d589e011f3360e9f90029d06b708b078f6c437862fd355604e87bf37c1ddf3a802fda5bbf03f8453cdb335fb381be1be1d9d3816654102b27dcb78c9b743b4ad22681b6f44dc854c96324d8c2ca678f31d3fe60c5144649340ad541edbc7c1d66314b566b43eeb9a1d9970726d25e529bb0b011b563378ec4580961d1137d47942b02f6f6c0e5322e879711bd4a98348180ca243ae538bd18e9bc1c217b36049e3ffefcfcb3a514dbdbdac14c47afec06b161355e89d1db713a007841e9f53ddc44764b61002c35f48f1c8d57e3c67415cbc920c9e69fb8a0ad8b2da067dd37d9c883dc5c24aac8105987f7b43df3fa2aab926566abdbb506d08b1db4b9f6aff592e68878fd22b2a04ccf8fad887ab7307f5bb5678659467547bb9b8c75a8f19a2fcffd855d917cf126ea4af832adb30df51f6e7311e15bdf0b14a019b4c5dd2a58ff142dbe159039a6dc73c099a72927e717dfcb2c438b9058bf7411786d930db5077533f35f56d02a647f14575abc3f7a149411c4597e9e9bc7e1767da725d8ea13d5c3fbc6e33cfe00b323a0d3abb4a928b180fd2007284ac614163e087c9d996f5f7545691c9b86557b09bb62bbb93d68c51a1f27fb57b869ff5702ee36ad13983f77682f278e09d17ded110beae19ba0a0200c8f9cdc624ded25da0f31b79b21897b25413af89066259aa41291275918a42105f277f5d606b24ca82f254d04fcd258651c565ef918c21a2f9e78162aeab6f19cb0e7c9e8b60b3de04b0916cb726d595e957a74290417e626366f20a33c2be052b3cdbcccca7210b4c9a02c42b749dce61714fd9b144a92ad9af3501a3ab02654e6ec897bfa385f95f4e481c6e937122b163d8cb9292ae59c80fd00502e6a726949633e4b1ee09df492daec19d6d498090a9659d2fb7b63349988ffac6c792ad427eec0f48b9b285feba6d2365f1dff4852ea6b4d2289df7ece3a509cfa3574bc8f9e2670c8433885d8c9ec0494d40808d9c9d4efbf90d1b6558ae75e254ea3aff6f37f976aa2916b58a015e4919760063ebd2373730a37bd0f91b281c05b6fb3e35924b4ac88a0d0a8b0d125551458c719cd53cf9753fafc9535d6af395a5b29408d915e7259ab0f6c7abd8c754bb71ed1a476e6760eee035460d4dfec3c53f91636280056a57fc45e0f37a47f994f8b1bc42644c37fb004aef34bbfa71ef5b89b1ee581b8c803885d8f8637a2b3ae49078738580aa8c0d94c2564dd7b50bd6b718b854755b6a08d8d1a2ccf4eb3c704e53b8a299617134aa79fd00c8749e57965e9a16d73142f2812c3e1ffc09938406561949c674c35cf88128de9152b4a43d4e2432ac234014c12dbf057112d28d3125fc98bf0dd9a934217440199a698628778649cd1360d79db2d74fa34e94a6a9333f2804b8e4264160c493e951294810e6708ea888a48403aac2b21e136a1d8d07fe07930b543028b62ee39eb6f3480c27186bdcfef55e93343496eefb0c38b50cf9762dc606ab7fa4d155d2d965746baad06c3d39ce8fe350cfbf569676195330ec78f25f04a915685684f49a19f4102109a2cf60f28df29fcf74892ff84110ffa18fd43d3f8a10173b970ed934f5e30d170ef6348890be263f0d64ad5ae53e6e6b4895f3cdcd6fdaebd69fa2f067bd2a207559ca6cbdcebd4e18855642ffd8d5b85b6b805c2ca1c63de1cafe7ee1f2ceedd8fd5c6e22ab40ad8772027576080609c6d55a7d08149122c1fc28497723751abe76c8dd12c6e2f311ad531b0a2f8e04a5f17346ba602dadae0745ebd715853277e1b73ed2d0be842a95c955be66c7ab52a736709177a8a48255655c54339cbf0a8bd683b1ccc7866830ef3780d499760464da1a5aa731aa16fbd925fba7fd06702046dcbc3571031a7f58e9d9604de217acd0b59f790e78ebc51d91a45ef57c37417c5c1f34127aabe64a269b90f56e03280f10bbd1500ab30a3ee29c59fa0598a57eee3641cbe002fbca5b12102a7b8e7fd514bde6bb742dd139ecec58a0ee60b2fde003be535523d024aba223ff8e6cbd44cab79cf379389a64b1ccb1c72dc3e7fbb8d1f59a39a80cf5d30f5a66546e838959f2e4f19e854c7de93c8ec06a8f223f5355e9c76e17ad28a887dadc17a41fe80d878cb3e3bb863bbaa168c9a4ebd74475d7e6ae3d99a7aad9e23d3edf08ecb5143764099d258d4a6d82fc9afa5775f75b41bf36be25a537f2905903f82e08657fb7e341079ff29a656ff85ae34317c5b1a81d8e814d55807fcf2ed7250b29046d2e1d0a14ec7ba8910abfe0cc9aa04164b94a4bb0970f3f3b1eac5cfd1f32a5ac84d552f60962e98222b2a9513af22d5da3f005f6f9ae166797a94360235eac2a6ddb2321c2ec514eb6ccf086a8c83e65081ea67acac44753302d4519d0cfc796f56c04e849cdea18cbd32da25dddbfc2cd575c67f26882b5c2bc534701f11775d8e93131488141fbb61c61755aa30c1a1829140f0332a76317aafa08f072f00cb330c5adfdca9d9055b1fb51616e8ca5dc34dadc6911d93b93871115107c2371279e248ff898268cccb12b07cc555ad7bf7811910f37f2b07598f661dfa1f2ff6fe2d1f8aa4deebf260573b27ef6e578469ad652a4f31da494fe0d00e4c66e8011d5bb2c889331679544514f16c257e74ddca134aaa5d15707c26b3373c110e2ec61fede15fc6e52428e1b5788f5c667794c5bbb26e8aa7a66cc38bdb6150c7804d59a2ce2c2d4120f94afb3807a2b685fdede4da11bc63abf04bf0823897dddee0697924fe855fba225a97c5b5d1bd6cb17d6b0ce93e475a9b14130ca5cee7ba41d521f72214b2f0fbcc1fbec70ef4dc7a4c9442d02ec641bd087ffe52fc7c9f0c39d41d03d1f93cbb8896abbee62f3bb1685f97e22664fb45530681eb6393442cfae1366ddc395fd5aa4d4fd0c250566b1c7cc8cfe6b25e73315998b45af5dbca10696ed8d113f4f35f385840f0558e93740e9a5d2e6768a022d17d266f47d050a8e91e8e0bdbf0d5e92f8d8294c3666c00344d4336d23a4c4235a3bcbd69f4b4769d6b1f513544392ccb2b96b1c6292131014835dfefebb4686496fee657e4aca53fbbdc15e0a72b1af7bd58bc6b4959356e7726342a330e6b9badc94e7498569f3cac949acc0ea9fc149a874fe271829c72e917f1374a80f22c8bf0109a0ac1e1de013a826173853127c22f7ba826bba044bcd8898e2c8432ce54a98ab4d18eac68c208e51a3210c6730b81384cfd8a74e681627805fb100c26a2a8385686fbffedfc7583b2222e1f79e45de79069b9f37a07bf99386525091b6d614820deea7e3105dcefa214258a8603c876fb776d0b019c984e028da494ef3f8841bc889bed54ea443634c2885639e865f0cd0a1dfd6f7a3b22c51461e73b3650b9a63c48b400bdcfac039e4cfdbefbf869386075ce8790eb4a588fd49f49c54ac5a8c45641bba62620d15042f08f5305566bc19111d08fedb65e2f87fb28442340be88a40cfef7ab3dad7e79225c07d347c2526269e9e709a90a49345d3351ac967da890707ed2affd155f2b356bbbe756872ecf7d944d8be128cd36100c8913f7fcf67f5d6f71ea19aa8877806bd6f65f10b2bf72867a7f6b900a7e0049aba25e162d670399e407c1332855a8d2db7465a40704660cd63bbcde4e36412c1fb244a1d23edbeb9d1c7189343144c8e27c55249a2b7fc00134a230601ca488d9ff441508b14129046e918abe163a40ae26b77c6df0fb843610a93279168fd7244cf934f905fe33dd5675819bbeaf370bf9a1101159c57dcfa4820a76cfa5957355ee450371df3c5f61fe3f4cef0df889b69f543b3965dc19d48d897272146db5c34c26bb6a7b305e9bc9a63419b789abd8e6a72a89d95a422d7e77f9c0afc619c43c3b77c8ffd408383fee4475ff88c90372bf9fda91b8b3b19ee9cac890cc6aa13f3a33d40f3970626b8854e72ecd65467e40552ceed496a5144db8f4122d34246bf76651fb1f1a154c7a3906939bd1fb85cf99cad9ecb0d63e0bb31b8133c2eb0e6f66e8e36746589c30637f5e045b9a5b6b5c728398c326aa9e0e670098726d3127b2479442c8e64ed5402790af0a114c42a07d97c38b7c738c9bcb3ddde8e67c3e786dddf7f9bac3cb61998f73340cdc62eeed7f05f2768fdaa6a5d91d98531a80fb8f8acb5abe47972f0155a85ee95166b20f727bd4ae648ce3e0de4d80ca7227ef298d4f204f094f12c8acfdd2a6905743b8daf56b8160dd081c54eeda647e23efdf89972aee301cc4f67faabe82fd9db1455090c05391cfc3e4bec5d38fab3716e19638dfd483ee2bba57e4d1c00d01cc45a49e2727c19b104f1072f1a50407e4622be580d35393c7db5119017be6bd5acf3be228c42096af9739e44867782e600a48ab9baeec9e37e9863d1b19733c3fe47c30f328816966748ce717529752ebb9e2f582ddd132158ed2d68fd17de3e725cd0fc13477585341703b51682879a9a3167cca4cb09ce2449d18514d8b8343de79b332b6981101a3c6ae2679aeaea1cad81d216400c40cea6ebc99ee77b5ab7a508cfffcefa7b4d48a2ea8a3ff5917f43876ea653822a21e208d733847e017eaadc460c9828365a1a0d149ccda8a5c42ecb74ce102fc9cb75360e87b758f7cb55c593bacf8a7eb698cf300adc7000f9082aff2be93ddbed0dc487c72e3e7707bbdaf0d6c5df66140270ca71de6c86b4776033af0cef6b5c8d9bb4bd74d2f90bdbc6d13fe4b4d5477a16add3eb75e865aa4441b68b3640bae1f03e7bb261808f2c3fb5d3997b666c7b5f0df5a53a7114f1eed925eb1d5519542f12e9692ed7ed98e789b962a892727bc06fafbc9e335e245e8240eaeb15ee7dd4136d738c243838fc752095763b7647760045fbdf26c2646c00ccee6fc905fa7224981e40a2124629c43cc020e2c0c83e02aca162afc40bc19734dd22fce44839440f4e69fd7aeb7c3f35ef2d4eddffc0874ef77bf4df5e1a77e2495e31cf514d4dd252ec978dc47df2edcbba9a175d4ecb402fb701f0781b618824328a94112ebdd51137910810c565d564a76be9d1e5d13ee9ad311fdcbdefe16bc6fbe0e3dfab238742a80463de1849bcdd6120ab7b420c9fb3c0e1955e65b431b0f43d32260ecdbdb69a4d6ea6498ac377648c974f29393f23cf99e2aa2cfe128c371beab86b0ec5b20edb5ee451554fac22562083396329d774fa9be0f4bee29f2657840bd82e1b824b371c56dac44a45d4898cb25a9af0598cc8b2f2b753fa88e4c3da1927a789cfcd6e95639e88d384d701d47bf74e0d4cfc4031ae57915ff179dfee312b2a7aefd50ca4f7e4deaa526703f80d5fd696e9043ed2b8110a3fad5188bf84d55ff73ba9ec6a8145e17369686e2a43b4e8bd4d09351f969432ea0c7940f326eda2cb8a7eb709480b3072af8fd3370ba8edcab2a6e48f8f6bc9679ed95de2a91955acfb2bdbec12ca8809922115edf86c68dc3d16c6dfd89c386976a8e666a9f2f965978f26a73919354eb0779d0c6220db4dceaf92686dc222b8af5472512f065767b63b8b64d370e2dd78a0398cb53a497b4c76863b82836e34aaf8bfe1e530be4622d350c16d20d973b7d6907e21efb393f3f7e57b6e0d660a8af0c689bb3e0d0c70d8a90878d650cf60f56012e80edcd1fad4bf5d7e9989a628ae3b20e755507ce52a9537bb57ba49f263f5905dd0e7c8be3e095b3738cfb9b040d4d81b7ac352bb213d2b47e8b6807b13990ecfcad12f2e0e1e486b5e34513c7f52d04edbd3296f5f5f5ed3d36463dccd417f05c38f156b4e8a78a07ce8536f83c80c8b1af747c83d9250cec54af6a67cc91e69f810d191da79f6640503d63b617250700acf5563caeb44c2b657e3039e063531ea22b07797f73218b14d77d94488bbba374202eec6c067ce3336da24893658225dfff4a8c6083954c4dcb9d969941937e8c19c2350da5453dc304ba5db942b33e1d062070478af3721528a77f518b67cff9d7a2e31669bb4e8d0dd6f179805b2e47d30cc1abb532576e8ed067cd0188df6c49ee0c63393bec3d925d88ecebe6a5a8f37f1dfc6762c7a3a596049e7f1787bec7a03e55a50360b83158e49cd9732a66b1cef83e43fd2abd33f753efdb236675490fc9c9381e6f421c9384e43ded79ce91025af90fda6752355ddacbb72aa204e7efa77f3825d7f274aca737bc56c61a1d05bf7004a71c904e8483f3c4df3c9ff5c7b7e350b4c55786d3ea99bb61814881c6e98da71e8f5a0646c44912d12e4a5ad3f2ea14f4d4933ecf7ac8b9464a80204b9c3465fc397aac5a3827bef7187fafb2074b22af3dcde7edaef478c75a0b50ea2ea20b2e08c35b6e48c424e2e3d5767e13dbbb1b87c6012f204f18ae7483d5c29c0a9c46de7917031e168c71c0a5c336c578f9ec41844618d40098542c772110566f1c6271d08842e8870a3ff1890a21b42a1339705edf23ff0b819e13c1fe061f950b86dac060e1654c388c53fa2ebf5988c5d06237b3424d551e5b103494f75bbea021b70aa5a67636f2b243819ce4abae74c4560bf15c9c33d095381e8fcbcf3d32abb2d38e78b9f5b97303fb46d01892258232849700be13dfc18c4f91d5a99c6a05970a6b4dc9179ea91eb4de76bbdf7be554d597d21adb396f0a1fa10fbc99741cc25aca370bfb916bf5bffda325c2405151e8e51426c90e5d782599cc59a7b263ff7a319d04d42835744f628c98e3ee379486f4954eab1742840edcf0fe87fd472f5e439678ac0bbc2295b2c12ea28680794c1c60978498b151c0ef5097480d453a0c22ddb2159316e04539561efbb55926758ae6fb2a3a495cf8aa7b693f1d854f99065e748b735097ea63e21d89515913e797515be6a767d42707ef6a0ebb1d3ff0071a0f4eddfdc85922a15a95f98d5f4a672d93621c975a3601bae013103c68fca1f6fb1c4b5853ffbece2075419263e32c72159268e3dab4ca3f0e5b904f40667bebf099374636d55f5a9ee1bbda48b39def3106041878afb63970cabae3388a33719ed206db73f10e498ff4bf4c0e3606726fc851578613c4bc1429695de29f6d6807eba84afc6ded50b0aa5b77ba864e1b36c035a97df5154b1a40017d919acdb8de617d458ddfe2ceda137bd1da6e2ebd5e32f2553c43e14ef6939ec0fb26a65487557cb1300072f79cbaf74a1221fad0d12added22303067f8292abd1d81e3d2aa200d1d1ed377bd57245ba44b51c927ae8d39e7d46dac00ecbacf30d32aebb568e757680c975dcc6864fafca28609db1ba8a30a74e96a791176f76a5de88c50b49ea20e206557b6e4f44d819b471fa1017cba5e195206de632bfb1b52c4c491bf4d1fbcde097324c7d42cf386f3a8c8410ef5477acbcdba183f0272e5ed5a142523b94899159361e7e48e10ee29e7d0a56e673ef903bcde86c19f71209daec067283c5453cce3dd4f39ac9ce17aa02c7ce6ac359a8d4396ed1aaff38225d41733d469535d5c6cd12b96265653296de79418d088652fef9e684f2f3e2ba4a63ab9ef9de81539e6061037e4efa9e03bcd1e95b2f5d6cacccc9f4e1df7c543befea4fa60513d84bdc84ae761be441116327ec263912cfbc47545546b8b038fe741d3ba495c7d862edba2733b497cef8b823a0198a928fce7f51575a93409c463bbf0aebe8450ad408974c6cf1de0e8ce887beee7fe06cae1c0f502799c1aa1a5942c74cd52497c342367b5850e03e9161f7766b4f3e3e5f9de3282f16be48e0eb8171f0cbda19d6c274f12cd62bc4c1bed7642bb147e9bcf7474f820f60d9020e2edf0c6bb3eb8d1dd53c85303544c0fc353cf0b16091d0bf238df89ed025d6591c5b32de30bf9e8e277a8f5f7a61f15051e38ece2021395dd9be6795ee0879a0bba9af3447973797e92279b3e74321615020a4624fbd9f6fa307a94c68f164942b9c7e0af63c41a7c76fac6d77e135ff5bfdaa3dd4753d0d8094c65f25811c9f593fc07f0710eca9e88c02645f9314d4674c50f869f5ed5246e41333670234412d8b6b2c9a99bf483af0cc0bc56039535e6cd9be1b5801538b39f83ec9fc4bb78a8880c06d27d8838e551a7c5eee3c85421665ca2bff57c21dd37e55939ee9f7e06cfcfc18a41b261422d7f94f1ee692960ba2a81a70c167d9e477d2b4a489dd08b1851dc79d651b468c179bc3e2c32215fa74ee00d449735094ee3a6c819decf11728cea207d41d3c665d210e1ab26a79fbbfba8aed8b401227a1adae500333a29d88086f796757dc12af76888c857407a21d9ed483651003f3298bbdb23f27e3e3e5f99f0dfb64534dd1676403042c62966fc7a3da65a089726ed48fd522b92ca292d0139b424fb6e2fa2b81cc5f95d0d64846d2060ad32edb8fe52eaa06b063512ae25c08664e65c5331dd17abf062a78bab8993766893d1cc04850015013a2f461fd96572496020145dc8fdb6f7393b0b1a380296f3cd8d50dcaa54d5259b0e6bc2da29edd01f9419806149c471d97f9f78f8be7236c7d6ec62885854a95ad81f3f7a2fe7968b446e655e1318d118bf731758a75a9747b6e15e945de3c05f962df9975d4268feea8e5de68fdf385636c66670cf195b7455b8d0b69eef633dc7ac799c451b000413efdcd62701eeaa7de5ecfe21c60aea75e22104f9a8ab443141dc18a61914a5c89336ec08ebe7454e4a5568b7fcd1ef25bdca18d3a6c10879564907742588d2b08d1e946712584acab70b3015cf91bfe1e88e8340b6d1b3f801a9fee09ade3f5989f6738401b56e117c36a9feb7809561f01ac1f360edaa29873a0e4daef2df8e97a483995f0ac114d324672c354a52ad8507b6d9c7ab8a3643fc8b46cc357c8eb396d6dba21b99611ef16139fe123f60c84ff1848dd74a8f32682293b2f5e5d496a8b88bee8990287400f4fa4420492bc85a0422ce9179a0cb7aead52f937c985da74c772538e2c5f3cfb88dda634635d0e797d52f5e3f250587f1b1817a9ea2d44cc2a40819c4f8f12d20a95c999e4b911a261fc4d179c3cec165d4737b72acef9e5f302cc90aec7f21e95c3d4f1df4ab39ff06e6baf9b8da3475e6f9cf9754f7ceabc3fa4e61c374fef8df2826aa4cca6703959b4d82224a3e02c68b4c53e9d850164c98f74bd4d2eff235329a1e72f144d1977780f3ad70162788b5fcb57277665bf136261710260277b4a8b68a067bdfa1d5c5f1d5ea42d45e1b5031b9824f3e23", 0x2000, &(0x7f0000006d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006d00)={0x20, 0x0, 0xa38, {0x0, 0x4}}})
ioctl$FS_IOC_RESVSP(r3, 0x80086601, 0x0)

31.500998199s ago: executing program 2 (id=2305):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0xf)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, &(0x7f0000000100))

20.628152369s ago: executing program 2 (id=2420):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x40000000004)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r2}, 0x10)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, &(0x7f0000000100))

13.304228515s ago: executing program 3 (id=2453):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x22, 0x4, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0x0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @noop, @noop, @noop, @rr={0x7, 0x13, 0x0, [@remote, @multicast1, @private, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

11.993170379s ago: executing program 3 (id=2456):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f0000000380)="2e022af3a70f20c035020000000f22c066baf80cb81c0ae486ef66bafc0cb8fcffffffef66b804018ec066baf80cb822bd268fef66bafc0cb000eeb805000000b9400000000f01d96541801f0e6436670f01c4c4e2e99c921cc40000", 0x5c}], 0x1, 0x8, &(0x7f0000000200)=[@cr0={0x0, 0x40000020}, @cstype3={0x5, 0xc}], 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

10.576642404s ago: executing program 3 (id=2462):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381c96558", 0xe}], 0x1)

9.07173861s ago: executing program 0 (id=2463):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000540)={&(0x7f00000001c0), 0x10, 0x0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)

9.06951026s ago: executing program 3 (id=2465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='jbd2_write_superblock\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000040)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r5, 0x40086610, &(0x7f0000000180)={@id={0x40000, 0x0, @b}})

7.463247328s ago: executing program 0 (id=2466):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
close_range(r2, r2, 0x0)

7.462317178s ago: executing program 1 (id=2467):
timerfd_create(0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r1 = eventfd2(0x5, 0x80800)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x0, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/87})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001680)=""/4094})

7.461591128s ago: executing program 3 (id=2468):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040090}, 0x4040010)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040))
mremap(&(0x7f000016c000/0x4000)=nil, 0x4000, 0x40000000, 0x3, &(0x7f000063c000/0x3000)=nil)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.753917248s ago: executing program 0 (id=2469):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xffffff36, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x40000000004)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

5.752560768s ago: executing program 1 (id=2470):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x2, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.751166758s ago: executing program 3 (id=2471):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
ioctl$sock_bt_hci(r1, 0x400448e0, &(0x7f00000003c0))

3.945602169s ago: executing program 0 (id=2472):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./bus\x00')
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
mount$tmpfs(0x0, &(0x7f0000000380)='./bus\x00', 0x0, 0x0, 0x0)

3.943917099s ago: executing program 1 (id=2473):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
dup3(r2, 0xffffffffffffffff, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000200)=[@release], 0x0, 0x0, 0x0})

3.910135893s ago: executing program 1 (id=2474):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)={0x34, 0x0, 0x8, 0x801, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @icmpv6}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x34}}, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @broadcast}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
ftruncate(r1, 0x2ff8)
r3 = dup3(r2, r1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000380), 0x101bf)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f00000000c0)={0x0, r4})

2.006554785s ago: executing program 0 (id=2475):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/140}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r2)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

2.005831375s ago: executing program 1 (id=2476):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b", 0x4, 0x840, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r3, r0, 0x0)

692.68µs ago: executing program 0 (id=2477):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000640)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)

0s ago: executing program 1 (id=2478):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r0, 0xffffffffffffffff, 0x0)
socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000018000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='br_fdb_add\x00', r1}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

kvm: pic: non byte write
[  202.418759][ T5311] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer.
[  202.536896][  T322] cdc_ncm 1-1:1.0: SET_CRC_MODE failed
[  202.556929][  T322] cdc_ncm 1-1:1.0: SET_NTB_FORMAT failed
[  202.596896][  T322] cdc_ncm 1-1:1.0: bind() failure
[  202.602617][  T322] cdc_ncm 1-1:1.1: bind() failure
[  202.608562][  T322] usb 1-1: USB disconnect, device number 31
[  202.941109][ T5327] cgroup: none used incorrectly
[  203.048217][ T5336] tipc: Started in network mode
[  203.052951][ T5336] tipc: Own node identity 2, cluster identity 4711
[  203.060190][ T5336] tipc: 32-bit node address hash set to 2
[  203.142034][   T24] audit: type=1326 audit(2000000069.110:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5341 comm="syz.1.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80288b4ff9 code=0x7ffc0000
[  203.166076][   T24] audit: type=1326 audit(2000000069.110:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5341 comm="syz.1.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f80288b4ff9 code=0x7ffc0000
[  203.190585][   T24] audit: type=1326 audit(2000000069.110:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5341 comm="syz.1.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80288b4ff9 code=0x7ffc0000
[  203.519427][ T5376] incfs_lookup_dentry err:-14
[  203.523994][ T5376] incfs: Can't find or create .index dir in ./file0
[  203.530510][ T5376] incfs: mount failed -14
[  204.625905][ T5411] serio: Serial port ptm1
[  205.784647][ T5453] device pim6reg1 entered promiscuous mode
[  206.156875][  T517] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  206.566944][  T517] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  206.577729][  T517] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.587592][  T517] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  206.600388][  T517] usb 3-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  206.609648][  T517] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.620856][  T517] usb 3-1: config 0 descriptor??
[  206.626185][  T322] kernel write not supported for file /validatetrans (pid: 322 comm: kworker/1:4)
[  206.715462][ T5473] device pim6reg1 entered promiscuous mode
[  206.921947][ T5479] x_tables: unsorted entry at hook 1
[  207.087661][  T517] ntrig 0003:1B96:000A.0051: unknown main item tag 0x0
[  207.094400][  T517] ntrig 0003:1B96:000A.0051: unknown main item tag 0x0
[  207.101061][  T517] ntrig 0003:1B96:000A.0051: unknown main item tag 0x0
[  207.107746][  T517] ntrig 0003:1B96:000A.0051: unknown main item tag 0x0
[  207.114382][  T517] ntrig 0003:1B96:000A.0051: unknown main item tag 0x0
[  207.121756][  T517] ntrig 0003:1B96:000A.0051: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0
[  207.306920][  T517] ntrig 0003:1B96:000A.0051: Firmware version: 7.15.22.15.1 (3e5f f1c1)
[  207.510314][  T517] usb 3-1: USB disconnect, device number 33
[  207.893591][ T5490] netlink: 'syz.3.1809': attribute type 3 has an invalid length.
[  208.023104][ T5492] input: syz0 as /devices/virtual/input/input45
[  208.286875][  T517] Bluetooth: hci1: command 0x1003 tx timeout
[  208.292754][  T448] Bluetooth: hci1: sending frame failed (-49)
[  209.411314][ T5509] kvm: pic: non byte write
[  209.417286][ T5509] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer.
[  209.588198][ T5516] x_tables: unsorted entry at hook 1
[  210.270972][ T5521] incfs_lookup_dentry err:-14
[  210.275497][ T5521] incfs: Can't find or create .incomplete dir in ./file0
[  210.283332][ T5521] incfs: mount failed -14
[  210.336426][   T24] kauditd_printk_skb: 54 callbacks suppressed
[  210.336438][   T24] audit: type=1400 audit(2000000076.300:1555): avc:  denied  { append } for  pid=5526 comm="syz.3.1819" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  210.366913][  T517] Bluetooth: hci1: command 0x1001 tx timeout
[  210.372755][  T448] Bluetooth: hci1: sending frame failed (-49)
[  211.221830][ T5545] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  212.447295][    T5] Bluetooth: hci1: command 0x1009 tx timeout
[  214.460246][ T5556] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  216.344743][ T5565] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.351767][ T5565] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.358983][ T5565] device bridge_slave_0 entered promiscuous mode
[  216.365566][ T5565] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.372432][ T5565] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.379645][ T5565] device bridge_slave_1 entered promiscuous mode
[  216.419946][ T5565] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.426780][ T5565] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.433912][ T5565] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.440695][ T5565] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.465127][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.472674][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.480003][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.492476][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.500721][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.507568][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.514787][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.523021][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.529881][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.551733][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  216.560012][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  216.572170][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  216.582788][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  216.590574][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  216.597917][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  216.605862][ T5565] device veth0_vlan entered promiscuous mode
[  216.618324][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  216.639899][ T5565] device veth1_macvtap entered promiscuous mode
[  216.661526][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.685103][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  216.755967][ T5580] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.763286][ T5580] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.771328][ T5580] device bridge_slave_0 entered promiscuous mode
[  216.780571][ T5580] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.791947][ T5580] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.799560][ T5580] device bridge_slave_1 entered promiscuous mode
[  216.851204][ T5580] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.858057][ T5580] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.865120][ T5580] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.871943][ T5580] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.892876][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.900351][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.907520][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.922648][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.931742][  T865] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.938619][  T865] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.945848][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.954081][  T865] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.960946][  T865] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.969572][ T5596] netlink: 'syz.1.1844': attribute type 12 has an invalid length.
[  216.977800][  T370] device bridge_slave_1 left promiscuous mode
[  216.983780][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.991078][  T370] device bridge_slave_0 left promiscuous mode
[  216.997238][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.004733][  T370] device veth1_macvtap left promiscuous mode
[  217.010782][  T370] device veth0_vlan left promiscuous mode
[  217.079857][ T5596] netlink: 'syz.1.1844': attribute type 28 has an invalid length.
[  217.091647][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  217.104325][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  217.134076][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  217.148560][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  217.156664][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  217.164416][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  217.174124][ T5580] device veth0_vlan entered promiscuous mode
[  217.193836][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  217.207125][ T5580] device veth1_macvtap entered promiscuous mode
[  217.234746][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  217.248091][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  217.339844][  T370] tipc: Left network mode
[  217.727931][  T370] device bridge_slave_1 left promiscuous mode
[  217.733867][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.741371][  T370] device bridge_slave_0 left promiscuous mode
[  217.747347][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.754756][  T370] device veth1_macvtap left promiscuous mode
[  217.760721][  T370] device veth0_vlan left promiscuous mode
[  221.711725][ T5610] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.718640][ T5610] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.725923][ T5610] device bridge_slave_0 entered promiscuous mode
[  221.733072][ T5610] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.739987][ T5610] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.747139][ T5610] device bridge_slave_1 entered promiscuous mode
[  221.753365][  T370] tipc: Left network mode
[  221.778289][ T5610] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.785108][ T5610] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.792221][ T5610] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.799011][ T5610] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.815210][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  221.822567][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.830472][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.839027][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  221.846998][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.853814][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.864207][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  221.872171][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.879003][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.890884][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  221.900801][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  221.913309][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  221.925624][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  221.933491][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  221.941023][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  221.949041][ T5610] device veth0_vlan entered promiscuous mode
[  221.958412][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  221.969141][ T5610] device veth1_macvtap entered promiscuous mode
[  221.978680][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  221.989766][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  222.247403][  T370] device bridge_slave_1 left promiscuous mode
[  222.253345][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.260709][  T370] device bridge_slave_0 left promiscuous mode
[  222.266693][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.274265][  T370] device veth1_macvtap left promiscuous mode
[  222.280132][  T370] device veth0_vlan left promiscuous mode
[  222.843166][ T5633] device syzkaller0 entered promiscuous mode
[  222.961849][ T5637] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1854'.
[  223.288211][ T5658] overlayfs: statfs failed on './file0'
[  223.766000][ T5680] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  223.931867][ T5685] overlayfs: statfs failed on './file0'
[  223.941971][   T24] audit: type=1400 audit(2000000089.900:1556): avc:  denied  { getattr } for  pid=5684 comm="syz.0.1872" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  224.011292][ T5687] device syzkaller0 entered promiscuous mode
[  224.096069][ T5691] attempt to access beyond end of device
[  224.096069][ T5691] loop3: rw=2049, want=241, limit=128
[  224.110136][ T5691] attempt to access beyond end of device
[  224.110136][ T5691] loop3: rw=524288, want=193, limit=128
[  224.127364][  T313] attempt to access beyond end of device
[  224.127364][  T313] loop3: rw=1, want=153, limit=128
[  224.255504][ T5711] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  224.456880][  T363] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  224.696876][  T363] usb 1-1: Using ep0 maxpacket: 8
[  224.816919][  T363] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.826478][  T363] usb 1-1: New USB device found, idVendor=056a, idProduct=006b, bcdDevice= 0.00
[  224.835328][  T363] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.843993][  T363] usb 1-1: config 0 descriptor??
[  225.328868][  T363] wacom 0003:056A:006B.0052: unknown main item tag 0x2
[  225.335772][  T363] wacom 0003:056A:006B.0052: Unknown device_type for 'HID 056a:006b'. Assuming pen.
[  225.345774][  T363] wacom 0003:056A:006B.0052: hidraw0: USB HID v0.00 Device [HID 056a:006b] on usb-dummy_hcd.0-1/input0
[  225.357119][  T363] input: Wacom Bamboo1 5x8 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:006B.0052/input/input46
[  225.530724][  T363] usb 1-1: USB disconnect, device number 32
[  227.256702][ T5734] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  227.267603][ T5734] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  227.284954][ T5734] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  227.286296][ T5732] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.307200][ T5732] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.315090][ T5732] device bridge_slave_0 entered promiscuous mode
[  227.317718][   T24] audit: type=1400 audit(2000000093.280:1557): avc:  denied  { read } for  pid=5741 comm="syz.0.1891" name="rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  227.322600][ T5732] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.344564][   T24] audit: type=1400 audit(2000000093.280:1558): avc:  denied  { open } for  pid=5741 comm="syz.0.1891" path="/dev/rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  227.351162][ T5732] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.385001][ T5732] device bridge_slave_1 entered promiscuous mode
[  227.417538][ T5744] exfat: Bad value for 'time_offset'
[  227.426216][ T5732] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.433518][ T5732] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.440700][ T5732] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.447463][ T5732] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.469612][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  227.477479][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.484495][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.495065][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  227.503168][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.510017][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.521917][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  227.530185][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.537036][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.556415][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  227.572436][   T24] audit: type=1400 audit(2000000093.540:1559): avc:  denied  { map } for  pid=5747 comm="syz.3.1894" path="/dev/ashmem" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  227.597103][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  227.605485][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  227.623455][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  227.637213][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  227.644498][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  227.654407][ T5732] device veth0_vlan entered promiscuous mode
[  227.666413][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  227.679072][ T5732] device veth1_macvtap entered promiscuous mode
[  227.690428][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  227.704357][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  227.756313][ T5754] device syzkaller0 entered promiscuous mode
[  227.896181][  T865] device bridge_slave_1 left promiscuous mode
[  227.902176][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.919283][  T865] device bridge_slave_0 left promiscuous mode
[  227.933991][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.950891][  T865] device veth1_macvtap left promiscuous mode
[  227.963298][  T865] device veth0_vlan left promiscuous mode
[  228.522253][    T7] Bluetooth: hci1: Frame reassembly failed (-84)
[  229.856866][  T943] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  230.216933][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.227705][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.237830][  T943] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  230.246718][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.255448][  T943] usb 1-1: config 0 descriptor??
[  230.526855][    T5] Bluetooth: hci1: command 0x1003 tx timeout
[  230.532741][  T448] Bluetooth: hci1: sending frame failed (-49)
[  230.737508][  T943] keytouch 0003:0926:3333.0053: fixing up Keytouch IEC report descriptor
[  230.747399][  T943] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0053/input/input49
[  230.828976][  T943] keytouch 0003:0926:3333.0053: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  230.951751][   T25] usb 1-1: USB disconnect, device number 33
[  231.916874][  T517] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  232.156847][  T517] usb 1-1: Using ep0 maxpacket: 8
[  232.233798][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.240783][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.247937][ T5817] device bridge_slave_0 entered promiscuous mode
[  232.254485][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.261420][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.268525][ T5817] device bridge_slave_1 entered promiscuous mode
[  232.276921][  T517] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.287637][  T517] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.297200][  T517] usb 1-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[  232.305980][  T517] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.311043][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.314741][  T517] usb 1-1: config 0 descriptor??
[  232.320653][ T5817] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.320731][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.339302][ T5817] bridge0: port 1(bridge_slave_0) entered forwarding state
[  232.357309][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  232.364611][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.371905][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.381237][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  232.389269][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.396077][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  232.404578][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  232.412620][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.419448][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.431358][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  232.440353][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  232.453152][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  232.463617][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  232.471465][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  232.478638][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  232.486738][ T5817] device veth0_vlan entered promiscuous mode
[  232.496657][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  232.505491][ T5817] device veth1_macvtap entered promiscuous mode
[  232.514669][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  232.524430][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  233.035448][  T517] kye 0003:0458:4018.0054: item fetching failed at offset 5/8
[  233.042886][  T517] kye 0003:0458:4018.0054: parse failed
[  233.048723][  T517] kye: probe of 0003:0458:4018.0054 failed with error -22
[  233.056934][  T517] usb 1-1: USB disconnect, device number 34
[  233.064258][  T943] Bluetooth: hci1: command 0x1001 tx timeout
[  233.070125][  T448] Bluetooth: hci1: sending frame failed (-49)
[  233.956863][  T517] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  234.196854][  T517] usb 1-1: Using ep0 maxpacket: 16
[  234.261234][ T5847] serio: Serial port ptm0
[  234.316925][  T517] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.327704][  T517] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.345624][ T5851] device pim6reg1 entered promiscuous mode
[  234.442045][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.448921][ T5855] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.456906][  T517] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  234.465736][  T517] usb 1-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  234.474293][  T517] usb 1-1: Product: syz
[  234.478298][  T517] usb 1-1: Manufacturer: syz
[  234.487955][  T517] usb 1-1: config 0 descriptor??
[  234.559217][ T5861] device pim6reg1 entered promiscuous mode
[  234.967985][  T517] kovaplus 0003:1E7D:2D50.0055: unknown main item tag 0x0
[  234.975219][  T517] kovaplus 0003:1E7D:2D50.0055: unknown main item tag 0x0
[  234.983063][  T517] kovaplus 0003:1E7D:2D50.0055: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.0-1/input0
[  235.086864][   T53] Bluetooth: hci1: command 0x1009 tx timeout
[  235.396892][  T517] kovaplus 0003:1E7D:2D50.0055: couldn't init struct kovaplus_device
[  235.404879][  T517] kovaplus 0003:1E7D:2D50.0055: couldn't install mouse
[  235.423384][  T517] kovaplus: probe of 0003:1E7D:2D50.0055 failed with error -32
[  235.548654][  T517] usb 1-1: USB disconnect, device number 35
[  235.567900][   T24] audit: type=1326 audit(2000000101.540:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.596265][   T24] audit: type=1326 audit(2000000101.560:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.619753][   T24] audit: type=1326 audit(2000000101.560:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.643010][   T24] audit: type=1326 audit(2000000101.560:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.666632][   T24] audit: type=1326 audit(2000000101.560:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.690711][   T24] audit: type=1326 audit(2000000101.560:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.718840][   T24] audit: type=1326 audit(2000000101.560:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.744697][   T24] audit: type=1326 audit(2000000101.560:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.768757][   T24] audit: type=1326 audit(2000000101.560:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  235.792243][   T24] audit: type=1326 audit(2000000101.560:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.2.1938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f69c15b2ff9 code=0x7ffc0000
[  236.115643][ T5898] overlayfs: statfs failed on './file0'
[  236.419312][ T5911] IPv4: Oversized IP packet from 127.202.26.0
[  236.649090][ T5925] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.655940][ T5925] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.663186][ T5925] device bridge_slave_0 entered promiscuous mode
[  236.670059][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.677105][ T5925] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.684318][ T5925] device bridge_slave_1 entered promiscuous mode
[  236.717923][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.724750][ T5925] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.731872][ T5925] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.738653][ T5925] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.758417][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  236.765839][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.773658][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.784163][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  236.792314][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.799172][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.808158][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  236.816174][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.823029][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.834710][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  236.845398][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  236.861503][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  236.867135][  T319] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  236.879704][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  236.887672][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  236.894826][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  236.904878][ T5925] device veth0_vlan entered promiscuous mode
[  236.914586][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  236.923506][ T5925] device veth1_macvtap entered promiscuous mode
[  236.932757][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  236.944260][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  237.057458][  T865] device bridge_slave_1 left promiscuous mode
[  237.063384][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.070933][  T865] device bridge_slave_0 left promiscuous mode
[  237.077100][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.084696][  T865] device veth1_macvtap left promiscuous mode
[  237.090902][  T865] device veth0_vlan left promiscuous mode
[  237.126871][  T319] usb 2-1: Using ep0 maxpacket: 16
[  237.236924][  T943] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  237.247655][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.258729][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.386940][  T319] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  237.395788][  T319] usb 2-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  237.403985][  T319] usb 2-1: Product: syz
[  237.408115][  T319] usb 2-1: Manufacturer: syz
[  237.413158][  T319] usb 2-1: config 0 descriptor??
[  237.496867][  T943] usb 1-1: Using ep0 maxpacket: 8
[  237.636928][  T943] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  237.645946][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.654665][  T943] usb 1-1: config 0 descriptor??
[  237.898040][  T319] kovaplus 0003:1E7D:2D50.0056: unknown main item tag 0x0
[  237.905004][  T319] kovaplus 0003:1E7D:2D50.0056: unknown main item tag 0x0
[  237.912955][  T319] kovaplus 0003:1E7D:2D50.0056: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.1-1/input0
[  237.916968][  T943] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  238.127095][  T943] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  238.136799][  T943] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHYID register: ffffffe0
[  238.176896][  T943] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  238.327017][  T319] kovaplus 0003:1E7D:2D50.0056: couldn't init struct kovaplus_device
[  238.334918][  T319] kovaplus 0003:1E7D:2D50.0056: couldn't install mouse
[  238.345177][  T319] kovaplus: probe of 0003:1E7D:2D50.0056 failed with error -32
[  238.366361][  T319] usb 2-1: USB disconnect, device number 34
[  238.746120][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.753157][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.760366][ T5939] device bridge_slave_0 entered promiscuous mode
[  238.767102][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.773923][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.781265][ T5939] device bridge_slave_1 entered promiscuous mode
[  238.816260][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.823108][ T5939] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.830218][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.836991][ T5939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.854784][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  238.862316][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.869562][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.890404][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  238.898582][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.905405][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.913483][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  238.922203][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.929053][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.936525][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  238.945247][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  238.963517][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  238.974618][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  238.982717][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  238.990252][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  238.999914][ T5939] device veth0_vlan entered promiscuous mode
[  239.009496][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  239.018978][ T5939] device veth1_macvtap entered promiscuous mode
[  239.028370][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  239.040070][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  239.195541][ T5959] overlayfs: failed to resolve './file0': -2
[  239.249811][  T865] device bridge_slave_1 left promiscuous mode
[  239.255818][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.264061][  T865] device bridge_slave_0 left promiscuous mode
[  239.270326][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.278956][  T865] device veth1_macvtap left promiscuous mode
[  239.284907][  T865] device veth0_vlan left promiscuous mode
[  239.316909][  T943] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  239.337583][  T943] asix: probe of 1-1:0.0 failed with error -71
[  239.352996][  T943] usb 1-1: USB disconnect, device number 36
[  239.395725][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.402865][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.410526][ T5963] device bridge_slave_0 entered promiscuous mode
[  239.417692][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.424586][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.431791][ T5963] device bridge_slave_1 entered promiscuous mode
[  239.467028][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.473876][ T5963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.480972][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.487749][ T5963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.506215][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  239.513568][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.521105][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.530384][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  239.538409][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.545226][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.553693][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  239.561786][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.568625][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.580553][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  239.597069][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  239.606719][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  239.618443][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  239.626231][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  239.633812][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  239.642076][ T5963] device veth0_vlan entered promiscuous mode
[  239.652789][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  239.662285][ T5963] device veth1_macvtap entered promiscuous mode
[  239.671523][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  239.681259][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  239.714252][ T5974] binder: BINDER_SET_CONTEXT_MGR already set
[  239.716065][ T5975] EXT4-fs (loop3): dax option not supported
[  239.736427][ T5974] binder: 5972:5974 ioctl 4018620d 200001c0 returned -16
[  239.829451][ T5979] device batadv_slave_0 entered promiscuous mode
[  240.217324][  T319] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  240.357273][  T865] device bridge_slave_1 left promiscuous mode
[  240.363246][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.370781][  T865] device bridge_slave_0 left promiscuous mode
[  240.376751][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.384367][  T865] device veth1_macvtap left promiscuous mode
[  240.390241][  T865] device veth0_vlan left promiscuous mode
[  240.605455][ T5992] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  240.616256][ T5992] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002]
[  240.624505][ T5992] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  240.627030][  T319] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.631000][ T5992] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,init_itable=0x0000000000000004,,errors=continue
[  240.641778][  T319] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.665342][  T319] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  240.678453][  T319] usb 1-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[  240.678943][ T5992] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (62631!=20869)
[  240.700622][  T319] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.709243][  T319] usb 1-1: config 0 descriptor??
[  240.721357][   T24] kauditd_printk_skb: 47 callbacks suppressed
[  240.721368][   T24] audit: type=1400 audit(2000000106.690:1617): avc:  denied  { create } for  pid=5991 comm="syz.3.1975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  240.749090][   T24] audit: type=1400 audit(2000000106.700:1618): avc:  denied  { write } for  pid=5991 comm="syz.3.1975" path="socket:[53090]" dev="sockfs" ino=53090 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  240.774022][   T24] audit: type=1400 audit(2000000106.700:1619): avc:  denied  { nlmsg_read } for  pid=5991 comm="syz.3.1975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  240.816888][  T943] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  240.968934][ T6003] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.975791][ T6003] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.983180][ T6003] device bridge_slave_0 entered promiscuous mode
[  240.990128][ T6003] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.997141][ T6003] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.004241][ T6003] device bridge_slave_1 entered promiscuous mode
[  241.041117][ T6009] device pim6reg1 entered promiscuous mode
[  241.056893][  T943] usb 2-1: Using ep0 maxpacket: 16
[  241.064835][ T6003] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.071684][ T6003] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.078765][ T6003] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.085541][ T6003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.104043][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  241.111476][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.119063][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.155630][ T6003] device veth0_vlan entered promiscuous mode
[  241.170023][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  241.179365][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  241.186928][  T943] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  241.187576][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  241.196799][  T943] usb 2-1: config 0 has no interfaces?
[  241.204540][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  241.216535][  T943] usb 2-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  241.217586][  T319] holtek_mouse 0003:04D9:A070.0057: item fetching failed at offset 1/5
[  241.227021][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.234325][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  241.245030][  T943] usb 2-1: config 0 descriptor??
[  241.250188][  T319] holtek_mouse 0003:04D9:A070.0057: hid parse failed: -22
[  241.254786][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.261451][  T319] holtek_mouse: probe of 0003:04D9:A070.0057 failed with error -22
[  241.268004][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.268534][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  241.293479][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.300344][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.307526][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  241.315371][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  241.346007][ T6003] device veth1_macvtap entered promiscuous mode
[  241.359032][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  241.377285][   T24] audit: type=1400 audit(2000000107.350:1620): avc:  denied  { bind } for  pid=6016 comm="syz.3.1985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  241.406041][   T24] audit: type=1400 audit(2000000107.350:1621): avc:  denied  { listen } for  pid=6016 comm="syz.3.1985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  241.439454][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  241.460948][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  241.468014][  T943] usb 1-1: USB disconnect, device number 37
[  241.510705][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.517835][ T6013] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.525076][ T6013] device bridge_slave_0 entered promiscuous mode
[  241.532275][ T6013] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.539785][ T6013] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.547263][ T6013] device bridge_slave_1 entered promiscuous mode
[  241.555243][  T945] usb 2-1: USB disconnect, device number 35
[  241.608554][ T6013] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.615416][ T6013] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.622495][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.629282][ T6013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.656415][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  241.664007][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  241.672501][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  241.688585][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  241.700862][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  241.710149][  T865] device bridge_slave_1 left promiscuous mode
[  241.716085][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.723411][  T865] device bridge_slave_0 left promiscuous mode
[  241.729736][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.738096][  T865] device veth1_macvtap left promiscuous mode
[  241.743886][  T865] device veth0_vlan left promiscuous mode
[  241.814191][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  241.822454][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  241.833075][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  241.841073][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  241.848875][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  241.856116][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  241.864442][ T6013] device veth0_vlan entered promiscuous mode
[  241.875108][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  241.883102][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  241.892553][ T6013] device veth1_macvtap entered promiscuous mode
[  241.902396][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  241.909938][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  241.918051][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  241.927523][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  241.935603][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  241.956937][  T943] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  241.994850][   T24] audit: type=1400 audit(2000000107.960:1622): avc:  denied  { setopt } for  pid=6032 comm="syz.0.1990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  242.073322][ T6040] device pim6reg1 entered promiscuous mode
[  242.085841][   T24] audit: type=1400 audit(2000000108.050:1623): avc:  denied  { ioctl } for  pid=6041 comm="syz.1.1994" path="/dev/rtc0" dev="devtmpfs" ino=166 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  242.236909][  T943] usb 3-1: Using ep0 maxpacket: 8
[  242.310348][   T24] audit: type=1400 audit(2000000108.270:1624): avc:  denied  { rename } for  pid=6048 comm="syz.0.1997" name="file1" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  242.350823][   T24] audit: type=1400 audit(2000000108.320:1625): avc:  denied  { ioctl } for  pid=6058 comm="syz.3.2000" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=53471 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  242.380173][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.380768][   T24] audit: type=1400 audit(2000000108.320:1626): avc:  denied  { read } for  pid=6058 comm="syz.3.2000" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=53471 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  242.391868][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.769469][  T943] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  242.782466][  T943] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  242.791555][  T943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.816705][  T943] usb 3-1: config 0 descriptor??
[  242.910257][ T6072] device syzkaller0 entered promiscuous mode
[  243.005908][ T6076] EXT4-fs (sda1): resizing filesystem from 262144 to 2 blocks
[  243.013914][ T6076] EXT4-fs warning (device sda1): ext4_resize_fs:1982: can't shrink FS - resize aborted
[  243.027567][  T865] device bridge_slave_1 left promiscuous mode
[  243.033549][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.040849][  T865] device bridge_slave_0 left promiscuous mode
[  243.046770][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.054364][  T865] device veth1_macvtap left promiscuous mode
[  243.060265][  T865] device veth0_vlan left promiscuous mode
[  243.239056][  T943] usbhid 3-1:0.0: can't add hid device: -71
[  243.244844][  T943] usbhid: probe of 3-1:0.0 failed with error -71
[  243.256763][  T943] usb 3-1: USB disconnect, device number 34
[  244.004330][ T6119] device syzkaller0 entered promiscuous mode
[  244.391328][ T6151] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  244.465808][ T6161] device pim6reg1 entered promiscuous mode
[  244.657780][ T6168] attempt to access beyond end of device
[  244.657780][ T6168] loop3: rw=0, want=240, limit=128
[  244.716859][  T943] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  244.731737][  T865] attempt to access beyond end of device
[  244.731737][  T865] loop3: rw=1, want=1041, limit=128
[  244.752080][ T6179] syz.2.2045[6179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  244.752137][ T6179] syz.2.2045[6179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  244.753219][ T6177] netlink: 'syz.0.2047': attribute type 15 has an invalid length.
[  244.832335][ T6187] binder: BINDER_SET_CONTEXT_MGR already set
[  244.838925][ T6187] binder: 6186:6187 ioctl 4018620d 200002c0 returned -16
[  244.844165][ T6183] syz.3.2046[6183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  244.845793][ T6183] syz.3.2046[6183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  244.944768][ T6198] binder: BINDER_SET_CONTEXT_MGR already set
[  244.962080][ T6198] binder: 6197:6198 ioctl 4018620d 20000040 returned -16
[  244.986872][  T943] usb 2-1: Using ep0 maxpacket: 16
[  245.106925][  T943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.117626][  T943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.127179][  T943] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  245.139735][  T943] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  245.148588][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.156922][  T943] usb 2-1: config 0 descriptor??
[  245.238578][  T517] kernel write not supported for file /vcs (pid: 517 comm: kworker/0:5)
[  245.306852][  T987] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  245.317430][ T6215] exfat: Deprecated parameter 'codepage'
[  245.322961][ T6215] exfat: Unknown parameter 'shortname'
[  245.556853][  T987] usb 1-1: Using ep0 maxpacket: 16
[  245.637492][  T943] microsoft 0003:045E:07DA.0058: unknown main item tag 0x0
[  245.646680][  T943] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0058/input/input50
[  245.658857][  T943] microsoft 0003:045E:07DA.0058: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  245.686894][  T987] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  245.695691][  T987] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  245.705434][  T987] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  245.714962][  T987] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  245.724518][  T987] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  245.734290][  T987] usb 1-1: config 1 interface 0 has no altsetting 0
[  245.740734][  T987] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  245.749563][  T987] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.797705][  T987] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  245.838394][  T943] usb 2-1: USB disconnect, device number 36
[  246.017426][  T987] scsi host1: usb-storage 1-1:1.0
[  246.219603][  T987] usb 1-1: USB disconnect, device number 38
[  246.835762][ T6238] binder: 6236:6238 ioctl 4018620d 0 returned -22
[  246.959194][ T6240] syz.0.2067[6240] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.959232][ T6240] syz.0.2067[6240] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  247.419306][ T6262] ------------[ cut here ]------------
[  247.435694][ T6262] Too BIG xdp->frame_sz = 8192
[  247.440534][ T6262] WARNING: CPU: 1 PID: 6262 at net/core/filter.c:3894 bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.449900][ T6262] Modules linked in:
[  247.453597][ T6262] CPU: 1 PID: 6262 Comm: syz.1.2076 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[  247.463329][ T6262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  247.473268][ T6262] RIP: 0010:bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.478979][ T6262] Code: 89 d6 e8 45 8f da fd 4c 89 f2 e9 ca fe ff ff e8 78 f5 9c fd c6 05 48 19 13 03 01 48 c7 c7 e0 02 8f 85 44 89 f6 e8 62 7b 70 fd <0f> 0b 48 c7 c0 ea ff ff ff e9 67 ff ff ff 0f 1f 40 00 55 48 89 e5
[  247.498404][ T6262] RSP: 0018:ffffc90000d471f8 EFLAGS: 00010246
[  247.504285][ T6262] RAX: 8e37f216c52ac200 RBX: ffffc90000d473a0 RCX: 0000000000040000
[  247.512135][ T6262] RDX: ffffc9000188d000 RSI: 0000000000000583 RDI: 0000000000000584
[  247.519933][ T6262] RBP: ffffc90000d47238 R08: ffffffff81522098 R09: fffff520001a8d55
[  247.527738][ T6262] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000d473a8
[  247.535534][ T6262] R13: ffff8881210c8e61 R14: 0000000000002000 R15: 1ffff920001a8e75
[  247.543373][ T6262] FS:  00007f86236ff6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  247.552127][ T6262] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  247.558565][ T6262] CR2: 0000000020003000 CR3: 000000011609c000 CR4: 00000000003506a0
[  247.566341][ T6262] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  247.574176][ T6262] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  247.581973][ T6262] Call Trace:
[  247.585091][ T6262]  ? show_regs+0x58/0x60
[  247.589193][ T6262]  ? __warn+0x160/0x2f0
[  247.593166][ T6262]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.598309][ T6262]  ? report_bug+0x3d9/0x5b0
[  247.602622][ T6262]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.607767][ T6262]  ? handle_bug+0x41/0x70
[  247.611909][ T6262]  ? exc_invalid_op+0x1b/0x50
[  247.616416][ T6262]  ? asm_exc_invalid_op+0x12/0x20
[  247.621309][ T6262]  ? wake_up_klogd+0xb8/0xf0
[  247.625708][ T6262]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.630858][ T6262]  ? bpf_xdp_adjust_tail+0x1ae/0x1c0
[  247.635951][ T6262]  ? 0xffffffffa002c5b0
[  247.639963][ T6262]  bpf_prog_5f065984e7f319a0+0x15/0xa50
[  247.645321][ T6262]  bpf_dispatcher_xdp_func+0x20/0x30
[  247.650468][ T6262]  do_xdp_generic+0x807/0x1560
[  247.655047][ T6262]  ? generic_xdp_tx+0x490/0x490
[  247.659757][ T6262]  ? __skb_flow_dissect+0x34ae/0x5b30
[  247.664942][ T6262]  ? __netif_receive_skb_core+0x292/0x3760
[  247.670613][ T6262]  __netif_receive_skb_core+0x1705/0x3760
[  247.676134][ T6262]  ? __skb_flow_get_ports+0x2e8/0x370
[  247.681369][ T6262]  ? set_rps_cpu+0x5e0/0x5e0
[  247.685767][ T6262]  ? __kasan_check_write+0x14/0x20
[  247.690740][ T6262]  ? __switch_to+0x5f6/0x1240
[  247.695228][ T6262]  ? plist_check_list+0x254/0x270
[  247.700117][ T6262]  __netif_receive_skb+0x11c/0x530
[  247.705037][ T6262]  ? native_set_ldt+0x360/0x360
[  247.709747][ T6262]  ? deliver_ptype_list_skb+0x3c0/0x3c0
[  247.715108][ T6262]  ? finish_task_switch+0x130/0x5a0
[  247.720159][ T6262]  ? switch_mm_irqs_off+0x71b/0x9a0
[  247.725168][ T6262]  ? __switch_to_asm+0x34/0x60
[  247.729807][ T6262]  ? __schedule+0xbee/0x1330
[  247.734197][ T6262]  netif_receive_skb+0xb0/0x480
[  247.738911][ T6262]  ? netif_receive_skb_core+0x210/0x210
[  247.744265][ T6262]  ? __kasan_check_read+0x11/0x20
[  247.749149][ T6262]  ? preempt_schedule_irq+0xe7/0x140
[  247.754252][ T6262]  ? preempt_schedule+0xd9/0xe0
[  247.758989][ T6262]  ? __kasan_check_read+0x11/0x20
[  247.763796][ T6262]  tun_rx_batched+0x6d9/0x870
[  247.768334][ T6262]  ? schedule_preempt_disabled+0x20/0x20
[  247.773775][ T6262]  ? local_bh_enable+0x30/0x30
[  247.778403][ T6262]  ? preempt_schedule_thunk+0x16/0x18
[  247.783582][ T6262]  ? __skb_flow_dissect+0x34ae/0x5b30
[  247.788817][ T6262]  tun_get_user+0x2bf3/0x38f0
[  247.793306][ T6262]  ? __kasan_check_read+0x11/0x20
[  247.798186][ T6262]  ? tun_do_read+0x1f60/0x1f60
[  247.802763][ T6262]  ? preempt_schedule_irq+0xe7/0x140
[  247.807911][ T6262]  ? preempt_schedule_notrace+0x140/0x140
[  247.813437][ T6262]  ? irqentry_exit+0x4f/0x60
[  247.817903][ T6262]  ? sysvec_reschedule_ipi+0x83/0x160
[  247.823072][ T6262]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[  247.828570][ T6262]  ? iov_iter_init+0x30/0x120
[  247.833139][ T6262]  tun_chr_write_iter+0x1a8/0x250
[  247.838025][ T6262]  vfs_write+0xb4c/0xe70
[  247.842084][ T6262]  ? irqentry_exit+0x4f/0x60
[  247.846504][ T6262]  ? kernel_write+0x3d0/0x3d0
[  247.851049][ T6262]  ? __fdget_pos+0x209/0x3a0
[  247.855444][ T6262]  ? ksys_write+0x77/0x2c0
[  247.859722][ T6262]  ksys_write+0x199/0x2c0
[  247.863950][ T6262]  ? __kasan_check_write+0x14/0x20
[  247.868921][ T6262]  ? __ia32_sys_read+0x90/0x90
[  247.873498][ T6262]  ? __kasan_check_read+0x11/0x20
[  247.878382][ T6262]  ? asm_sysvec_reschedule_ipi+0xa/0x20
[  247.883737][ T6262]  __x64_sys_write+0x7b/0x90
[  247.888195][ T6262]  do_syscall_64+0x34/0x70
[  247.892419][ T6262]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  247.898256][ T6262] RIP: 0033:0x7f8624a84adf
[  247.902483][ T6262] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  247.921958][ T6262] RSP: 002b:00007f86236ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  247.930193][ T6262] RAX: ffffffffffffffda RBX: 00007f8624c3df80 RCX: 00007f8624a84adf
[  247.938003][ T6262] RDX: 0000000000000d41 RSI: 0000000020002540 RDI: 00000000000000c8
[  247.945791][ T6262] RBP: 00007f8624af8296 R08: 0000000000000000 R09: 0000000000000000
[  247.953654][ T6262] R10: 0000000000000d41 R11: 0000000000000293 R12: 0000000000000000
[  247.961436][ T6262] R13: 0000000000000000 R14: 00007f8624c3df80 R15: 00007ffc675fd468
[  247.969256][ T6262] ---[ end trace 384e2d3fd97c34ee ]---
[  247.974525][ T6262] Illegal XDP return value 4294967274, expect packet loss!
[  247.984909][  T987] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  248.032542][ T6265] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  248.119216][   T24] kauditd_printk_skb: 102 callbacks suppressed
[  248.119228][   T24] audit: type=1400 audit(2000000114.090:1729): avc:  denied  { watch } for  pid=6268 comm="syz.0.2080" path="/42/control" dev="tmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  248.194538][   T24] audit: type=1400 audit(2000000114.160:1730): avc:  denied  { write } for  pid=6284 comm="syz.1.2086" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  248.233614][   T24] audit: type=1400 audit(2000000114.160:1731): avc:  denied  { open } for  pid=6284 comm="syz.1.2086" path="/56/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  248.255981][  T987] usb 4-1: Using ep0 maxpacket: 16
[  248.376989][  T987] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.388457][  T987] usb 4-1: config 0 has no interfaces?
[  248.393740][  T987] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  248.411842][  T987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.421901][   T24] audit: type=1400 audit(2000000114.400:1732): avc:  denied  { block_suspend } for  pid=6297 comm="syz.2.2092" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  248.424403][  T987] usb 4-1: config 0 descriptor??
[  248.796539][   T25] usb 4-1: USB disconnect, device number 38
[  249.132410][ T6328] device syzkaller0 entered promiscuous mode
[  249.426934][   T25] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  249.786945][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.797914][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.808430][   T25] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  249.826897][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.838461][   T25] usb 2-1: config 0 descriptor??
[  250.056941][  T517] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  250.156872][  T943] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  250.176933][   T25] usbhid 2-1:0.0: can't add hid device: -71
[  250.182740][   T25] usbhid: probe of 2-1:0.0 failed with error -71
[  250.189876][   T25] usb 2-1: USB disconnect, device number 37
[  250.426946][  T987] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  250.427008][  T943] usb 3-1: Using ep0 maxpacket: 16
[  250.466961][  T517] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.477767][  T517] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.487329][  T517] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  250.496132][  T517] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.504882][  T517] usb 4-1: config 0 descriptor??
[  250.556941][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.567661][  T943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.577166][  T943] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  250.589789][  T943] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  250.598591][  T943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.609514][  T943] usb 3-1: config 0 descriptor??
[  250.666893][  T987] usb 1-1: Using ep0 maxpacket: 32
[  250.796916][  T987] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  250.806900][  T987] usb 1-1: config 4 has 0 interfaces, different from the descriptor's value: 1
[  250.815937][  T987] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  250.825096][  T987] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.858071][ T6362] serio: Serial port ptm0
[  250.916760][   T24] audit: type=1400 audit(2000000116.880:1733): avc:  denied  { read write } for  pid=6364 comm="syz.1.2118" name="uhid" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  250.923101][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  250.947324][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  250.954514][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  250.961990][   T24] audit: type=1400 audit(2000000116.880:1734): avc:  denied  { open } for  pid=6364 comm="syz.1.2118" path="/dev/uhid" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  250.985168][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  250.992276][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  250.999908][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.007122][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.014602][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x4
[  251.021830][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.029039][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x2
[  251.036182][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.040106][  T517] pyra 0003:1E7D:2CF6.005A: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  251.043441][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.063050][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.070280][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.079757][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.087001][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.094158][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.097755][  T943] koneplus 0003:1E7D:2E22.005B: item fetching failed at offset 0/2
[  251.101378][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.116286][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.123506][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.130733][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.130994][  T943] koneplus 0003:1E7D:2E22.005B: parse failed
[  251.137945][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.150979][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.151042][  T943] koneplus: probe of 0003:1E7D:2E22.005B failed with error -22
[  251.158169][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.172738][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.179918][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.187098][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.194291][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.201518][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.208791][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.215918][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.223132][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.230330][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.237549][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.244723][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.251970][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.259204][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.266372][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.266898][  T517] pyra 0003:1E7D:2CF6.005A: couldn't init struct pyra_device
[  251.273563][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.281155][  T517] pyra 0003:1E7D:2CF6.005A: couldn't install mouse
[  251.287964][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.287980][   T25] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  251.296172][  T517] pyra: probe of 0003:1E7D:2CF6.005A failed with error -71
[  251.302269][   T25] hid-generic 0000:0000:0000.0059: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  251.316115][  T517] usb 4-1: USB disconnect, device number 39
[  251.354236][  T319] usb 3-1: USB disconnect, device number 35
[  252.156876][  T319] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  252.436847][  T319] usb 3-1: Using ep0 maxpacket: 16
[  252.596884][  T319] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  252.606749][  T319] usb 3-1: config 0 has no interfaces?
[  252.626857][  T319] usb 3-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  252.635699][  T319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.644212][  T319] usb 3-1: config 0 descriptor??
[  252.939738][  T319] usb 3-1: USB disconnect, device number 36
[  253.675372][ T6401] syz.3.2127[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.675425][ T6401] syz.3.2127[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.688978][ T6401] syz.3.2127[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.700380][ T6401] syz.3.2127[6401] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.727642][   T24] audit: type=1326 audit(2000000119.700:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.771684][   T24] audit: type=1326 audit(2000000119.700:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.797948][   T24] audit: type=1326 audit(2000000119.700:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.821370][   T24] audit: type=1326 audit(2000000119.700:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.844732][   T24] audit: type=1326 audit(2000000119.700:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.868366][   T24] audit: type=1326 audit(2000000119.700:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.891763][   T24] audit: type=1326 audit(2000000119.700:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.915078][   T24] audit: type=1326 audit(2000000119.700:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.938666][   T24] audit: type=1326 audit(2000000119.700:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  253.962060][   T24] audit: type=1326 audit(2000000119.740:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6404 comm="syz.3.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33e9071ff9 code=0x7ffc0000
[  254.047673][  T945] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  254.286848][  T945] usb 3-1: Using ep0 maxpacket: 32
[  254.311740][ T6415] tipc: Started in network mode
[  254.316402][ T6415] tipc: Own node identity ee16a15b5351, cluster identity 4711
[  254.323844][ T6415] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.345530][ T6414] tipc: Resetting bearer <eth:syzkaller0>
[  254.355622][ T6414] tipc: Disabling bearer <eth:syzkaller0>
[  254.406921][  T945] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.417660][  T945] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.427367][  T945] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  254.436286][  T945] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.451259][  T945] usb 3-1: config 0 descriptor??
[  254.487378][  T945] hub 3-1:0.0: USB hub found
[  254.636997][  T322] usb 1-1: USB disconnect, device number 39
[  254.706915][  T945] hub 3-1:0.0: 1 port detected
[  255.736896][  T943] hub 3-1:0.0: activate --> -90
[  255.937772][  T945] usb 3-1: USB disconnect, device number 37
[  255.956884][  T943] hub 3-1:0.0: hub_ext_port_status failed (err = -71)
[  256.466604][ T6458] binder: BINDER_SET_CONTEXT_MGR already set
[  256.474934][ T6458] binder: 6457:6458 ioctl 4018620d 20000040 returned -16
[  256.866857][  T322] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  257.106841][  T322] usb 2-1: Using ep0 maxpacket: 16
[  257.226908][  T322] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.237632][  T322] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.247587][  T322] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  257.256459][  T322] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.264833][  T322] usb 2-1: config 0 descriptor??
[  257.385124][  T111] Bluetooth: hci0: Frame reassembly failed (-84)
[  257.748527][  T322] hid-led 0003:1294:1320.005C: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.1-1/input0
[  257.761816][  T322] hid-led 0003:1294:1320.005C: Riso Kagaku Webmail Notifier initialized
[  257.950773][ T6472] udc-core: couldn't find an available UDC or it's busy
[  257.957577][ T6472] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  257.965842][  T945] usb 2-1: USB disconnect, device number 38
[  257.972289][  T943] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[  257.980278][  T943] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[  257.988298][  T943] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[  258.133795][ T6506] ªªªªªª: renamed from vlan0
[  258.298044][ T6514] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  258.361349][ T6518] device pim6reg1 entered promiscuous mode
[  258.787884][ T6539] incfs: Can't find or create .index dir in ./file0
[  258.794359][ T6539] incfs: mount failed -5
[  259.037193][   T24] kauditd_printk_skb: 32 callbacks suppressed
[  259.037204][   T24] audit: type=1326 audit(2000000125.010:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6561 comm="syz.1.2192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8624a85ff9 code=0x0
[  259.846931][  T322] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  259.857504][ T6577] erofs: (device loop3): mounted with root inode @ nid 36.
[  259.872138][ T6577] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 15 for nid 36, please upgrade kernel
[  259.883560][ T6577] erofs: (device loop3): z_erofs_readpage: failed to read, err [-95]
[  259.891925][ T6577] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  260.219144][  T322] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.229901][  T322] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.239737][  T322] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  260.248772][  T322] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.260434][  T322] usb 3-1: config 0 descriptor??
[  260.291359][ T6592] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.298817][ T6592] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.306071][ T6592] device bridge_slave_0 entered promiscuous mode
[  260.316832][ T6592] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.323705][ T6592] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.330930][ T6592] device bridge_slave_1 entered promiscuous mode
[  260.365361][ T6592] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.372218][ T6592] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.379315][ T6592] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.386080][ T6592] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.404394][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  260.411949][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.419200][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.430584][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  260.438585][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.445420][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.454174][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  260.462352][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.469200][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.483009][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  260.492287][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  260.508116][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  260.519120][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  260.527438][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  260.534646][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  260.544468][ T6592] device veth0_vlan entered promiscuous mode
[  260.554296][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  260.563266][ T6592] device veth1_macvtap entered promiscuous mode
[  260.574532][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  260.584302][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  260.727889][  T322] hid-generic 0003:044F:B65D.005D: unknown main item tag 0x0
[  260.735537][  T322] hid-generic 0003:044F:B65D.005D: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[  260.757777][  T111] device bridge_slave_1 left promiscuous mode
[  260.763838][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.772319][  T111] device bridge_slave_0 left promiscuous mode
[  260.778767][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.786493][  T111] device veth1_macvtap left promiscuous mode
[  260.792802][  T111] device veth0_vlan left promiscuous mode
[  260.900535][ T6606] device syzkaller0 entered promiscuous mode
[  260.921089][ T6609] device syzkaller0 entered promiscuous mode
[  261.007983][    T5] usb 3-1: USB disconnect, device number 38
[  261.227437][ T6618] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  261.235046][ T6618] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  261.243874][ T6618] F2FS-fs (loop3): invalid crc value
[  261.250342][ T6618] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  261.262284][ T6618] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  261.279267][ T6618] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  261.286212][ T6618] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  261.933342][ T6643] device pim6reg1 entered promiscuous mode
[  261.982554][ T6629] F2FS-fs (loop3): invalid crc value
[  261.998200][ T6629] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  262.019403][ T6657] device syzkaller0 entered promiscuous mode
[  262.032705][ T6629] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[  262.061876][   T24] audit: type=1326 audit(2000000128.030:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  262.093134][   T24] audit: type=1326 audit(2000000128.030:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  262.127140][   T24] audit: type=1326 audit(2000000128.030:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f806aade033 code=0x7ffc0000
[  262.151826][   T24] audit: type=1326 audit(2000000128.030:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f806aadcadf code=0x7ffc0000
[  262.189480][   T24] audit: type=1326 audit(2000000128.030:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f806aade087 code=0x7ffc0000
[  262.212851][   T24] audit: type=1326 audit(2000000128.030:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f806aadc990 code=0x7ffc0000
[  262.236558][   T24] audit: type=1326 audit(2000000128.030:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f806aadcc8a code=0x7ffc0000
[  262.259752][   T24] audit: type=1326 audit(2000000128.030:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  262.284054][   T24] audit: type=1326 audit(2000000128.030:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6662 comm="syz.0.2224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  262.656916][ T6700] syz.1.2237[6700] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  262.656977][ T6700] syz.1.2237[6700] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  262.788056][ T6711] device pim6reg1 entered promiscuous mode
[  263.043329][  T943] kernel write not supported for file /validatetrans (pid: 943 comm: kworker/0:6)
[  263.255628][ T6731] netlink: 'syz.0.2249': attribute type 30 has an invalid length.
[  263.272217][ T6733] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  263.677594][ T6744] syz.3.2254[6744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  263.677646][ T6744] syz.3.2254[6744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  264.196876][  T319] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[  264.410216][ T6762] device syzkaller0 entered promiscuous mode
[  264.476646][    T5] kernel write not supported for file /validatetrans (pid: 5 comm: kworker/0:0)
[  264.566951][  T319] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  264.578530][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  264.589635][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.599481][  T319] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  264.605677][  T865] Bluetooth: hci0: Frame reassembly failed (-84)
[  264.612433][  T319] usb 2-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  264.627251][  T319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.635643][  T319] usb 2-1: config 0 descriptor??
[  264.655487][  T865] Bluetooth: hci0: Frame reassembly failed (-84)
[  264.682509][ T6777] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  264.690584][ T6777] tipc: Enabled bearer <udp:syz1>, priority 10
[  264.893626][   T24] kauditd_printk_skb: 5 callbacks suppressed
[  264.893639][   T24] audit: type=1326 audit(2000000130.860:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  264.923294][   T24] audit: type=1326 audit(2000000130.900:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  264.948943][   T24] audit: type=1326 audit(2000000130.900:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  264.973115][   T24] audit: type=1326 audit(2000000130.900:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.021114][   T24] audit: type=1326 audit(2000000130.900:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.045513][   T24] audit: type=1326 audit(2000000130.900:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.087312][   T24] audit: type=1326 audit(2000000130.900:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.110986][   T24] audit: type=1326 audit(2000000130.900:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.134424][   T24] audit: type=1326 audit(2000000130.900:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.157902][   T24] audit: type=1326 audit(2000000130.900:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6790 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bd9bdff9 code=0x7ffc0000
[  265.158823][  T319] hid-rmi 0003:17EF:6085.005E: unknown main item tag 0x0
[  265.206946][  T319] hid-rmi 0003:17EF:6085.005E: unknown main item tag 0x0
[  265.231992][  T319] hid-rmi 0003:17EF:6085.005E: unknown main item tag 0x0
[  265.242162][  T319] hid-rmi 0003:17EF:6085.005E: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.1-1/input0
[  265.527628][  T319] usb 2-1: USB disconnect, device number 39
[  265.816939][  T314] tipc: 32-bit node address hash set to 5ba147bd
[  266.209536][ T6818] F2FS-fs (loop3): fault_injection options not supported
[  266.227055][ T6818] F2FS-fs (loop3): invalid crc value
[  266.250425][ T6818] F2FS-fs (loop3): Found nat_bits in checkpoint
[  266.324698][ T6818] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  266.417451][ T5963] attempt to access beyond end of device
[  266.417451][ T5963] loop3: rw=2049, want=45120, limit=40427
[  266.876877][  T314] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  266.876963][ T6833] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.891239][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.898674][ T6833] device bridge_slave_0 entered promiscuous mode
[  266.907163][ T6833] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.913996][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.921316][ T6833] device bridge_slave_1 entered promiscuous mode
[  266.955950][ T6833] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.962793][ T6833] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.969901][ T6833] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.976668][ T6833] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.994631][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.002479][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.009819][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.020470][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  267.028461][  T865] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.035298][  T865] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.043933][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  267.052050][  T865] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.058918][  T865] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.072587][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.081714][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.096017][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  267.109052][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  267.116938][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  267.124150][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  267.131409][  T314] usb 4-1: Using ep0 maxpacket: 8
[  267.133101][ T6833] device veth0_vlan entered promiscuous mode
[  267.147981][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  267.157157][ T6833] device veth1_macvtap entered promiscuous mode
[  267.168652][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  267.179175][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  267.257053][  T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.268233][  T314] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.278322][  T314] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  267.278338][  T111] device bridge_slave_1 left promiscuous mode
[  267.287342][  T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.304730][  T314] usb 4-1: config 0 descriptor??
[  267.309709][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.319288][  T111] device bridge_slave_0 left promiscuous mode
[  267.325277][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.333405][  T111] device veth1_macvtap left promiscuous mode
[  267.339688][  T111] device veth0_vlan left promiscuous mode
[  267.466967][  T943] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  267.558313][ T6829] device wireguard0 entered promiscuous mode
[  267.706972][  T943] usb 1-1: Using ep0 maxpacket: 16
[  267.756941][  T314] usbhid 4-1:0.0: can't add hid device: -71
[  267.762861][  T314] usbhid: probe of 4-1:0.0 failed with error -71
[  267.772346][  T314] usb 4-1: USB disconnect, device number 40
[  267.836959][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.847801][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.857523][  T943] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  267.870301][  T943] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  267.879300][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.890685][  T943] usb 1-1: config 0 descriptor??
[  268.276881][  T314] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  268.377514][  T943] koneplus 0003:1E7D:2E22.005F: unknown main item tag 0x0
[  268.381796][ T6876] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  268.389151][  T943] koneplus 0003:1E7D:2E22.005F: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.0-1/input0
[  268.393400][ T6876] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  268.413566][ T6876] F2FS-fs (loop3): Found nat_bits in checkpoint
[  268.435599][ T6876] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  268.442583][ T6876] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  268.460553][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.460564][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.468001][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.475296][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.482975][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.490500][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.497985][ T5963] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  268.548187][  T111] tipc: Disabling bearer <udp:syz1>
[  268.560854][  T111] tipc: Left network mode
[  268.587017][  T943] koneplus 0003:1E7D:2E22.005F: couldn't init struct koneplus_device
[  268.605662][  T943] koneplus 0003:1E7D:2E22.005F: couldn't install mouse
[  268.613980][  T943] koneplus: probe of 0003:1E7D:2E22.005F failed with error -5
[  268.677081][  T314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.687860][  T314] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.690833][ T6888] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.697573][  T314] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  268.704298][ T6888] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.713301][  T314] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.720276][ T6888] device bridge_slave_0 entered promiscuous mode
[  268.731038][  T314] usb 2-1: config 0 descriptor??
[  268.735387][ T6888] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.745669][ T6888] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.752977][ T6888] device bridge_slave_1 entered promiscuous mode
[  268.788361][ T6888] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.795215][ T6888] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.802336][ T6888] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.809120][ T6888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.809353][  T943] usb 1-1: USB disconnect, device number 40
[  268.834999][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.842319][  T865] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.849609][  T865] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.860244][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.868369][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.876293][  T865] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.883152][  T865] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.893454][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.901756][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.909929][  T865] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.916743][  T865] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.930103][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.937953][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.947265][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.955150][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.969656][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  268.977935][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  268.991049][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  268.998684][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.006368][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.013859][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.021950][ T6888] device veth0_vlan entered promiscuous mode
[  269.033538][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.041742][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.050724][ T6888] device veth1_macvtap entered promiscuous mode
[  269.059914][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  269.067379][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  269.075351][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.084883][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  269.093074][  T865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.118561][  T111] device bridge_slave_1 left promiscuous mode
[  269.124736][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.132359][  T111] device bridge_slave_0 left promiscuous mode
[  269.138513][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.145978][  T111] device veth1_macvtap left promiscuous mode
[  269.152002][  T111] device veth0_vlan left promiscuous mode
[  269.209582][ T6893] device dummy0 entered promiscuous mode
[  269.237200][  T314] hid (null): bogus close delimiter
[  269.456948][  T314] usb 2-1: language id specifier not provided by device, defaulting to English
[  269.541159][ T6911] EXT4-fs (loop3): Test dummy encryption mode enabled
[  269.553660][ T6911] EXT4-fs (loop3): Ignoring removed orlov option
[  269.562219][ T6911] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,min_batch_time=0x0000000000000004,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000001,data_err=abort,,errors=continue
[  269.789202][ T6924] SELinux:  Context Ü is not valid (left unmapped).
[  269.796126][ T6924] syz.0.2320[6924] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.796183][ T6924] syz.0.2320[6924] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.898901][  T314] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0060/input/input51
[  269.937513][  T314] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0060/input/input52
[  269.950721][  T314] uclogic 0003:256C:006D.0060: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  270.114223][  T987] usb 2-1: USB disconnect, device number 40
[  270.296979][  T314] Bluetooth: hci0: command 0x1003 tx timeout
[  270.302831][  T448] Bluetooth: hci0: sending frame failed (-49)
[  270.377008][ T6928] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  270.391447][ T6928] overlayfs: upper fs does not support tmpfile.
[  270.482308][ T6939] device pim6reg1 entered promiscuous mode
[  270.650398][ T6953] device syzkaller0 entered promiscuous mode
[  270.866929][  T987] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  271.457074][  T987] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  271.464911][  T987] usb 4-1: config 0 has no interface number 0
[  271.470825][  T987] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.481474][  T987] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.491029][  T987] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  271.499866][  T987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.508355][  T987] usb 4-1: config 0 descriptor??
[  271.713153][ T6978] device pim6reg1 entered promiscuous mode
[  271.977347][  T987] hid (null): global environment stack underflow
[  271.984391][  T987] uclogic 0003:5543:0522.0061: global environment stack underflow
[  271.992293][  T987] uclogic 0003:5543:0522.0061: item 0 1 1 11 parsing failed
[  271.999546][  T987] uclogic 0003:5543:0522.0061: parse failed
[  272.005312][  T987] uclogic: probe of 0003:5543:0522.0061 failed with error -22
[  272.036852][  T314] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  272.097215][ T6991] device veth0_to_team entered promiscuous mode
[  272.178322][  T322] usb 4-1: USB disconnect, device number 41
[  272.366895][   T53] Bluetooth: hci0: command 0x1001 tx timeout
[  272.372750][  T448] Bluetooth: hci0: sending frame failed (-49)
[  272.396957][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.407683][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.417209][  T314] usb 1-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  272.426033][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.434723][  T314] usb 1-1: config 0 descriptor??
[  272.917783][  T314] petalynx 0003:18B1:0037.0062: collection stack underflow
[  272.924876][  T314] petalynx 0003:18B1:0037.0062: item 0 1 0 12 parsing failed
[  272.932315][  T314] petalynx 0003:18B1:0037.0062: parse failed
[  272.938205][  T314] petalynx: probe of 0003:18B1:0037.0062 failed with error -22
[  273.041211][   T24] kauditd_printk_skb: 45 callbacks suppressed
[  273.041223][   T24] audit: type=1326 audit(2000000139.010:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7009 comm="syz.3.2354" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd50e87ff9 code=0x0
[  273.118416][  T987] usb 1-1: USB disconnect, device number 41
[  274.446916][  T314] Bluetooth: hci0: command 0x1009 tx timeout
[  274.841992][ T7050] device bridge_slave_0 left promiscuous mode
[  274.849023][ T7050] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.082952][ T7059] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  275.094485][ T7059] EXT4-fs (loop3): 1 truncate cleaned up
[  275.100378][ T7059] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,resgid=0x0000000000000000,data=journal,nombcache,block_validity,,errors=continue
[  275.124744][   T24] audit: type=1400 audit(2000000141.090:1848): avc:  denied  { write } for  pid=7058 comm="syz.3.2371" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.149443][ T7059] syz.3.2371 (pid 7059) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  275.164160][   T24] audit: type=1400 audit(2000000141.090:1849): avc:  denied  { add_name } for  pid=7058 comm="syz.3.2371" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.189374][ T6888] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /18/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  275.189796][   T24] audit: type=1400 audit(2000000141.120:1850): avc:  denied  { mounton } for  pid=7058 comm="syz.3.2371" path="/18/file2/bus/bus" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.233845][   T24] audit: type=1400 audit(2000000141.120:1851): avc:  denied  { setattr } for  pid=7058 comm="syz.3.2371" name="work" dev="loop3" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.233998][ T6888] EXT4-fs error (device loop3): ext4_empty_dir:3113: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  275.255817][   T24] audit: type=1400 audit(2000000141.120:1852): avc:  denied  { remove_name } for  pid=7058 comm="syz.3.2371" name="#93" dev="loop3" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  275.297193][   T24] audit: type=1400 audit(2000000141.120:1853): avc:  denied  { rename } for  pid=7058 comm="syz.3.2371" name="#93" dev="loop3" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  275.318973][   T24] audit: type=1400 audit(2000000141.120:1854): avc:  denied  { unlink } for  pid=7058 comm="syz.3.2371" name="#93" dev="loop3" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  275.342241][ T6888] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /18/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  275.363787][ T6888] EXT4-fs error (device loop3): ext4_empty_dir:3113: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  275.383488][ T6888] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /18/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  275.406511][ T6888] EXT4-fs error (device loop3): ext4_empty_dir:3113: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  275.426311][ T6888] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /18/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  275.450334][ T6888] EXT4-fs error (device loop3): ext4_empty_dir:3113: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  275.470004][ T6888] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /18/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  275.491662][ T6888] EXT4-fs error (device loop3): ext4_empty_dir:3113: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  275.528529][   T24] audit: type=1326 audit(2000000141.500:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.2376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  275.554822][ T7067] device pim6reg1 entered promiscuous mode
[  275.566322][   T24] audit: type=1326 audit(2000000141.500:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.2376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f806aaddff9 code=0x7ffc0000
[  275.635432][ T7074] syz.1.2378[7074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  275.635473][ T7074] syz.1.2378[7074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  275.778317][ T7079] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.796542][ T7079] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.804029][ T7079] device bridge_slave_0 entered promiscuous mode
[  275.810882][ T7079] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.817746][ T7079] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.825024][ T7079] device bridge_slave_1 entered promiscuous mode
[  275.831452][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2385'.
[  275.885536][ T7079] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.892418][ T7079] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.899503][ T7079] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.906258][ T7079] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.937571][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  275.945213][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.952392][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.972280][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  275.980352][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.987204][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.994690][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  276.004147][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.011004][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.028413][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  276.036421][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.053454][ T7079] device veth0_vlan entered promiscuous mode
[  276.061492][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  276.069966][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  276.077266][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  276.084546][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  276.098082][  T111] device bridge_slave_1 left promiscuous mode
[  276.104010][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.111685][  T111] device bridge_slave_0 left promiscuous mode
[  276.118151][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.126119][  T111] device bridge_slave_1 left promiscuous mode
[  276.132311][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.140229][  T111] device bridge_slave_0 left promiscuous mode
[  276.146193][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.154397][  T111] device veth1_macvtap left promiscuous mode
[  276.160462][  T111] device veth0_vlan left promiscuous mode
[  276.166225][  T111] device veth1_macvtap left promiscuous mode
[  276.172087][  T111] device veth0_vlan left promiscuous mode
[  276.203245][ T7096] incfs: Can't find or create .index dir in ./file0
[  276.209780][ T7096] incfs: mount failed -5
[  276.340136][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  276.348469][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  276.357985][ T7079] device veth1_macvtap entered promiscuous mode
[  276.367865][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  276.375386][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  276.383970][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  276.401948][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  276.410135][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  276.935227][ T7112] netlink: 'syz.1.2394': attribute type 15 has an invalid length.
[  277.760542][ T7131] incfs_lookup_dentry err:-14
[  277.765072][ T7131] incfs: Can't find or create .incomplete dir in ./file0
[  277.772445][ T7131] incfs: mount failed -14
[  277.833445][ T7146] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  278.027541][  T111] device bridge_slave_1 left promiscuous mode
[  278.033491][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.041713][  T111] device dummy0 left promiscuous mode
[  278.047240][  T111] device veth1_macvtap left promiscuous mode
[  278.053025][  T111] device veth0_vlan left promiscuous mode
[  278.110945][ T7158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2418'.
[  278.284395][   T24] kauditd_printk_skb: 21 callbacks suppressed
[  278.284416][   T24] audit: type=1400 audit(2000000144.250:1878): avc:  denied  { open } for  pid=7174 comm="syz.1.2417" path="/43/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  278.336846][   T24] audit: type=1400 audit(2000000144.290:1879): avc:  denied  { ioctl } for  pid=7174 comm="syz.1.2417" path="/43/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  278.424506][ T7179] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.431489][ T7179] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.442489][ T7179] device bridge_slave_0 entered promiscuous mode
[  278.462539][ T7179] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.470447][ T7179] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.478390][ T7179] device bridge_slave_1 entered promiscuous mode
[  278.569712][ T7196] syz.1.2423[7196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.569760][ T7196] syz.1.2423[7196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.694198][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  278.717227][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  278.767168][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  278.775350][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.802061][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.808937][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.820705][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  278.828932][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.837508][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.844336][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.852328][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  278.868265][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  278.876320][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  278.894629][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.920473][ T7179] device veth0_vlan entered promiscuous mode
[  278.938116][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  278.946217][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  278.958147][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  278.983363][ T7179] device veth1_macvtap entered promiscuous mode
[  279.006350][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  279.029057][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  279.040060][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  279.149667][  T111] device bridge_slave_1 left promiscuous mode
[  279.155636][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.173961][  T111] device bridge_slave_0 left promiscuous mode
[  279.180030][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.189346][ T7220] binder: 7213:7220 ioctl 4018620d 0 returned -22
[  279.199677][  T111] device veth1_macvtap left promiscuous mode
[  279.397251][  T943] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  279.648339][ T7225] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  279.657115][  T943] usb 1-1: Using ep0 maxpacket: 8
[  279.661900][   T24] audit: type=1400 audit(2000000145.630:1880): avc:  denied  { mounton } for  pid=7223 comm="syz.3.2435" path="/18/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  279.793399][ T7079] EXT4-fs error (device loop3): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  279.817325][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.828022][  T943] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.837571][  T943] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  279.854182][  T943] usb 1-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00
[  279.863079][  T943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.871664][  T943] usb 1-1: config 0 descriptor??
[  280.077381][  T111] device bridge_slave_1 left promiscuous mode
[  280.083326][  T111] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.096605][  T111] device bridge_slave_0 left promiscuous mode
[  280.116446][  T111] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.124403][  T111] device veth1_macvtap left promiscuous mode
[  280.130723][  T111] device veth0_vlan left promiscuous mode
[  280.307400][ T7235] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  280.314985][ T7235] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  280.325331][ T7235] F2FS-fs (loop3): Found nat_bits in checkpoint
[  280.337763][  T943] ntrig 0003:1B96:0010.0063: item fetching failed at offset 5/7
[  280.347514][  T943] ntrig 0003:1B96:0010.0063: parse failed
[  280.353300][  T943] ntrig: probe of 0003:1B96:0010.0063 failed with error -22
[  280.363608][ T7235] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  280.370538][ T7235] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  280.443822][   T24] audit: type=1326 audit(2000000146.410:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.469806][   T24] audit: type=1326 audit(2000000146.440:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.493302][   T24] audit: type=1326 audit(2000000146.440:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.516847][   T24] audit: type=1326 audit(2000000146.440:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.541431][   T24] audit: type=1326 audit(2000000146.440:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.564972][   T24] audit: type=1326 audit(2000000146.440:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.588546][   T24] audit: type=1326 audit(2000000146.440:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7234 comm="syz.3.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92aa181ff9 code=0x7ffc0000
[  280.589656][    T5] usb 1-1: USB disconnect, device number 42
[  281.750234][ T7255] F2FS-fs (loop3): invalid crc value
[  281.757389][ T7255] F2FS-fs (loop3): Found nat_bits in checkpoint
[  281.779975][ T7255] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  281.786551][ T7255] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  282.486845][  T943] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  282.726853][  T943] usb 2-1: Using ep0 maxpacket: 16
[  282.847069][  T943] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[  282.855874][  T943] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  282.865312][  T943] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  282.874767][  T943] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  282.884329][  T943] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  282.893975][  T943] usb 2-1: config 1 interface 0 has no altsetting 0
[  282.900422][  T943] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  282.909237][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.957571][  T943] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[  283.177576][  T943] scsi host1: usb-storage 2-1:1.0
[  283.382128][  T319] usb 2-1: USB disconnect, device number 41
[  284.416855][  T943] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  284.666863][  T943] usb 2-1: Using ep0 maxpacket: 16
[  284.786978][  T943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  284.797657][  T943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  284.807196][  T943] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  284.819900][  T943] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  284.828747][  T943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.837142][  T943] usb 2-1: config 0 descriptor??
[  285.317572][  T943] koneplus 0003:1E7D:2E22.0064: item fetching failed at offset 0/2
[  285.325367][  T943] koneplus 0003:1E7D:2E22.0064: parse failed
[  285.331214][  T943] koneplus: probe of 0003:1E7D:2E22.0064 failed with error -22
[  285.520511][  T943] usb 2-1: USB disconnect, device number 42
[  289.213111][ T7329] device syzkaller0 entered promiscuous mode
[  290.695541][ T7342] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  290.778311][   T24] kauditd_printk_skb: 6 callbacks suppressed
[  290.778322][   T24] audit: type=1326 audit(2000000156.750:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.807720][   T24] audit: type=1326 audit(2000000156.780:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.831243][   T24] audit: type=1326 audit(2000000156.780:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f61a1487990 code=0x7ffc0000
[  290.857310][   T24] audit: type=1326 audit(2000000156.780:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.880625][   T24] audit: type=1326 audit(2000000156.780:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.903971][   T24] audit: type=1326 audit(2000000156.780:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.927357][   T24] audit: type=1326 audit(2000000156.780:1900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.950889][   T24] audit: type=1326 audit(2000000156.780:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.974228][   T24] audit: type=1326 audit(2000000156.780:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  290.997399][   T24] audit: type=1326 audit(2000000156.780:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7341 comm="syz.1.2464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61a1488ff9 code=0x7ffc0000
[  294.021144][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  296.046840][    T5] Bluetooth: hci0: command 0x1003 tx timeout
[  296.052720][  T448] Bluetooth: hci0: sending frame failed (-49)
[  298.126864][  T688] Bluetooth: hci0: command 0x1001 tx timeout
[  298.132717][  T448] Bluetooth: hci0: sending frame failed (-49)
SYZFAIL: mkdir(syz-tmp) failed
 (errno 28: No space left on device)
loop exited with status 67
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: repeatedly failed to execute the program
proc=2 req=2420 state=1 status=67 (errno 9: Bad file descriptor)
[  299.760098][   T24] kauditd_printk_skb: 15 callbacks suppressed
[  299.760110][   T24] audit: type=1400 audit(2000000165.730:1919): avc:  denied  { write } for  pid=281 comm="syz-executor" path="pipe:[1446]" dev="pipefs" ino=1446 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  299.807455][ T7389] bridge: RTM_NEWNEIGH with invalid ether address
[  300.207025][  T688] Bluetooth: hci0: command 0x1009 tx timeout
[  300.768315][    T7] device bridge_slave_1 left promiscuous mode
[  300.774245][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.781793][    T7] device bridge_slave_0 left promiscuous mode
[  300.787793][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.795369][    T7] device veth1_macvtap left promiscuous mode
[  300.801355][    T7] device veth0_vlan left promiscuous mode
[  302.367624][    T7] device bridge_slave_1 left promiscuous mode
[  302.373545][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.380875][    T7] device bridge_slave_0 left promiscuous mode
[  302.386774][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.394384][    T7] device bridge_slave_1 left promiscuous mode
[  302.400344][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.407484][    T7] device bridge_slave_0 left promiscuous mode
[  302.413372][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.421020][    T7] device veth1_macvtap left promiscuous mode
[  302.426902][    T7] device veth0_vlan left promiscuous mode
[  302.432462][    T7] device veth1_macvtap left promiscuous mode
[  302.438211][    T7] device veth0_vlan left promiscuous mode
[  305.547364][    T7] device bridge_slave_1 left promiscuous mode
[  305.553273][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.560632][    T7] device bridge_slave_0 left promiscuous mode
[  305.566528][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.574129][    T7] device veth1_macvtap left promiscuous mode
[  305.580028][    T7] device veth0_vlan left promiscuous mode