last executing test programs:

4.419464157s ago: executing program 0:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

4.394117331s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)

4.391301811s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x8, &(0x7f0000000380)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000040)='mm_lru_insertion\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x2000)

4.346557149s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r0}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

4.33688364s ago: executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902120001000000000904"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000000280)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000680)={0x34, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0, 0x0})

3.079182714s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r0}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r2}, 0x9)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})

3.069095276s ago: executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x0, 0x0, 0x0)

3.048774609s ago: executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x144, 0x10, 0x633, 0x0, 0x0, {{@in=@multicast2, @in6=@dev}, {@in6=@loopback, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @mark={0xc, 0x15, {0x35075c}}]}, 0x144}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in=@multicast2, @in6=@dev}, {@in6=@loopback, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001740)=ANY=[@ANYBLOB="54010000100001000000000000000000ac1414aa000000000000000000000000fc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000ffffac141400000000006c000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000480003006465666c617465"], 0x154}}, 0x0)

2.957680943s ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000008480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1869d0d4d9cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f33ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00bb02000000000000c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a03bda7b6222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f5bce1cdaa99705a8fa48f61071f548d411353965615c24c1860790dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26b741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba00"/2219], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x48)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000200)=r3)
write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c980128846360864666702c1ffe800000000000"], 0xffdd)

2.826519113s ago: executing program 4:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448c9, 0x0)

2.00805961s ago: executing program 0:
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f0000000900)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
open(0x0, 0x802, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000500)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x0, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10)
r3 = dup(r1)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x204, 0x2, 0x2, 0x0, 0x0, 0x0, {}, [@CTA_EXPECT_NAT={0x1d0, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0xa0, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @private}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_EXPECT_NAT_TUPLE={0x50, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_EXPECT_NAT_TUPLE={0x58, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x6c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}]}, @CTA_EXPECT_NAT_DIR={0x8}]}, @CTA_EXPECT_MASK={0x20, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6}]}]}, 0x204}}, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000002700)='./file0\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, 0x0, 0x0)

1.029494891s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_es_find_extent_range_exit\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

1.021492993s ago: executing program 2:
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r3], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000100)=[{0x5}, {0x45}, {0x6}]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180100001700000000000000a54b0000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

990.558867ms ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='mm_page_alloc\x00', r5}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

889.773873ms ago: executing program 3:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x2808000, &(0x7f0000000480)=ANY=[@ANYBLOB="696f636861727365743d63703835302c756e695f786c6174653d302c6e66732c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c696f636861727365743d63703934392c00d9881a72837b57e52add36d7a08cfc9fbc10b9ce4cd5355da9996381c80e4b257d61b28c3f0458fff09addaf74c2d601afa181c2295048a773cc3a8f4517d728cc0675247322a49c9b8635c3dfd07d2f38afa489c5a3d89f6da93b68f0680ef9217d200a4257a3d4ea017559ad0d61b58da24a54eecdc6fdb5913a84eb32ffee030c125ec53ec02aa5733646dad7d6fb1cadc4da284ec57e3daab3aa02cb9d53926b8379565240e5e4e4297d1d9802d862"], 0x1, 0x29c, &(0x7f00000007c0)="$eJzs3b+KY1UYAPDvZpJMRoWksBLBC1pYhZ19gg0ywmIqJYU2urizIElYmEDAVYxb2QtWvoPv4APY+AYWloKdW4hXMvfe/M+OgUxGwu/X5Ms55zv/cmYGBu7JZ28O+4+fjp48//q3aDSSqDyIB/EiiVZUovRtAADH5EWWxZ9Z7qa21ahHRNYs3lUOMD0A4Bbs8vcfADgOH338yQedbvfiwzRtRAy/G/eSyF/z+s6T+CIGcRn3ohl/R2Qzefzaw+5FVNO0/GfA+Cx6EcNPfyned/6IuM4/j2a01vPff9i9OE9z8c5wMu5NR56+1uKVJKKTJXlH96MZr0dktSg6meff35AfvXq8+/aPxfz/uYx2NOPXz+NpDOLxdRfz/G/O0/S97Ie/vspX0ItIJuPe6XW7uezkYB8KAAAAAAAAAAAAAAAAAAAAAABHr53OtBbvzylvA2y3N9dvvR+ouOFnsnC/zr00TctrfMa9WuT51XijGtW7WzkAAAAAAAAAAAAAAAAAAAD8f4y+fNZ/NBhcXi0FP2dlSbK1zWpQXSgpH+u/OWtz0P8pYves/xLESTG1QbI2RFJWLWVVitLdxjrdpfHZ2qDP+o+ism0Pq4PIJ//97pvw1voCbyEoT9f0/NzQuLH5kCycurOis6tR8tJDuxxkG7buZGtWfU9rr7+6382crrg228zlNo3pJ7lQUtvzT8qKZO+/ewAAAAAAAAAAAAAAAAAAgGXzh37j97XK53cyJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4uPn3/8+CaK2WrAaTIvllbcrg9Gq0YdjWgZcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkfs3AAD//wdPWHc=")
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)

835.533061ms ago: executing program 3:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

621.018624ms ago: executing program 4:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000280), &(0x7f0000000200)=0x68)
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080))
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18)
utimensat(r1, 0x0, &(0x7f0000000880)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000003c0)={{0xa, 0x4e24, 0x6, @private0}, {0xa, 0x4e21, 0x16c2, @empty, 0x3}, 0x1, {[0x2, 0x81, 0x8000, 0x6, 0x6, 0x7, 0xffff, 0x8375]}}, 0x5c)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000080)='bpf_lsm_netlink_send\x00')

587.817239ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x4, 0xfff, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime')

510.219411ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f000019e000/0x4000)=nil, 0x200000, 0x9)

413.694996ms ago: executing program 1:
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001700)={0x0, 0x0, "1a2a1129fca7acf5413e4ac7c42b21674ae9ea4527d1d0cd1df97b0c70df5c3762fd8d3927ca549e35a94827ffea8b07c4f3a0d5b3f3f1bb0137d1b0f0cbf75914d733c83e697f34c64a2dbd33370d0fde79dec505cbc8aaa31b2adcadd10524dcd0d3e86aa03c27a579ff3d651e384538f8728850a28490f5b04c8e2534356cbc53d4f6b39635115b5140f45d9c8d0a9a1b080819ef3ff802efebddab554b38f1578004e4c945bad8784969a2e107dc9d003b9d73d5181cc87a3c8eefe7faf6498607044dec116c2ff5a7dbd5d3c23ae1305dba7372e08042ff8366c6c846faf902b960205a95447f862ee191a5b7acaeddaf41e3cf2714cc00a1088f080ef0", "70046f80db1934c84e592061f6736f4472e6b8c2385725020d7c847f88521488a14da30e38e19d29650a9761e65744ceae26df96b5ac19537568c4fb484a6c0a0886f2cf8c96051b884377c56a4b2f9f3d0b7120f1bf57e97aae69de0eb1a9c2042aab9b7aaa61ffb17e33653bcb9981331a9d96df60534c99a82bc494b6b3058b233d205ca827433da41478fbefb11cf8ba05f38773ee20c7a684efd49e9b7fa8a20f477395b8d666adae378cd210959e2c59407cf5996d780251d6aca932eb238785e43a19923b614557c423c8782ae90d9b3be30f89959296a24f7f96fecce3f1f6f1db8be4a865a8bdab81410db95f11428293569b228580b6d8d360260e4278720e318dd3a983291e57a4327b0423755a07b842bf48fa59a828a48205889ad0869f031745922b5a4a3cbb775a51e490a6567a5f8b467063cf74677ecacf31357ce04fd34d8a8d42cf943598669657274c9e0c0a9f1bc56dc0b8df955c589ce5b766612f0a1faea6d0d029f79befead5fb78b874266e6f91da6bc83859d3a8fd6e3ccc89a87a4c84343288875788b87f15f822947ad733099c6e8dd322795a613939bad1a1ab54feb493ce4e7c6185736bbaea8ebf948438b3d3135ca5f8ff3f6981e6f6f4d7d3973b960ea41cbb3cc50b15daeb652060967ac380769d6ede8042ac9635507ef22e23ace99b9e07e6d331eff3ca76c153baf4f69dd8c1119d2857fd5a0b9f04c567879275d39cc48117908fd7abc961996b2314a02a3a7f521086c737aee99b1dcd1ce20ad5dfc0fc0cb107e2029aac59f3a14535bd31ba713e26ead5008e6cd7151a7b22452e0cb3005d90ad507455199551bf55370bd79bc7a828b740d3ed74e5ceb72c4fdacf3f54a7efbd8631189b332659233e803d3c8de33359569e8b7907f3c1c20c0608fa889423e9e5dc1ee2107f7c7df5915f0fab4fa18f28b0031babce06b9bd736085cb812af912bb1c5abdddc2457711808b300ee6654c8d7112b89def9fadddd8139dd548e13a438e80fe5bd04dc1a9a7de79e668be012ea3c5750f76b332929529e374ca2084551824771df84a851a46a9f61aa484aba1dd6f02f180c9ae6e603df769d4f2f4791807173d343ca8bfbf4b07fccaa969e72ba7f12f47dc1955248ded4b6ad7c0437b31bf1c9b7809a2c3b2f2fd8d92c6aa0055179f2386437790ccb4c1ba41712313ed8eeeeedc49547084260f8e1d80f9f77f38edf5f2d13c2f4cf6ce606a7789cd471d0e733931d7749fc6f4aa0703195c72e670e2d07d8f64cee2e45e93e49d0eee487b5a408ddc383d7668e4f7366f6a61b2a5b515e48be9865b4a5bab2e437570db64ae9c16150f453c31e25a03316ac22b8e07bae167fb5586a8c75a8bbafd02ed236628f88086d681daa2d18ab48f13b431e457a44a6227f37209fc38d862ac61e39c49d6abedf7621c2e9bc230aa17d90aeb46c6e6a0ba14b105324440251523d505dc6fa76e9fa67950cae7cc4daf43ad4cd95863fb85561cd6b50f8948c122b5b0bd798833a4d09ae29f283f36a9546c063617108896e3e2f1570988feba490e3dfb485415b924b21cc5e075e97b752163c1780dd58715b5e639e7e19362a24c8e1f2d508e3fd2bd060f5312a79b64ff184818f2d38151cdd6ada1af7250142ca69f023701a3f5cdb95e2151742409c49ea06e9990399a0615346b8c89ffb271faed20bb27b02e83019c7f1cb85a3f9290fd76e65564ec2cee698b1bcd9de984b1453a1ea38939ba021ef9163304f5afe5732f007a0e6ba5c487aea9979f9231aed9e904590e76940131ac3cf40e7b679d59bc3631b8798d154057de8a67f49c5063574671d0c9fb1751c0b653deb31274b2ba47ba0b75ef5b8a0e764c4c0b13fb0e830041756cbedbd7e4b24ebdd09868e3500fb116189abb67f54064adc74cb78b515eba7fb088679df9e6f800accad7eb6aa9920d22f8a5103ff97d00b9a95d0b803759dd83e05e502013888492ea28a77551de7b8b3c95c752ce4367b8ff7722eadca5c67fde609d58a10589ef37b2e9179203b664af0e2a82353e0312f7a0e7f4df1eb6482924962e630bc1eda764cb294f071d7f8fee79264c64d568b2ccc2d4eb861b599733f182e88eb30ecb552ed59fed866d974de7bc07057c8050f07250673ef0774f9cfaf7180a494448469365d38bb558d240307521acd0722904b46fcc7c6dea5ce71971c1a1b5f5fc5731ca539cf8799155a20cbeb84001193a6d33401e3ce617c1e63e9d89007def6b9f58e62835e875bb14af465fafa16de23e8e3d06133347357d979f573db8b3937d71f218cf30b6bbacdd1ffb1bd6b1a74693d849398673c38cdc8ca8c1ae0583b66f7cbdaffa5a966dda68d5aa3943a7a22fa8f6ae166edcbd06897898d3be368f32737289a970366926575c4f972d33fb3e2c4b27698075efa06bb0b32476b918f5ca67346b2e620c77c1c6ae0d7bc7911cb88fd9db869f418bcde8c8d581fae5b5a86cd7e93045d5a1f439a2e0b46b5766d742e35327f66f38302c0e401ef15f0ce0a0d9f78d8408878018bcba3f35674e8c84ba395a6ebf4d2e7ceb6202277a9ac430699ad9c573343f5f8a3aa742924f6ddcd5b37baf4eb940c2aef0e78c696ead4f8ae2aa9f6f8fd63d1c322cc855a3b2f49ecaeaa66750a454da173ec79e75c0f580a049878d5b22074cda0816ebc4e3c2e1ca48087b6230fdae2e4a64618e4ee3be28e2fdd10229d8b4d5a91306b6b1f2296ed5317a202826a543a226f7b2e0bf0f48d1d5d1fd6a3640e58a4a88edecf32311100e304f1e5708196f189da4d0396e200e91b5e81e6c6a5d81813a504ea8eb14ca7f831f0045589836223ce2fa341b16704df110ce34a0c84da4e5c15a6febb649ce9e77a67e29d9929d83e96a8ea792625278a476343e06e005e63e2a96e8021b23b26b924105641e0b5fb755a9044927d3940cb104e59e2fc5fb6520e08a01cecb475bc3f26d568fd517313df44a6d01636b56bebc42fee15adcd1ad9ec7d97fa59687991f826478bf2d292e674d700a1a1c89fd74c7041cf3366bf12edfdc8862f94efcd8fc483239e13e61dc3c7220ea14391b71fec868b897a2ac8bcad6e9c93c6f8c2956a340496ceddfe6da9e29e9e1c17fd8c71325e0b534b9f4f2567e4e6d7055a8eff37808bc7a05bb24d9ccbcec4f4b3a2dbac0b5ac75ed09c0e1e49b6e4191e01b6fe037f0b60efea245ab3759ecf4aa7f9b40d951e5d9a94a89f22e537b8967085fffdcd65933e3185cecb3f4f5d4f616560c8edcaf3592f7280851f2e4552a58b4bff9fbb1a65e021765279a7431414f802bb02817472f858ae8685f61f47ad96798147aa4d2f8caba46a46c3c9565d321c2e63cef7420477163709b9c82cdfc61ef4066bd718695545e872c16a055dac299e00dbaade8a1a8dfca684a06e9d7c92b968dfb9c5bc8b9a1fb9738ad8712a48ac4894f1b3790b8226fa455fcc962e654d22645f2376d7475595812aca85c826c96ed1ee27db0c545903985165af006dac456752a39953bdd0baa8f77a183f80a63cda03de7856ce1481f1d4df968781f2243fa59ac32a3deb59d971a45b5c483e7eea2a9376c7776255781129aee21c2378c32a4e8f11c5ec42bbeb2c94c92a988c9c34d56f4296b1d02134ddc0f856ea932ace9a3b205b9bd391151bf87d936f94a49599173cc96e8469aba8ad986a36893234b6246f6d7da792e969543260b7ed5d414beaf1488e51c13bbbe3e65bf45d0a67d1bb3aac3dc1511d0c1d3dd66d57f90545a89b07711f3be58a6baf8cdf9986364b232c87c73d6194eeb87068e27fcaedc265c9784e9575a2b1adea179a2f6c74365a4911b8ec563113fc7434031a3d3e3b910ed190ce1f1312f0cd5429abf1c862feebbe0611a37f9dd5f0cf9112f48a30a151d9dd759a76774eab532eca12e7c7a5aa557f6823a8f4bc1d131b7c4f08623821b6c1b252ac170e9f60ef0d4cd8884d6966158e7d75adaad1402776c4526963e706bcb348166a1bdc49b6503cf7e712fc1e6576c4e4d7a97d03a1b1f20b6aa8596a027fecbf16c2f681127b05848fbd61e04f0d53a4539261960f54d6ccc96eb39242b5602959ef44202e1d808b72d1b9cc77cdaf009d1144bf49bf406387444bbfbb6c16a3c297693d7628625ef5672efd8128524ffa826e5a9f610df93e93c1b31dbd5cb942753201a08cccfa7a6e0a33bf126ecbffe3ca088b5916ae78bd60801b62b48300ea0b784a6ee145a790d6f74452381470cf1a6b54f546d0527d8cd8548ac2020d0a78aa3870ccba36bc3b718350f072e7918757abb3bbc650d327d15fb4b7f03f13116a357fcb627f498f874c52dd2d21df3558cfb0fb64b39491b279bddfd314be088d858ec967ebbd21c7b155bac23ea99c728680540b704dd110a0575b947b6f3b6f27e1678cce84d644c3ebe1910a631b35000c95a90b4734d445c72e7d5345be851ec27f255beb249fd50ea08cbe1319dcacca5255fac5686b9ca9027cd195783f42748dea9eb79fd7835c7122ac402ac8d22abe0b6622309d71ead40afd92fca4e3c195c41d9df14f6aa096c60d74e5e9ef0dde08d56ba69885705e1aafe64fce5585c0e869a359ae416c8fc0a04ec078d0437426fe329858068047b270205bf9f4db3b82038f054415b62fa0ba7d735b29f36e8f2000347a0708f3b220c1b921870837e220a9e4d0cda5f5dbfcb357248472be06f38e1b10555b75f01def235ef4c1896e639f42a7d41d2d7da9057d99908a190a194d870f4d5bcc2210e9fcbb3c99682ba12aa35078c4004050988246db66f9c9c4f03ba7f72688089f99c3fa425ce52de664bd4a52b33ccc182485d5fbe314d89932f1e1532d150a989a6cc03ce9c23968e6d3dde2518dea264e9929e1447fe892f821a257701b97f592c14d43e7af3db8d8028f9ac59f37ad5f38fbf9ba8e6f22c1204404cac9f0a5519504076f9940ea9f281e663470fb3bf495898da5e9482ca563150a68104258098c46914292699e1d20198068d04244ee7aeb6b02c46a15c5321301627f6225fc8f23e7f6fdd8fd2a43e39c75c4f395faca348aadb6a0af812a00437238f6c6083ba18365c85597da856f728d7fe6bf385a88543ba1dbebf0679722a62f2a8811bfb61a5d445fb644bf1a503ddeb3c39831a87ef86fc8fed8fbf30530c44f637202c7c6a6d97903448787fad443a9d7c4f293bb3dc1a8b2882727083296518a10b21b64c55b0085bb0ab3370def43b4351ce35080f532874a0774253df6095961bdb11b58c14e6d693ce58e490115fb00d7d159d980ba84fdac4846b942e27d5bd447be68efda4a57610542a5478803cf3e41de59c58406530ab4c768a15280a423e80e0b9087ffc"})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0x6, &(0x7f0000000140)={&(0x7f0000002180)=ANY=[], 0x48}}, 0x0)

404.424238ms ago: executing program 1:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x2808000, &(0x7f0000000480)=ANY=[@ANYBLOB="696f636861727365743d63703835302c756e695f786c6174653d302c6e66732c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c696f636861727365743d63703934392c00d9881a72837b57e52add36d7a08cfc9fbc10b9ce4cd5355da9996381c80e4b257d61b28c3f0458fff09addaf74c2d601afa181c2295048a773cc3a8f4517d728cc0675247322a49c9b8635c3dfd07d2f38afa489c5a3d89f6da93b68f0680ef9217d200a4257a3d4ea017559ad0d61b58da24a54eecdc6fdb5913a84eb32ffee030c125ec53ec02aa5733646dad7d6fb1cadc4da284ec57e3daab3aa02cb9d53926b8379565240e5e4e4297d1d9802d862"], 0x1, 0x29c, &(0x7f00000007c0)="$eJzs3b+KY1UYAPDvZpJMRoWksBLBC1pYhZ19gg0ywmIqJYU2urizIElYmEDAVYxb2QtWvoPv4APY+AYWloKdW4hXMvfe/M+OgUxGwu/X5Ms55zv/cmYGBu7JZ28O+4+fjp48//q3aDSSqDyIB/EiiVZUovRtAADH5EWWxZ9Z7qa21ahHRNYs3lUOMD0A4Bbs8vcfADgOH338yQedbvfiwzRtRAy/G/eSyF/z+s6T+CIGcRn3ohl/R2Qzefzaw+5FVNO0/GfA+Cx6EcNPfyned/6IuM4/j2a01vPff9i9OE9z8c5wMu5NR56+1uKVJKKTJXlH96MZr0dktSg6meff35AfvXq8+/aPxfz/uYx2NOPXz+NpDOLxdRfz/G/O0/S97Ie/vspX0ItIJuPe6XW7uezkYB8KAAAAAAAAAAAAAAAAAAAAAABHr53OtBbvzylvA2y3N9dvvR+ouOFnsnC/zr00TctrfMa9WuT51XijGtW7WzkAAAAAAAAAAAAAAAAAAAD8f4y+fNZ/NBhcXi0FP2dlSbK1zWpQXSgpH+u/OWtz0P8pYves/xLESTG1QbI2RFJWLWVVitLdxjrdpfHZ2qDP+o+ism0Pq4PIJ//97pvw1voCbyEoT9f0/NzQuLH5kCycurOis6tR8tJDuxxkG7buZGtWfU9rr7+6382crrg228zlNo3pJ7lQUtvzT8qKZO+/ewAAAAAAAAAAAAAAAAAAgGXzh37j97XK53cyJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4uPn3/8+CaK2WrAaTIvllbcrg9Gq0YdjWgZcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkfs3AAD//wdPWHc=")
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)

384.132321ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000100001c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
tee(r1, r3, 0x1000, 0x0)

370.023453ms ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r0, &(0x7f00000003c0)={[{0x0, 'blkio'}]}, 0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='ext4_remove_blocks\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

358.701685ms ago: executing program 3:
syz_usb_connect$hid(0x0, 0x17, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000000000", 0x39}], 0x1)

311.159822ms ago: executing program 1:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
write$vga_arbiter(r0, &(0x7f0000000600)=ANY=[@ANYBLOB='target '], 0x14)

303.742264ms ago: executing program 1:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

138.912979ms ago: executing program 2:
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x51}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

128.109671ms ago: executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x5452, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3f)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x0, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000000)={0x1, 0x12, 0x10, 0x18, 0x1, 0x1f, 0x1, 0xb8})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ppoll(&(0x7f00000001c0)=[{r6}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r1)

12.585399ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x2e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

0s ago: executing program 2:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

kernel console output (not intermixed with test programs):

state
[  433.304038][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.311507][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  433.319394][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  433.338140][ T1353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.338661][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  433.357490][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  433.365427][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  433.368081][ T1353] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  433.373469][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  433.390545][ T1353] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  433.398082][ T2552] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  433.411790][ T1353] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.418091][ T2552] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.427831][ T1353] usb 4-1: config 0 descriptor??
[  433.427903][T10018] device veth0_vlan entered promiscuous mode
[  433.439257][  T799] device bridge_slave_1 left promiscuous mode
[  433.445206][  T799] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.452456][ T2552] usb 3-1: Product: syz
[  433.456572][ T2552] usb 3-1: Manufacturer: syz
[  433.461553][  T799] device bridge_slave_0 left promiscuous mode
[  433.467519][ T2552] usb 3-1: SerialNumber: syz
[  433.472033][  T799] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.479495][  T413] tipc: Node number set to 10005162
[  433.486418][  T799] device veth1_macvtap left promiscuous mode
[  433.492397][  T799] device veth0_vlan left promiscuous mode
[  433.518598][ T2552] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  433.527076][ T2552] cdc_ncm 3-1:1.0: bind() failure
[  433.633157][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  433.641583][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  433.651295][T10018] device veth1_macvtap entered promiscuous mode
[  433.670149][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  433.677636][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  433.685865][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  433.698738][  T221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  433.706900][  T221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  433.739049][T10038] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.746046][T10038] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.753576][T10038] device bridge_slave_0 entered promiscuous mode
[  433.812609][T10038] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.819704][T10038] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.827033][T10038] device bridge_slave_1 entered promiscuous mode
[  433.886531][T10038] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.893426][T10038] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.900481][T10038] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.907267][T10038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.916365][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.926535][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.933852][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.940996][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.948068][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.955105][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.962289][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.970759][T10053] loop4: detected capacity change from 0 to 2048
[  433.976983][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.984036][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.991713][ T1353] microsoft 0003:045E:07DA.0052: unknown main item tag 0x0
[  433.994386][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  434.006792][ T1353] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0052/input/input63
[  434.006832][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.021155][T10053] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  434.033491][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.045256][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  434.053657][  T834] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.060533][  T834] bridge0: port 1(bridge_slave_0) entered forwarding state
[  434.068436][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  434.069828][T10018] EXT4-fs (loop4): unmounting filesystem.
[  434.076535][  T834] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.088671][  T834] bridge0: port 2(bridge_slave_1) entered forwarding state
[  434.097935][ T1353] microsoft 0003:045E:07DA.0052: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  434.130975][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  434.139621][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  434.147432][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  434.158933][T10038] device veth0_vlan entered promiscuous mode
[  434.166311][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  434.175438][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  434.182711][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  434.203331][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  434.212837][T10038] device veth1_macvtap entered promiscuous mode
[  434.225217][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  434.241393][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  434.324251][ T1353] usb 4-1: USB disconnect, device number 34
[  434.356678][   T28] audit: type=1400 audit(2000000170.280:15789): avc:  denied  { ioctl } for  pid=10076 comm="syz-executor.4" path="/root/syzkaller-testdir416814115/syzkaller.zUWpIe/12/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  434.675222][  T799] device bridge_slave_1 left promiscuous mode
[  434.698830][  T799] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.708627][  T799] device bridge_slave_0 left promiscuous mode
[  434.714885][  T799] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.727870][  T799] device veth1_macvtap left promiscuous mode
[  434.734929][  T799] device veth0_vlan left promiscuous mode
[  434.898809][T10097] loop1: detected capacity change from 0 to 128
[  434.913649][T10097] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  434.922549][T10097] ext4 filesystem being mounted at /root/syzkaller-testdir1419498991/syzkaller.ad6jVf/5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  434.982162][T10038] EXT4-fs (loop1): unmounting filesystem.
[  435.019581][T10112] loop3: detected capacity change from 0 to 2048
[  435.039587][T10112] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  435.064235][ T7831] EXT4-fs (loop3): unmounting filesystem.
[  435.160624][T10114] loop1: detected capacity change from 0 to 40427
[  435.167569][T10114] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  435.175160][T10114] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  435.184083][T10114] F2FS-fs (loop1): invalid crc value
[  435.190757][T10114] F2FS-fs (loop1): Found nat_bits in checkpoint
[  435.228780][T10114] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  435.245022][T10114] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  435.274743][ T2552] usb 3-1: USB disconnect, device number 24
[  435.371225][  T834] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  435.549568][T10140] syz-executor.1: attempt to access beyond end of device
[  435.549568][T10140] loop1: rw=2049, sector=77824, nr_sectors = 536 limit=40427
[  435.768154][  T429] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  435.808118][  T834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  435.818963][  T834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  435.828603][  T834] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  435.837468][  T834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.847702][  T834] usb 4-1: config 0 descriptor??
[  435.915692][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  435.925768][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  436.028104][  T429] usb 5-1: Using ep0 maxpacket: 16
[  436.109425][   T28] audit: type=1400 audit(2000000172.030:15790): avc:  denied  { create } for  pid=10143 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  436.150451][   T28] audit: type=1400 audit(2000000172.030:15791): avc:  denied  { write } for  pid=10143 comm="syz-executor.0" path="socket:[61261]" dev="sockfs" ino=61261 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  436.206683][   T28] audit: type=1400 audit(2000000172.030:15792): avc:  denied  { nlmsg_read } for  pid=10143 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  436.368135][  T429] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  436.372391][  T834] hid (null): nested delimiters
[  436.384787][  T834] hid-led 0003:27B8:01ED.0053: nested delimiters
[  436.391010][  T834] hid-led 0003:27B8:01ED.0053: item 0 1 2 10 parsing failed
[  436.396620][  T429] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  436.410914][  T834] hid-led: probe of 0003:27B8:01ED.0053 failed with error -22
[  436.411033][  T429] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  436.418347][  T429] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.419056][  T429] usb 5-1: config 0 descriptor??
[  436.699177][  T834] usb 4-1: USB disconnect, device number 35
[  437.089005][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.096057][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.103144][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.110119][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.117167][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.124165][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.131363][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.138486][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.145470][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.162544][  T429] microsoft 0003:045E:07DA.0054: unknown main item tag 0x0
[  437.175522][  T429] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0054/input/input64
[  437.235472][T10197] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10197 comm=syz-executor.2
[  437.251203][  T429] microsoft 0003:045E:07DA.0054: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  437.265586][T10201] loop3: detected capacity change from 0 to 512
[  437.279503][T10201] EXT4-fs (loop3): Test dummy encryption mode enabled
[  437.382979][T10201] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.3: inline data xattr refers to an external xattr inode
[  437.398420][T10201] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 12 (err -117)
[  437.410684][T10201] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  437.427198][ T7831] EXT4-fs (loop3): unmounting filesystem.
[  437.595622][  T834] usb 5-1: USB disconnect, device number 25
[  437.719754][T10213] overlayfs: workdir and upperdir must be separate subtrees
[  437.742295][T10215] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  437.754887][   T28] audit: type=1400 audit(2000000173.680:15793): avc:  denied  { getopt } for  pid=10214 comm="syz-executor.0" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  437.782051][T10219] futex_wake_op: syz-executor.3 tries to shift op by 144; fix this program
[  437.960095][T10241] overlayfs: workdir and upperdir must be separate subtrees
[  437.988911][T10245] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  438.011306][T10247] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  438.020355][T10247] exFAT-fs (loop1): unable to read boot sector
[  438.026367][T10247] exFAT-fs (loop1): failed to read boot sector
[  438.032450][T10247] exFAT-fs (loop1): failed to recognize exfat type
[  438.048705][T10249] futex_wake_op: syz-executor.1 tries to shift op by 144; fix this program
[  438.078095][  T221] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  438.196552][T10265] input: syz0 as /devices/virtual/input/input65
[  438.227960][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.237593][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.251507][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.262339][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.273906][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.281823][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.290465][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.297890][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.305283][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.312760][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.325111][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.337763][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.349956][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.363298][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.374236][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382064][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382091][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382114][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382135][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382156][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382178][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382199][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382220][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382241][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382262][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382283][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382304][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382324][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382345][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382366][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382386][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382407][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382428][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382448][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382469][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382490][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382511][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382532][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382553][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382575][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382596][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382617][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.382637][  T834] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  438.383356][  T834] hid-generic 0000:0000:0000.0055: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  438.438841][T10275] 9pnet_fd: Insufficient options for proto=fd
[  438.514080][T10277] loop1: detected capacity change from 0 to 512
[  438.517751][  T221] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.550002][T10277] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  438.554450][  T221] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.562016][T10277] ext4 filesystem being mounted at /root/syzkaller-testdir1419498991/syzkaller.ad6jVf/26/bus supports timestamps until 2038 (0x7fffffff)
[  438.569024][  T221] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  438.670943][  T221] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.672409][T10038] EXT4-fs (loop1): unmounting filesystem.
[  438.679527][  T221] usb 4-1: config 0 descriptor??
[  438.817407][T10293] tipc: Enabling of bearer <eth:vlan0> rejected, already enabled
[  439.237096][  T834] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  439.245615][  T221] hid (null): nested delimiters
[  439.256515][  T221] hid-led 0003:27B8:01ED.0056: nested delimiters
[  439.263250][  T221] hid-led 0003:27B8:01ED.0056: item 0 1 2 10 parsing failed
[  439.272949][  T221] hid-led: probe of 0003:27B8:01ED.0056 failed with error -22
[  439.451182][  T413] usb 4-1: USB disconnect, device number 36
[  439.498043][  T834] usb 2-1: Using ep0 maxpacket: 16
[  439.618136][  T834] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.628977][  T834] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  439.638557][  T834] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  439.648122][  T834] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  439.657650][  T834] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  439.818113][  T834] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  439.827028][  T834] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.834804][  T834] usb 2-1: Product: syz
[  439.871511][  T834] usb 2-1: Manufacturer: syz
[  439.877419][  T834] usb 2-1: SerialNumber: syz
[  439.941052][T10312] loop4: detected capacity change from 0 to 512
[  439.960139][T10312] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  439.970659][T10312] ext4 filesystem being mounted at /root/syzkaller-testdir416814115/syzkaller.zUWpIe/19/bus supports timestamps until 2038 (0x7fffffff)
[  440.003799][T10018] EXT4-fs (loop4): unmounting filesystem.
[  440.158099][  T834] cdc_ncm 2-1:1.0: bind() failure
[  440.163673][  T834] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  440.170290][  T834] cdc_ncm 2-1:1.1: bind() failure
[  440.175839][  T834] usb 2-1: USB disconnect, device number 36
[  440.298055][  T413] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  440.688134][  T413] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  440.698234][  T413] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  440.706969][  T413] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  440.968166][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  441.178204][T10345] overlayfs: workdir and upperdir must be separate subtrees
[  441.508331][  T413] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  441.534027][T10356] futex_wake_op: syz-executor.3 tries to shift op by 144; fix this program
[  441.553924][  T413] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.561939][  T413] usb 5-1: Product: syz
[  441.565886][  T413] usb 5-1: Manufacturer: syz
[  441.570343][  T413] usb 5-1: SerialNumber: syz
[  441.634601][  T413] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  441.641546][  T413] cdc_ncm 5-1:1.0: bind() failure
[  441.938077][  T834] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  442.208076][  T834] usb 4-1: Using ep0 maxpacket: 8
[  442.558122][  T834] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  442.567033][  T834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.575795][  T834] usb 4-1: config 0 descriptor??
[  443.054088][  T429] usb 5-1: USB disconnect, device number 26
[  443.418288][T10418] 9pnet_fd: Insufficient options for proto=fd
[  444.438073][  T429] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  444.548393][T10428] binder: 10427:10428 ioctl 5514 0 returned -22
[  444.828097][  T429] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  444.838168][  T429] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  444.846855][  T429] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  444.866966][T10449] loop1: detected capacity change from 0 to 40427
[  444.874053][T10449] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  444.881814][T10449] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  444.890985][T10449] F2FS-fs (loop1): invalid crc value
[  444.897600][T10449] F2FS-fs (loop1): Found nat_bits in checkpoint
[  444.936802][  T834] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  444.944658][T10449] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  444.947051][  T834] asix: probe of 4-1:0.0 failed with error -71
[  444.960562][  T834] usb 4-1: USB disconnect, device number 37
[  444.967270][T10449] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  445.571843][  T429] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  445.619886][  T429] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.651031][T10459] syz-executor.1: attempt to access beyond end of device
[  445.651031][T10459] loop1: rw=2049, sector=77824, nr_sectors = 536 limit=40427
[  445.881627][  T429] usb 5-1: Product: syz
[  445.885717][  T429] usb 5-1: Manufacturer: syz
[  445.892698][  T429] usb 5-1: SerialNumber: syz
[  445.936070][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  445.945237][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  445.958494][  T429] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  445.965539][  T429] cdc_ncm 5-1:1.0: bind() failure
[  446.608082][ T2552] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  446.878093][ T2552] usb 4-1: Using ep0 maxpacket: 16
[  447.018308][ T2552] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.029128][ T2552] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  447.038753][ T2552] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  447.048320][ T2552] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  447.057736][ T2552] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  447.288122][ T2552] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  447.297029][ T2552] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.304830][ T2552] usb 4-1: Product: syz
[  447.308824][ T2552] usb 4-1: Manufacturer: syz
[  447.313240][ T2552] usb 4-1: SerialNumber: syz
[  447.510565][  T413] usb 5-1: USB disconnect, device number 27
[  447.588193][ T2552] cdc_ncm 4-1:1.0: bind() failure
[  447.594037][ T2552] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  447.600734][ T2552] cdc_ncm 4-1:1.1: bind() failure
[  447.606563][ T2552] usb 4-1: USB disconnect, device number 38
[  448.150800][T10526] syz-executor.3[10526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  448.150858][T10526] syz-executor.3[10526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  448.188118][  T413] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  448.272792][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  448.313536][T10544] loop3: detected capacity change from 0 to 256
[  448.319976][T10544] exfat: Deprecated parameter 'namecase'
[  448.328358][T10544] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  448.448085][  T413] usb 5-1: Using ep0 maxpacket: 8
[  448.588137][  T413] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  448.597678][  T413] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.606020][  T413] usb 5-1: config 0 descriptor??
[  448.818041][  T834] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  449.058078][  T834] usb 4-1: Using ep0 maxpacket: 16
[  449.178390][  T834] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.189134][  T834] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  449.198718][  T834] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  449.208434][  T834] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  449.217934][  T834] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  449.798138][  T834] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  449.807117][  T834] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.815034][  T834] usb 4-1: Product: syz
[  449.819007][  T834] usb 4-1: Manufacturer: syz
[  449.823405][  T834] usb 4-1: SerialNumber: syz
[  450.108089][  T834] cdc_ncm 4-1:1.0: bind() failure
[  450.113702][  T834] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  450.120351][  T834] cdc_ncm 4-1:1.1: bind() failure
[  450.125886][  T834] usb 4-1: USB disconnect, device number 39
[  450.597569][T10566] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  450.876076][T10581] sch_fq: defrate 32 ignored.
[  451.178122][  T413] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  451.188081][  T413] asix: probe of 5-1:0.0 failed with error -71
[  451.194850][  T413] usb 5-1: USB disconnect, device number 28
[  451.696825][T10591] device veth0_vlan left promiscuous mode
[  451.702744][T10591] device veth0_vlan entered promiscuous mode
[  451.709860][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  451.723771][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  451.733541][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  451.760151][T10595] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  451.860806][T10583] loop3: detected capacity change from 0 to 131072
[  451.869617][T10583] F2FS-fs (loop3): invalid crc value
[  451.876287][T10583] F2FS-fs (loop3): Found nat_bits in checkpoint
[  451.896759][T10602] loop4: detected capacity change from 0 to 512
[  451.910269][T10602] EXT4-fs (loop4): 1 orphan inode deleted
[  451.915916][T10602] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  451.924790][T10602] ext4 filesystem being mounted at /root/syzkaller-testdir416814115/syzkaller.zUWpIe/36/file1 supports timestamps until 2038 (0x7fffffff)
[  451.940055][T10583] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  452.839948][T10018] EXT4-fs (loop4): unmounting filesystem.
[  453.497259][T10625] sch_fq: defrate 32 ignored.
[  453.504388][T10625] loop3: detected capacity change from 0 to 512
[  453.511425][T10625] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  453.530324][T10625] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 248: padding at end of block bitmap is not set
[  453.545180][T10625] Quota error (device loop3): write_blk: dquota write failed
[  453.552451][T10625] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  453.562486][T10625] EXT4-fs (loop3): 1 truncate cleaned up
[  453.568003][T10625] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  453.577451][T10625] ext4 filesystem being mounted at /root/syzkaller-testdir391647062/syzkaller.5Xd7ID/223/bus supports timestamps until 2038 (0x7fffffff)
[  453.594686][T10625] EXT4-fs error (device loop3): __ext4_remount:6412: comm syz-executor.3: Abort forced by user
[  453.605130][T10625] EXT4-fs (loop3): Remounting filesystem read-only
[  453.850216][T10634] loop4: detected capacity change from 0 to 40427
[  453.857108][T10634] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  453.864709][T10634] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  453.873474][T10634] F2FS-fs (loop4): invalid crc value
[  453.879950][T10634] F2FS-fs (loop4): Found nat_bits in checkpoint
[  453.914424][T10634] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  453.921470][T10634] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  454.185567][T10640] syz-executor.4: attempt to access beyond end of device
[  454.185567][T10640] loop4: rw=2049, sector=77824, nr_sectors = 536 limit=40427
[  454.306544][ T7831] EXT4-fs (loop3): unmounting filesystem.
[  454.363615][   T28] audit: type=1400 audit(2000000190.290:15794): avc:  denied  { ioctl } for  pid=10647 comm="syz-executor.3" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  454.393203][   T28] audit: type=1400 audit(2000000190.320:15795): avc:  denied  { setopt } for  pid=10645 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  454.492193][T10655] fuse: Bad value for 'fd'
[  454.498121][T10655] fuse: Bad value for 'fd'
[  454.958267][  T916] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  454.987809][  T916] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  455.090959][T10658] input: syz0 as /devices/virtual/input/input70
[  455.878050][ T1353] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  456.218227][T10679] sch_fq: defrate 32 ignored.
[  456.226264][T10679] loop4: detected capacity change from 0 to 512
[  456.233573][T10679] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  456.250562][T10679] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set
[  456.265868][T10679] Quota error (device loop4): write_blk: dquota write failed
[  456.273160][T10679] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  456.278167][ T1353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  456.283356][T10679] EXT4-fs (loop4): 1 truncate cleaned up
[  456.299095][ T1353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  456.299211][T10679] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  456.317445][T10679] ext4 filesystem being mounted at /root/syzkaller-testdir416814115/syzkaller.zUWpIe/41/bus supports timestamps until 2038 (0x7fffffff)
[  456.328038][ T1353] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  456.349815][ T1353] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.358553][T10679] EXT4-fs error (device loop4): __ext4_remount:6412: comm syz-executor.4: Abort forced by user
[  456.369065][ T1353] usb 4-1: config 0 descriptor??
[  456.369085][T10679] EXT4-fs (loop4): Remounting filesystem read-only
[  456.848522][ T1353] keytouch 0003:0926:3333.0057: fixing up Keytouch IEC report descriptor
[  456.857845][ T1353] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0057/input/input71
[  456.900970][T10018] EXT4-fs (loop4): unmounting filesystem.
[  456.940049][ T1353] keytouch 0003:0926:3333.0057: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  457.054148][  T221] usb 4-1: USB disconnect, device number 40
[  457.717338][T10717] loop3: detected capacity change from 0 to 256
[  459.118503][T10771] input: syz0 as /devices/virtual/input/input73
[  459.426206][T10772] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.433279][T10772] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.440701][T10772] device bridge_slave_0 entered promiscuous mode
[  459.451646][T10772] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.458812][T10772] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.465958][T10772] device bridge_slave_1 entered promiscuous mode
[  459.516318][T10772] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.523194][T10772] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.530267][T10772] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.537056][T10772] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.561191][  T221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  459.569142][  T221] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.576279][  T221] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.588104][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  459.596126][ T1353] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.602980][ T1353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.611701][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  459.619752][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.626602][ T4152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.649183][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  459.657905][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  459.665741][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  459.677772][T10772] device veth0_vlan entered promiscuous mode
[  459.684090][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  459.693501][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  459.700782][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  459.714147][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  459.723269][T10772] device veth1_macvtap entered promiscuous mode
[  459.733045][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  459.746927][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  459.769335][  T916] device bridge_slave_1 left promiscuous mode
[  459.775416][  T916] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.784545][  T916] device bridge_slave_0 left promiscuous mode
[  459.790654][  T916] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.809084][  T916] device veth1_macvtap left promiscuous mode
[  459.814969][  T916] device veth0_vlan left promiscuous mode
[  459.876173][T10782] loop3: detected capacity change from 0 to 256
[  459.941239][T10779] loop4: detected capacity change from 0 to 40427
[  459.951795][T10779] F2FS-fs (loop4): Found nat_bits in checkpoint
[  460.032498][T10779] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  460.075788][T10772] syz-executor.4: attempt to access beyond end of device
[  460.075788][T10772] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  460.296818][T10804] loop3: detected capacity change from 0 to 32768
[  460.324294][   T28] audit: type=1326 audit(2000000196.240:15796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058ec7cea9 code=0x7ffc0000
[  460.349811][   T28] audit: type=1326 audit(2000000196.240:15797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=324 compat=0 ip=0x7f058ec7cea9 code=0x7ffc0000
[  460.378375][   T28] audit: type=1326 audit(2000000196.240:15798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10808 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f058ec7cea9 code=0x7ffc0000
[  461.299616][T10834] loop4: detected capacity change from 0 to 131072
[  461.307546][T10834] F2FS-fs (loop4): invalid crc value
[  461.314872][T10840] sch_fq: defrate 32 ignored.
[  461.321087][T10834] F2FS-fs (loop4): Found nat_bits in checkpoint
[  461.358448][T10834] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  461.421030][T10846] tipc: Resetting bearer <eth:vlan0>
[  461.435415][T10846] device veth0_vlan left promiscuous mode
[  461.441306][T10846] device veth0_vlan entered promiscuous mode
[  461.448487][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  461.456596][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  461.464070][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  462.496979][T10873] syz-executor.3[10873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  462.497053][T10873] syz-executor.3[10873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  462.854386][T10870] loop4: detected capacity change from 0 to 32768
[  462.873632][T10879] tipc: Resetting bearer <eth:vlan0>
[  462.884688][T10879] device veth0_vlan left promiscuous mode
[  462.890595][T10879] device veth0_vlan entered promiscuous mode
[  462.897435][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  462.905595][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  462.913804][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  463.829044][T10901] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  463.995135][   T28] audit: type=1400 audit(2000000199.920:15799): avc:  denied  { unmount } for  pid=10772 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  464.360838][T10908] device sit0 entered promiscuous mode
[  464.496861][T10917] loop3: detected capacity change from 0 to 512
[  464.506054][T10917] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  464.523883][T10917] EXT4-fs warning (device loop3): dx_probe:868: inode #2: comm syz-executor.3: Unimplemented hash flags: 0x0001
[  464.537119][T10917] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended
[  464.551441][T10917] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path /root/syzkaller-testdir391647062/syzkaller.5Xd7ID/267/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  464.602346][ T7831] EXT4-fs (loop3): unmounting filesystem.
[  464.618997][T10915] loop4: detected capacity change from 0 to 32768
[  464.721935][   T28] audit: type=1400 audit(2000000200.650:15800): avc:  denied  { mount } for  pid=10936 comm="syz-executor.3" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  464.745210][   T28] audit: type=1400 audit(2000000200.650:15801): avc:  denied  { mounton } for  pid=10936 comm="syz-executor.3" path="/root/syzkaller-testdir391647062/syzkaller.5Xd7ID/271/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  464.860789][  T916] tipc: Disabling bearer <eth:vlan0>
[  464.866191][  T916] tipc: Left network mode
[  464.913397][T10948] 9pnet_fd: Insufficient options for proto=fd
[  465.044443][T10951] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.051592][T10951] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.059547][T10951] device bridge_slave_0 entered promiscuous mode
[  465.069617][T10951] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.076472][T10951] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.083885][T10951] device bridge_slave_1 entered promiscuous mode
[  465.136586][T10951] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.143490][T10951] bridge0: port 2(bridge_slave_1) entered forwarding state
[  465.150603][T10951] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.157440][T10951] bridge0: port 1(bridge_slave_0) entered forwarding state
[  465.187480][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  465.195464][ T2552] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.203052][ T2552] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.221934][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  465.230208][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.237078][ T4152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  465.244333][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  465.252402][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.259262][ T4152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  465.278830][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  465.286773][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  465.303331][T10951] device veth0_vlan entered promiscuous mode
[  465.311443][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  465.320099][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  465.327413][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  465.334856][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  465.352511][T10951] device veth1_macvtap entered promiscuous mode
[  465.361356][ T2552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  465.378668][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  465.386897][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  465.420017][  T916] device bridge_slave_1 left promiscuous mode
[  465.439303][  T916] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.458529][  T916] device bridge_slave_0 left promiscuous mode
[  465.464497][  T916] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.483270][  T916] device veth1_macvtap left promiscuous mode
[  465.489310][  T916] device veth0_vlan left promiscuous mode
[  465.549125][T10996] syz-executor.3[10996] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.549203][T10996] syz-executor.3[10996] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.708644][T10992] loop4: detected capacity change from 0 to 32768
[  466.082397][   T28] audit: type=1400 audit(2000000202.010:15802): avc:  denied  { mount } for  pid=11034 comm="syz-executor.3" name="/" dev="pstore" ino=12781 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  466.107820][T11035] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  466.122538][   T28] audit: type=1400 audit(2000000202.050:15803): avc:  denied  { unmount } for  pid=10951 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  466.333248][T11044] loop3: detected capacity change from 0 to 40427
[  466.340236][T11044] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  466.347712][T11044] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  466.356407][T11044] F2FS-fs (loop3): invalid crc value
[  466.362969][T11044] F2FS-fs (loop3): Found nat_bits in checkpoint
[  466.404301][T11044] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  466.411540][T11044] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  466.428351][T11044] F2FS-fs (loop3): Unrecognized mount option "€" or missing value
[  466.574479][T11076] loop4: detected capacity change from 0 to 1024
[  466.581107][T11076] EXT4-fs: Ignoring removed oldalloc option
[  466.586831][T11076] EXT4-fs: Ignoring removed orlov option
[  466.592680][T11076] EXT4-fs: Ignoring removed orlov option
[  466.600530][T11076] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  466.616881][T11076] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #4: block 96: comm syz-executor.4: lblock 0 mapped to illegal pblock 96 (length 1)
[  466.619191][T11079] 9pnet_fd: Insufficient options for proto=fd
[  466.631819][T11076] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  466.651034][T11079] loop3: detected capacity change from 0 to 2048
[  466.708347][T11079]  loop3: p2 < > p3 p4 < >
[  466.712584][T11079] loop3: partition table partially beyond EOD, truncated
[  466.719567][T11079] loop3: p2 start 4294902784 is beyond EOD, truncated
[  466.726180][T11079] loop3: p3 start 4278191616 is beyond EOD, truncated
[  467.153782][T10772] EXT4-fs (loop4): unmounting filesystem.
[  467.489650][T11098] loop4: detected capacity change from 0 to 131072
[  467.497345][T11098] F2FS-fs (loop4): invalid crc value
[  467.505938][T11098] F2FS-fs (loop4): Found nat_bits in checkpoint
[  467.551838][   T28] audit: type=1326 audit(2000000001.000:15804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11110 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaaac7cea9 code=0x0
[  467.575566][T11098] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  467.801227][   T28] audit: type=1400 audit(2000000001.250:15805): avc:  denied  { module_load } for  pid=11110 comm="syz-executor.0" path=2F6D656D66643A1037202864656C6574656429 dev="tmpfs" ino=1660 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  467.827735][T11121] Invalid ELF section header overflow
[  468.399104][T11125] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.405961][T11125] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.423480][T11125] device bridge_slave_0 entered promiscuous mode
[  468.434949][T11125] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.442393][T11125] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.450051][T11125] device bridge_slave_1 entered promiscuous mode
[  468.560278][T11133] loop4: detected capacity change from 0 to 512
[  468.568680][T11133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  468.587873][T11133] EXT4-fs warning (device loop4): dx_probe:868: inode #2: comm syz-executor.4: Unimplemented hash flags: 0x0001
[  468.602122][T11133] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz-executor.4: Corrupt directory, running e2fsck is recommended
[  468.615436][T11133] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir2619222412/syzkaller.VQiyqU/26/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  468.694216][T11125] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.701195][T11125] bridge0: port 2(bridge_slave_1) entered forwarding state
[  468.708287][T11125] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.715051][T11125] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.723728][T10772] EXT4-fs (loop4): unmounting filesystem.
[  468.763386][T11140] syz-executor.4[11140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  468.763454][T11140] syz-executor.4[11140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  468.779376][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  468.799227][ T4152] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.806407][ T4152] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.816761][    T8] device bridge_slave_1 left promiscuous mode
[  468.822838][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.830639][    T8] device bridge_slave_0 left promiscuous mode
[  468.836564][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.844232][    T8] device veth1_macvtap left promiscuous mode
[  468.850126][    T8] device veth0_vlan left promiscuous mode
[  468.954877][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  468.963464][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.970462][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.984743][T11135] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.991845][T11135] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.999492][T11135] device bridge_slave_0 entered promiscuous mode
[  469.007104][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  469.015457][ T1353] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.022309][ T1353] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.030237][T11135] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.037619][T11135] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.045023][T11135] device bridge_slave_1 entered promiscuous mode
[  469.079021][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  469.086820][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  469.105588][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  469.132054][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  469.140741][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  469.147963][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  469.156898][T11125] device veth0_vlan entered promiscuous mode
[  469.177198][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  469.187805][T11125] device veth1_macvtap entered promiscuous mode
[  469.216690][   T28] audit: type=1326 audit(2000000002.660:15806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11159 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058ec7cea9 code=0x0
[  469.217834][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  469.249654][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  469.272633][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  469.281041][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  469.289358][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.296404][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.297154][   T28] audit: type=1326 audit(2000000002.740:15807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11163 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42f87cea9 code=0x7ffc0000
[  469.304215][  T221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  469.335280][   T28] audit: type=1326 audit(2000000002.760:15808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11163 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42f87cea9 code=0x7ffc0000
[  469.364167][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  469.369516][   T28] audit: type=1326 audit(2000000002.780:15809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11163 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa42f87cea9 code=0x7ffc0000
[  469.378395][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  469.404491][   T28] audit: type=1326 audit(2000000002.780:15810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11163 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42f87cea9 code=0x7ffc0000
[  469.416303][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.435397][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.449625][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  469.462650][T11166] Invalid ELF section header overflow
[  469.468156][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  469.485930][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  469.494063][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  469.501949][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  469.510801][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  469.523509][T11135] device veth0_vlan entered promiscuous mode
[  469.530605][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  469.539926][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  469.554558][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  469.564345][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  469.572029][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  469.580154][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  469.589709][T11135] device veth1_macvtap entered promiscuous mode
[  469.600449][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  469.607930][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  469.615999][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  469.627944][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  469.636118][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  469.947246][T11182] loop2: detected capacity change from 0 to 256
[  470.249802][T11196] syz-executor.3[11196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.249881][T11196] syz-executor.3[11196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.281693][T11198] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  470.447499][T11222] 9pnet_fd: Insufficient options for proto=fd
[  470.484929][T11225] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  470.717664][T11247] syz-executor.2[11247] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  470.717738][T11247] syz-executor.2[11247] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.039956][T11272] syz-executor.2[11272] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.058314][T11272] syz-executor.2[11272] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.130745][   T28] kauditd_printk_skb: 326 callbacks suppressed
[  471.130764][   T28] audit: type=1400 audit(2000000004.580:16137): avc:  denied  { setattr } for  pid=11276 comm="syz-executor.2" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  471.901290][T11319] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  471.919018][T11319] FAT-fs (loop9): unable to read boot sector
[  471.944912][T11321] syz-executor.2[11321] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.945002][T11321] syz-executor.2[11321] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  472.030567][T11331] loop2: detected capacity change from 0 to 512
[  472.065102][T11331] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  472.085340][T11331] EXT4-fs warning (device loop2): dx_probe:868: inode #2: comm syz-executor.2: Unimplemented hash flags: 0x0001
[  472.098537][T11331] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended
[  472.133240][T11331] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path /root/syzkaller-testdir360982492/syzkaller.XiOOvu/21/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  472.273702][T11135] EXT4-fs (loop2): unmounting filesystem.
[  472.297837][   T28] audit: type=1326 audit(2000000005.740:16138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac2e47cea9 code=0x0
[  472.343431][T11339] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  472.376931][T11339] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)"
[  472.406616][T11335] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.428061][T11335] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.448696][T11335] device bridge_slave_0 entered promiscuous mode
[  472.471035][T11335] bridge0: port 2(bridge_slave_1) entered blocking state
[  472.489898][T11335] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.504888][T11335] device bridge_slave_1 entered promiscuous mode
[  472.512485][T11354] Invalid ELF section header overflow
[  472.641680][T11335] bridge0: port 2(bridge_slave_1) entered blocking state
[  472.648587][T11335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  472.655656][T11335] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.662492][T11335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  472.720189][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  472.728887][  T432] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.749136][  T432] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.757455][  T916] device bridge_slave_1 left promiscuous mode
[  472.764855][  T916] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.776475][  T916] device bridge_slave_0 left promiscuous mode
[  472.785342][  T916] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.797494][  T916] device veth1_macvtap left promiscuous mode
[  472.803448][  T916] device veth0_vlan left promiscuous mode
[  472.919332][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  472.927272][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.934122][ T4152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  472.941332][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  472.949302][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state
[  472.956132][ T4152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  472.963434][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  472.978792][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  472.994101][T11335] device veth0_vlan entered promiscuous mode
[  473.000638][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  473.009300][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  473.017074][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  473.024331][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  473.038441][  T221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  473.047578][T11335] device veth1_macvtap entered promiscuous mode
[  473.061008][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  473.070102][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  473.085897][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  473.103203][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  473.223721][T11395] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  473.447080][   T28] audit: type=1326 audit(2000000006.890:16139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11411 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2601e7cea9 code=0x0
[  473.648627][T11415] Invalid ELF section header overflow
[  474.205760][   T28] audit: type=1400 audit(2000000007.650:16140): avc:  denied  { ioctl } for  pid=11438 comm="syz-executor.2" path="/dev/usbmon7" dev="devtmpfs" ino=160 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  474.994817][   T28] audit: type=1326 audit(2000000008.440:16141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11478 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f058ec7cea9 code=0x0
[  475.157113][T11491] input: syz0 as /devices/virtual/input/input74
[  475.197339][T11497] Invalid ELF section header overflow
[  475.675726][T11524] input: syz0 as /devices/virtual/input/input75
[  475.903344][T11554] device dummy0 entered promiscuous mode
[  475.909059][T11554] device dummy0 left promiscuous mode
[  476.108971][T11562] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  476.128108][T11562] FAT-fs (loop3): unable to read boot sector
[  476.528086][   T28] audit: type=1400 audit(2000000009.970:16142): avc:  denied  { getopt } for  pid=11596 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  476.614248][T11608] bpf_get_probe_write_proto: 2 callbacks suppressed
[  476.614265][T11608] syz-executor.0[11608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  476.620888][T11608] syz-executor.0[11608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  476.713298][T11618] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  476.737022][T11618] FAT-fs (loop9): unable to read boot sector
[  476.798991][T11630] input: syz0 as /devices/virtual/input/input76
[  476.936799][T11637] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.943841][T11637] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.951202][T11637] device bridge_slave_0 entered promiscuous mode
[  476.959763][T11637] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.966781][T11637] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.974037][T11637] device bridge_slave_1 entered promiscuous mode
[  477.034793][T11637] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.041717][T11637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.048771][T11637] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.055542][T11637] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.091915][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  477.099537][ T4152] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.106638][ T4152] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.115514][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  477.123749][ T1353] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.130601][ T1353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.265801][T11648] loop4: detected capacity change from 0 to 256
[  477.534080][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  477.543477][ T1353] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.550361][ T1353] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.558582][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  477.567075][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  477.584992][T11637] device veth0_vlan entered promiscuous mode
[  477.591548][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  477.600155][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  477.609138][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  477.616759][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  477.636504][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  477.646302][T11637] device veth1_macvtap entered promiscuous mode
[  477.661589][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  477.675461][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  477.679683][T11664] syz-executor.0[11664] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.683476][T11664] syz-executor.0[11664] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  477.683524][  T834] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  477.878737][    T8] device bridge_slave_1 left promiscuous mode
[  477.884715][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.892066][    T8] device bridge_slave_0 left promiscuous mode
[  477.898160][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.905864][    T8] device veth1_macvtap left promiscuous mode
[  477.911850][    T8] device veth0_vlan left promiscuous mode
[  477.967639][T11687] loop4: detected capacity change from 0 to 256
[  477.979554][T11687] FAT-fs (loop4): Directory bread(block 64) failed
[  477.986024][T11687] FAT-fs (loop4): Directory bread(block 65) failed
[  477.993714][T11687] FAT-fs (loop4): Directory bread(block 66) failed
[  478.000123][T11687] FAT-fs (loop4): Directory bread(block 67) failed
[  478.006437][T11687] FAT-fs (loop4): Directory bread(block 68) failed
[  478.013119][T11687] FAT-fs (loop4): Directory bread(block 69) failed
[  478.019913][T11687] FAT-fs (loop4): Directory bread(block 70) failed
[  478.064056][T11687] FAT-fs (loop4): Directory bread(block 71) failed
[  478.124881][T11687] FAT-fs (loop4): Directory bread(block 72) failed
[  478.131847][T11687] FAT-fs (loop4): Directory bread(block 73) failed
[  478.343311][T11692] syz-executor.4[11692] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.343364][T11692] syz-executor.4[11692] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.408876][  T834] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  478.429611][  T834] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  478.437549][  T834] usb 2-1: SerialNumber: syz
[  478.488794][  T834] cdc_ether 2-1:1.0: skipping garbage
[  478.494714][  T834] usb 2-1: bad CDC descriptors
[  478.691190][ T1353] usb 2-1: USB disconnect, device number 37
[  478.818826][   T28] audit: type=1400 audit(2000000012.270:16143): avc:  denied  { relabelfrom } for  pid=11720 comm="syz-executor.0" name="" dev="pipefs" ino=68911 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  478.910650][  T799] tipc: Disabling bearer <eth:vlan0>
[  478.916262][  T799] tipc: Left network mode
[  479.005971][T11728] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.012905][T11728] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.020429][T11728] device bridge_slave_0 entered promiscuous mode
[  479.029679][T11728] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.036616][T11728] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.043794][T11728] device bridge_slave_1 entered promiscuous mode
[  479.102813][T11728] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.109823][T11728] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.116866][T11728] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.123644][T11728] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.149368][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  479.156699][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.165801][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.176495][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  479.184617][ T1353] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.191501][ T1353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.205171][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  479.213805][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.220673][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.236239][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  479.254947][T11728] device veth0_vlan entered promiscuous mode
[  479.261656][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  479.270130][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  479.278550][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  479.286026][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  479.293569][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  479.312407][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  479.321525][T11728] device veth1_macvtap entered promiscuous mode
[  479.335060][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  479.343883][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  479.808319][  T799] device bridge_slave_1 left promiscuous mode
[  479.814704][  T799] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.823328][  T799] device bridge_slave_0 left promiscuous mode
[  479.942812][  T799] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.971956][  T799] device veth1_macvtap left promiscuous mode
[  479.977820][  T799] device veth0_vlan left promiscuous mode
[  480.015404][T11756] syz-executor.1 (11756) used greatest stack depth: 19352 bytes left
[  480.037240][T11767] binder: 11766:11767 ioctl 40046210 0 returned -14
[  480.076887][T11769] loop1: detected capacity change from 0 to 8192
[  480.119412][T11769]  loop1: p1 p2 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[  480.224146][T11771] device dummy0 entered promiscuous mode
[  480.335501][T11771] device dummy0 left promiscuous mode
[  480.776902][T11813] loop1: detected capacity change from 0 to 8192
[  480.829786][T11813]  loop1: p1 p2 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215
[  481.624228][T11832] loop1: detected capacity change from 0 to 256
[  481.771165][T11832] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  482.036245][T11841] syz-executor.2[11841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  482.036298][T11841] syz-executor.2[11841] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  482.065595][T11841] device syzkaller0 entered promiscuous mode
[  482.127075][T11845] loop4: detected capacity change from 0 to 1024
[  482.134254][T11845] EXT4-fs: Ignoring removed nomblk_io_submit option
[  482.141199][T11845] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  482.167913][T11845] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  482.177820][T11845] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0002]
[  482.185941][T11845] System zones: 0-1, 3-36
[  482.197101][T11845] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  482.231043][T11845] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 18383322559214291671 in block_group 0
[  482.251662][T10772] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 18383322559214291671 in block_group 0
[  482.267079][T11859] syz-executor.0[11859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  482.267164][T11859] syz-executor.0[11859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  482.280653][T10772] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  482.312992][T10772] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[  482.324777][T10772] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 18383322559214291671 in block_group 0
[  482.339763][T10772] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 18383322559214291671 in block_group 0
[  482.374825][T11863] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  482.384792][T11863] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  482.392744][T11863] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  482.420648][  T799] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm kworker/u4:5: Invalid inode table block 18383322559214291671 in block_group 0
[  482.436174][  T799] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm kworker/u4:5: Invalid inode table block 18383322559214291671 in block_group 0
[  482.451623][T10772] EXT4-fs (loop4): unmounting filesystem.
[  482.589532][   T19] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  483.018092][T11873] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.024961][T11873] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.032268][T11873] device bridge_slave_0 entered promiscuous mode
[  483.041351][T11873] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.048569][T11873] bridge0: port 2(bridge_slave_1) entered disabled state
[  483.056280][T11873] device bridge_slave_1 entered promiscuous mode
[  483.108039][   T19] usb 1-1: Using ep0 maxpacket: 32
[  483.119857][    T8] device bridge_slave_1 left promiscuous mode
[  483.126052][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  483.133090][T11880] xt_CT: No such helper "syz0"
[  483.137913][    T8] device bridge_slave_0 left promiscuous mode
[  483.144078][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.152310][    T8] device veth1_macvtap left promiscuous mode
[  483.158336][    T8] device veth0_vlan left promiscuous mode
[  483.267823][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  483.275285][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  483.284447][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  483.292930][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  483.301541][  T432] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.308415][  T432] bridge0: port 1(bridge_slave_0) entered forwarding state
[  483.319093][  T432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  483.336024][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  483.343547][T11886] loop2: detected capacity change from 0 to 128
[  483.350673][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  483.356515][T11886] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  483.367889][  T834] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.376892][  T834] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.380409][T11886] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  483.384881][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  483.402207][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  483.409895][   T19] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  483.420422][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  483.420610][   T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.429149][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  483.436403][   T19] usb 1-1: Product: syz
[  483.448794][   T19] usb 1-1: Manufacturer: syz
[  483.453286][   T19] usb 1-1: SerialNumber: syz
[  483.453926][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  483.466471][   T19] usb 1-1: config 0 descriptor??
[  483.472219][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  483.486070][T11873] device veth0_vlan entered promiscuous mode
[  483.492356][  T916] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  483.493175][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  483.509314][  T834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  483.534737][T11873] device veth1_macvtap entered promiscuous mode
[  483.542183][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  483.550251][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  483.557652][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  483.565760][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  483.582519][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  483.592637][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  483.618371][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  483.626522][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  483.769444][T11908] syz-executor.4[11908] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  483.769520][T11908] syz-executor.4[11908] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  483.795964][T11908] device syzkaller0 entered promiscuous mode
[  484.195200][T11917] binder: 11916:11917 ioctl 40046210 0 returned -14
[  484.203734][   T19] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  484.431068][   T19] usb 1-1: USB disconnect, device number 26
[  485.310422][   T28] audit: type=1326 audit(2000000018.050:16144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7fb8e7cea9 code=0x0
[  485.579102][T11952] loop4: detected capacity change from 0 to 256
[  485.590753][T11952] FAT-fs (loop4): Directory bread(block 64) failed
[  485.597448][T11952] FAT-fs (loop4): Directory bread(block 65) failed
[  485.604677][T11952] FAT-fs (loop4): Directory bread(block 66) failed
[  485.611913][T11952] FAT-fs (loop4): Directory bread(block 67) failed
[  485.618547][T11952] FAT-fs (loop4): Directory bread(block 68) failed
[  485.625065][T11952] FAT-fs (loop4): Directory bread(block 69) failed
[  485.631544][T11952] FAT-fs (loop4): Directory bread(block 70) failed
[  485.637883][T11952] FAT-fs (loop4): Directory bread(block 71) failed
[  485.651852][T11952] FAT-fs (loop4): Directory bread(block 72) failed
[  485.659323][T11952] FAT-fs (loop4): Directory bread(block 73) failed
[  485.720223][T11973] syz-executor.0[11973] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  485.720299][T11973] syz-executor.0[11973] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  485.940594][T11986] loop4: detected capacity change from 0 to 128
[  486.087776][T11986] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  486.115450][T11986] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  486.245521][ T9774] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  486.608197][   T19] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  486.616527][T12048] binder: 12047:12048 ioctl c0306201 20000380 returned -14
[  487.049344][   T19] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  487.069310][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  487.102380][   T19] usb 5-1: SerialNumber: syz
[  487.168631][   T19] cdc_ether 5-1:1.0: skipping garbage
[  487.173936][   T19] usb 5-1: bad CDC descriptors
[  487.205962][T12089] SELinux:  Context $ is not valid (left unmapped).
[  487.212751][   T28] audit: type=1400 audit(2000000020.670:16145): avc:  denied  { relabelto } for  pid=12088 comm="syz-executor.0" name="file0" dev="sda1" ino=1959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="$"
[  487.244989][   T28] audit: type=1400 audit(2000000020.690:16146): avc:  denied  { unlink } for  pid=11728 comm="syz-executor.0" name="file0" dev="sda1" ino=1959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="$"
[  487.372097][   T19] usb 5-1: USB disconnect, device number 29
[  487.508159][  T834] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  487.908042][  T834] usb 1-1: Using ep0 maxpacket: 16
[  488.048126][  T834] usb 1-1: config 0 has an invalid interface number: 244 but max is 0
[  488.059393][  T834] usb 1-1: config 0 has no interface number 0
[  488.258166][  T834] usb 1-1: New USB device found, idVendor=0b95, idProduct=178a, bcdDevice=fc.30
[  488.267194][  T834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.283968][  T834] usb 1-1: Product: syz
[  488.288086][  T834] usb 1-1: Manufacturer: syz
[  488.292412][  T834] usb 1-1: SerialNumber: syz
[  488.312852][  T834] usb 1-1: config 0 descriptor??
[  488.513490][   T24] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  488.515219][T12174] loop1: detected capacity change from 0 to 256
[  488.541301][T12174] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  488.770126][  T413] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  488.789573][  T834] ax88179_178a 1-1:0.244 eth1: register 'ax88179_178a' at usb-dummy_hcd.0-1, ASIX AX88178A USB 2.0 Gigabit Ethernet, a2:cf:35:df:c5:45
[  488.803787][  T834] usb 1-1: USB disconnect, device number 27
[  488.809734][  T834] ax88179_178a 1-1:0.244 eth1: unregister 'ax88179_178a' usb-dummy_hcd.0-1, ASIX AX88178A USB 2.0 Gigabit Ethernet
[  489.008038][  T413] usb 5-1: Using ep0 maxpacket: 32
[  489.128160][  T413] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  489.137667][  T413] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  489.147131][  T413] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  489.156610][  T413] usb 5-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[  489.165436][  T413] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.173769][  T413] usb 5-1: config 0 descriptor??
[  489.218410][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  489.239734][  T413] rndis_host 5-1:0.0: skipping garbage
[  489.245143][  T413] usb 5-1: bad CDC descriptors
[  489.246107][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  489.263638][   T24] usb 3-1: SerialNumber: syz
[  489.264320][  T413] cdc_acm 5-1:0.0: skipping garbage
[  489.318983][   T24] cdc_ether 3-1:1.0: skipping garbage
[  489.324644][   T24] usb 3-1: bad CDC descriptors
[  489.940293][ T1353] usb 3-1: USB disconnect, device number 25
[  489.968942][   T24] usb 5-1: USB disconnect, device number 30
[  490.357188][T12220] syz-executor.0[12220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  490.357242][T12220] syz-executor.0[12220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  490.378713][T12220] syz-executor.0[12220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  490.390777][T12220] syz-executor.0[12220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  490.930572][T12233] loop4: detected capacity change from 0 to 40427
[  490.949214][T12233] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  490.956778][T12233] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  490.988286][T12233] F2FS-fs (loop4): invalid crc value
[  491.054315][T12233] F2FS-fs (loop4): Found nat_bits in checkpoint
[  491.226777][T12233] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  491.234477][T12233] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  492.226057][ T9774] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  492.258732][ T9774] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  492.519205][T12283] syz-executor.1[12283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  492.519311][T12283] syz-executor.1[12283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  493.812891][T12306] loop2: detected capacity change from 0 to 256
[  493.832775][   T28] audit: type=1326 audit(2000000027.270:16147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12288 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2601e7cea9 code=0x0
[  493.842621][T12309] hub 6-0:1.0: USB hub found
[  493.862201][T12306] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  493.872862][T12309] hub 6-0:1.0: 1 port detected
[  494.320359][T12337] hub 6-0:1.0: USB hub found
[  494.331736][T12337] hub 6-0:1.0: 1 port detected
[  494.388058][  T429] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  494.438763][T12345] device syzkaller0 entered promiscuous mode
[  494.688439][T12349] loop2: detected capacity change from 0 to 256
[  494.773718][T12349] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  494.838155][  T429] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  495.098900][  T429] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  495.107889][  T429] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.115911][  T429] usb 2-1: Product: syz
[  495.120104][  T429] usb 2-1: Manufacturer: syz
[  495.124594][  T429] usb 2-1: SerialNumber: syz
[  495.619006][   T28] audit: type=1326 audit(2000000029.060:16148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12353 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f436027cea9 code=0x0
[  495.816347][T12376] device syzkaller0 entered promiscuous mode
[  495.876609][T12378] tipc: Invalid UDP bearer configuration
[  495.876627][T12378] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  496.337410][T12403] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  496.568058][  T429] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  496.574461][  T429] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  496.581732][  T429] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  496.772907][T12406] tipc: Invalid UDP bearer configuration
[  496.772942][T12406] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  496.778205][  T429] cdc_ncm 2-1:1.0: setting tx_max = 184
[  496.797115][  T429] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  496.813023][T12408] device syzkaller0 entered promiscuous mode
[  496.813514][  T429] usb 2-1: USB disconnect, device number 38
[  496.828982][  T429] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  497.417646][   T28] audit: type=1326 audit(2000000030.860:16149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12418 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x0
[  497.710957][T12424] loop1: detected capacity change from 0 to 40427
[  497.718065][T12424] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  497.725743][T12424] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  497.734871][T12424] F2FS-fs (loop1): invalid crc value
[  497.760492][T12424] F2FS-fs (loop1): Found nat_bits in checkpoint
[  497.809788][T12437] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  497.817947][T12437] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  497.828427][T12424] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  497.836987][T12424] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  497.999194][T12441] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.338388][T12441] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.366902][T12441] device bridge_slave_0 entered promiscuous mode
[  498.393461][T12440] hub 6-0:1.0: USB hub found
[  498.400837][T12441] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.407710][T12441] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.451179][  T916] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  498.459994][T12440] hub 6-0:1.0: 1 port detected
[  498.465562][  T916] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  498.478514][T12441] device bridge_slave_1 entered promiscuous mode
[  498.622836][T12441] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.629748][T12441] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.634792][T12451] loop2: detected capacity change from 0 to 40427
[  498.636825][T12441] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.649857][T12441] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.672308][T12463] loop4: detected capacity change from 0 to 2048
[  498.678132][T12451] F2FS-fs (loop2): Invalid log blocks per segment (5)
[  498.679710][T12463] EXT4-fs: Ignoring removed mblk_io_submit option
[  498.693286][T12451] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  498.723307][T12451] F2FS-fs (loop2): Found nat_bits in checkpoint
[  498.728509][T12463] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  498.758133][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  498.765468][T12463] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 234: padding at end of block bitmap is not set
[  498.766256][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  498.789448][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  498.798264][T12463] EXT4-fs (loop4): Remounting filesystem read-only
[  498.804600][T12463] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6157: Corrupt filesystem
[  498.813174][   T28] audit: type=1400 audit(2000000032.250:16150): avc:  denied  { quotaon } for  pid=12462 comm="syz-executor.4" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  498.848454][T11873] EXT4-fs (loop4): unmounting filesystem.
[  498.848994][T12451] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  498.861436][T12451] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  498.870391][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  498.885404][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  498.918878][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  498.927301][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  498.936298][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  498.958392][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  498.966246][ T9774] device bridge_slave_1 left promiscuous mode
[  498.978330][ T9774] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.997020][ T9774] device bridge_slave_0 left promiscuous mode
[  499.003739][T11637] syz-executor.2: attempt to access beyond end of device
[  499.003739][T11637] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  499.088134][ T9774] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.096161][ T9774] device veth1_macvtap left promiscuous mode
[  499.102075][ T9774] device veth0_vlan left promiscuous mode
[  499.677450][T12441] device veth0_vlan entered promiscuous mode
[  499.711816][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  500.211506][   T28] audit: type=1326 audit(2000000033.660:16151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12485 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x0
[  500.235351][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  500.262212][T12441] device veth1_macvtap entered promiscuous mode
[  500.275468][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  500.289053][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  500.323681][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  500.339139][  T429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  500.405941][T12505] tipc: Started in network mode
[  500.437652][T12505] tipc: Node identity e0000001, cluster identity 4711
[  500.444873][T12505] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  500.619415][T12509] loop4: detected capacity change from 0 to 256
[  500.628826][T12509] exfat: Deprecated parameter 'namecase'
[  500.646174][T12509] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x0830f3fb, utbl_chksum : 0xe619d30d)
[  501.141836][T12525] syz-executor.3[12525] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  501.141921][T12525] syz-executor.3[12525] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  501.179485][T12525] syz-executor.3[12525] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  501.214651][T12525] syz-executor.3[12525] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  501.426268][T12545] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  501.551320][T12543] loop4: detected capacity change from 0 to 256
[  501.590934][T12543] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  501.603865][T12543] exFAT-fs (loop4): error, invalid access to FAT bad cluster (entry 0x00000005)
[  501.619976][T12543] exFAT-fs (loop4): Filesystem has been set read-only
[  501.628039][T12543] exFAT-fs (loop4): failed to initialize root inode
[  501.721085][   T28] audit: type=1326 audit(2000000035.170:16152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12546 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2601e7cea9 code=0x0
[  502.082996][T12569] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  502.083157][T12570] binder: transaction release 79 bad handle 1, ret = -22
[  503.042578][T12599] syz-executor.4[12599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  503.042654][T12599] syz-executor.4[12599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  503.488535][T12610] binder: transaction release 87 bad handle 1, ret = -22
[  503.524779][T12617] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  504.542791][T12632] KVM: debugfs: duplicate directory 12632-5
[  504.620319][T12641] syz-executor.1[12641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  504.620382][T12641] syz-executor.1[12641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  504.852926][T12647] binder: transaction release 95 bad handle 1, ret = -22
[  504.933860][  T429] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  504.965329][T12653] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  505.178030][  T429] usb 4-1: Using ep0 maxpacket: 16
[  505.208138][T12391] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  505.298122][  T429] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.308903][  T429] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.318550][  T429] usb 4-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00
[  505.327460][  T429] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.336084][  T429] usb 4-1: config 0 descriptor??
[  505.419926][   T28] audit: type=1326 audit(2000000038.870:16153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.446761][   T28] audit: type=1326 audit(2000000038.900:16154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.470895][   T28] audit: type=1326 audit(2000000038.900:16155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.495800][   T28] audit: type=1326 audit(2000000038.900:16156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.520112][   T28] audit: type=1326 audit(2000000038.900:16157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.546399][   T28] audit: type=1326 audit(2000000038.900:16158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a82c7baa0 code=0x7ffc0000
[  505.571944][   T28] audit: type=1326 audit(2000000038.900:16159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5a82c7e637 code=0x7ffc0000
[  505.596026][   T28] audit: type=1326 audit(2000000038.900:16160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a82c7cea9 code=0x7ffc0000
[  505.628069][T12391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.639554][   T28] audit: type=1326 audit(2000000038.900:16161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5a82c7e637 code=0x7ffc0000
[  505.665783][T12391] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.681039][T12391] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  505.698140][T12391] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.706091][   T28] audit: type=1326 audit(2000000038.900:16162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5a82c7bd9a code=0x7ffc0000
[  505.731007][T12675] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  505.733894][T12391] usb 2-1: config 0 descriptor??
[  505.769105][T12678] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  505.807753][T12678] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  506.398137][  T429] usbhid 4-1:0.0: can't add hid device: -71
[  506.404010][  T429] usbhid: probe of 4-1:0.0 failed with error -71
[  506.411277][  T429] usb 4-1: USB disconnect, device number 41
[  506.418057][T12391] usbhid 2-1:0.0: can't add hid device: -71
[  506.423830][T12391] usbhid: probe of 2-1:0.0 failed with error -71
[  506.436542][T12391] usb 2-1: USB disconnect, device number 39
[  506.479930][T12706] tipc: Started in network mode
[  506.484678][T12706] tipc: Node identity , cluster identity 4711
[  506.490694][T12706] tipc: Failed to set node id, please configure manually
[  506.497606][T12706] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  506.714932][T12730] loop3: detected capacity change from 0 to 512
[  506.722964][T12730] EXT4-fs (loop3): orphan cleanup on readonly fs
[  506.730376][T12730] EXT4-fs (loop3): 1 truncate cleaned up
[  506.738226][T12730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  506.750620][T12730] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 8
[  506.770838][T12441] EXT4-fs (loop3): unmounting filesystem.
[  506.808771][T12745] tipc: Started in network mode
[  506.813480][T12745] tipc: Node identity , cluster identity 4711
[  506.823404][T12745] tipc: Failed to set node id, please configure manually
[  506.832084][T12745] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  507.002007][T12776] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  507.068012][T12391] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  507.228340][    T6] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  507.269245][T12809] tipc: Started in network mode
[  507.274002][T12809] tipc: Node identity , cluster identity 4711
[  507.281249][T12809] tipc: Failed to set node id, please configure manually
[  507.288239][T12809] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  507.308023][T12391] usb 3-1: Using ep0 maxpacket: 8
[  507.428155][T12391] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  507.439544][T12391] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  507.562012][T12821] loop4: detected capacity change from 0 to 256
[  507.933076][T12391] usb 3-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  508.007093][T12391] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.116361][T12391] usb 3-1: config 0 descriptor??
[  508.128419][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.142369][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.156282][    T6] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  508.193782][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.206656][    T6] usb 4-1: config 0 descriptor??
[  508.275736][T12821] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  508.863726][T12391] smartjoyplus 0003:6666:8804.0058: hidraw0: USB HID v0.00 Device [HID 6666:8804] on usb-dummy_hcd.2-1/input0
[  508.891895][T12840] loop4: detected capacity change from 0 to 256
[  508.898555][T12840] exfat: Deprecated parameter 'namecase'
[  508.904402][T12391] smartjoyplus 0003:6666:8804.0058: Force feedback for SmartJoy PLUS PS2/USB adapter
[  508.916481][T12840] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x0830f3fb, utbl_chksum : 0xe619d30d)
[  508.930026][T12391] usb 3-1: USB disconnect, device number 26
[  508.948060][    T6] usbhid 4-1:0.0: can't add hid device: -71
[  508.953885][    T6] usbhid: probe of 4-1:0.0 failed with error -71
[  508.966247][    T6] usb 4-1: USB disconnect, device number 42
[  509.531559][T12867] loop2: detected capacity change from 0 to 2048
[  509.538353][T12867] journal_path: Lookup failure for './bus'
[  509.546573][T12867] EXT4-fs: error: could not find journal device path
[  509.795268][T12860] loop4: detected capacity change from 0 to 256
[  509.859126][T12860] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  509.871677][T12860] exFAT-fs (loop4): error, invalid access to FAT bad cluster (entry 0x00000005)
[  509.880604][T12860] exFAT-fs (loop4): Filesystem has been set read-only
[  509.887302][T12860] exFAT-fs (loop4): failed to initialize root inode
[  510.063528][T12890] syz-executor.0[12890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  510.063651][T12890] syz-executor.0[12890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  510.128012][T12888] loop3: detected capacity change from 0 to 256
[  510.146202][T12888] exfat: Deprecated parameter 'namecase'
[  510.155048][T12888] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0830f3fb, utbl_chksum : 0xe619d30d)
[  510.228044][ T1353] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  510.429237][   T24] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  510.819065][T12907] loop3: detected capacity change from 0 to 2048
[  510.825584][T12907] journal_path: Lookup failure for './bus'
[  510.828112][ T1353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.831399][T12907] EXT4-fs: error: could not find journal device path
[  510.842068][   T24] usb 5-1: Using ep0 maxpacket: 32
[  510.853420][ T1353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.863219][ T1353] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  510.872114][ T1353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.880639][ T1353] usb 3-1: config 0 descriptor??
[  510.999574][T12919] syz-executor.0[12919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  510.999628][T12919] syz-executor.0[12919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.903689][   T24] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  511.925004][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.932992][   T24] usb 5-1: Product: syz
[  511.937133][   T24] usb 5-1: Manufacturer: syz
[  511.941911][   T24] usb 5-1: SerialNumber: syz
[  511.947047][   T24] usb 5-1: config 0 descriptor??
[  511.987677][T12391] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  511.998259][ T1353] usbhid 3-1:0.0: can't add hid device: -71
[  512.004633][ T1353] usbhid: probe of 3-1:0.0 failed with error -71
[  512.011773][ T1353] usb 3-1: USB disconnect, device number 27
[  512.228070][T12391] usb 1-1: Using ep0 maxpacket: 8
[  512.348042][T12391] usb 1-1: config 1 has an invalid descriptor of length 216, skipping remainder of the config
[  512.358148][T12391] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  512.366806][T12391] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.377506][T12391] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.387034][T12391] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  512.441202][T12949] syz-executor.2[12949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  512.441279][T12949] syz-executor.2[12949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  512.472844][T12951] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  512.628140][T12391] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  512.637151][T12391] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.638260][   T24] (unnamed net_device) (uninitialized): Assigned a random MAC address: b6:a4:b1:d8:9d:6e
[  512.670472][   T24] rtl8150 5-1:0.0: eth1: rtl8150 is detected
[  512.918063][T12391] usb 1-1: Product: syz
[  512.922068][T12391] usb 1-1: Manufacturer: syz
[  512.926495][T12391] usb 1-1: SerialNumber: syz
[  512.936245][  T432] usb 5-1: USB disconnect, device number 31
[  512.969500][T12391] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  512.976174][T12391] cdc_ncm 1-1:1.0: bind() failure
[  513.045703][T12963] loop3: detected capacity change from 0 to 512
[  513.060371][T12963] EXT4-fs (loop3): 1 orphan inode deleted
[  513.066035][T12963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  513.074859][T12963] ext4 filesystem being mounted at /root/syzkaller-testdir2883058395/syzkaller.R7FnZ7/25/file1 supports timestamps until 2038 (0x7fffffff)
[  513.102018][T12968] loop1: detected capacity change from 0 to 512
[  513.109076][T12968] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  513.118574][T12968] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: iget: bad i_size value: -67835469387268086
[  513.132440][T12968] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  513.144888][T12968] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  513.153282][T12968] ext2 filesystem being mounted at /root/syzkaller-testdir2126439782/syzkaller.tNyDhB/150/file0 supports timestamps until 2038 (0x7fffffff)
[  513.172471][T12922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.181766][T12922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.192019][  T432] usb 1-1: USB disconnect, device number 28
[  513.216681][T12441] EXT4-fs (loop3): unmounting filesystem.
[  513.397219][T12982] syz-executor.2[12982] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  513.397274][T12982] syz-executor.2[12982] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  513.450049][    T6] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  513.568049][   T24] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  513.602649][T12994] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  513.708133][    T6] usb 2-1: Using ep0 maxpacket: 16
[  513.978213][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  513.989549][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  514.000068][   T24] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  514.009518][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.022802][   T24] usb 4-1: config 0 descriptor??
[  514.027644][    T6] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  514.088097][  T431] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  514.198079][    T6] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  514.207095][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.214882][    T6] usb 2-1: Product: syz
[  514.218903][    T6] usb 2-1: Manufacturer: syz
[  514.223281][    T6] usb 2-1: SerialNumber: syz
[  514.228316][    T6] usb 2-1: config 0 descriptor??
[  514.268606][    T6] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  514.276367][    T6] usb 2-1: Detected FT232R
[  514.306483][T13019] syz-executor.2[13019] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.306568][T13019] syz-executor.2[13019] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.336695][T13021] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  514.358103][  T431] usb 1-1: Using ep0 maxpacket: 32
[  514.380734][T13025] device tunl0 entered promiscuous mode
[  514.387119][T13025] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  514.395145][T13025] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'.
[  514.488055][    T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  514.538136][   T24] usbhid 4-1:0.0: can't add hid device: -71
[  514.544012][   T24] usbhid: probe of 4-1:0.0 failed with error -71
[  514.551003][   T24] usb 4-1: USB disconnect, device number 43
[  514.648104][  T431] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  514.657149][  T431] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.665058][  T431] usb 1-1: Product: syz
[  514.669087][  T431] usb 1-1: Manufacturer: syz
[  514.673497][  T431] usb 1-1: SerialNumber: syz
[  514.678674][  T431] usb 1-1: config 0 descriptor??
[  514.710075][T13027] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.716919][T13027] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.724444][T13027] device bridge_slave_0 entered promiscuous mode
[  514.735782][T13027] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.742970][T13027] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.750424][T13027] device bridge_slave_1 entered promiscuous mode
[  514.750518][    T6] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  514.806400][T13027] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.813266][T13027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  514.820343][T13027] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.827131][T13027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.858015][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  514.865331][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  514.873432][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  514.883167][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  514.890967][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  514.905174][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  514.918555][T13027] device veth0_vlan entered promiscuous mode
[  514.926584][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  514.936239][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  514.944440][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  514.958250][   T39] usb 2-1: USB disconnect, device number 40
[  514.965021][   T39] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  514.968865][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  514.974468][   T39] ftdi_sio 2-1:0.0: device disconnected
[  514.983350][T13027] device veth1_macvtap entered promiscuous mode
[  515.014780][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  515.033357][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  515.077841][T13048] syz-executor.4[13048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  515.077894][T13048] syz-executor.4[13048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  515.155797][T13052] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  515.157234][T13053] loop2: detected capacity change from 0 to 512
[  515.199837][T13055] device syzkaller0 entered promiscuous mode
[  515.201259][T13053] EXT4-fs (loop2): 1 orphan inode deleted
[  515.212055][T13053] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  515.220947][T13053] ext4 filesystem being mounted at /root/syzkaller-testdir2931069302/syzkaller.nsoxxC/119/file1 supports timestamps until 2038 (0x7fffffff)
[  515.271380][ T9774] device bridge_slave_1 left promiscuous mode
[  515.277463][ T9774] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.285077][ T9774] device bridge_slave_0 left promiscuous mode
[  515.291230][ T9774] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.299462][ T9774] device veth1_macvtap left promiscuous mode
[  515.305368][ T9774] device veth0_vlan left promiscuous mode
[  515.330990][  T799] Bluetooth: hci0: Frame reassembly failed (-84)
[  515.364785][T11637] EXT4-fs (loop2): unmounting filesystem.
[  515.408047][  T431] (unnamed net_device) (uninitialized): Assigned a random MAC address: 2a:2c:b9:aa:34:fe
[  515.441994][  T431] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  515.509915][T11335] EXT4-fs (loop1): unmounting filesystem.
[  515.611544][  T431] usb 1-1: USB disconnect, device number 29
[  515.647922][T13067] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.654888][T13067] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.662626][T13067] device bridge_slave_0 entered promiscuous mode
[  515.668082][  T834] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  515.670898][T13067] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.683299][T13067] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.690749][T13067] device bridge_slave_1 entered promiscuous mode
[  515.744508][T13067] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.751371][T13067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.758482][T13067] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.765245][T13067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  515.774509][ T9774] tipc: Left network mode
[  515.790366][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  515.797836][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.805082][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.834381][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  515.843335][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  515.851465][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.858309][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  515.865453][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  515.873462][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.880299][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.887696][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  515.896086][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  515.906279][T13067] device veth0_vlan entered promiscuous mode
[  515.916496][ T1353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  515.931942][T13067] device veth1_macvtap entered promiscuous mode
[  515.940767][  T431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  515.949141][  T431] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  515.956696][  T431] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  515.972758][T12826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  515.987784][  T431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  516.068157][  T834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.079486][  T834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.098015][  T834] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  516.109457][  T834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.118093][  T834] usb 3-1: config 0 descriptor??
[  516.339203][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  516.339220][   T28] audit: type=1326 audit(2000000049.790:16171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13109 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce2b67cea9 code=0x0
[  516.369312][ T9774] device bridge_slave_1 left promiscuous mode
[  516.375282][ T9774] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.382968][ T9774] device bridge_slave_0 left promiscuous mode
[  516.389071][ T9774] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.396939][ T9774] device veth1_macvtap left promiscuous mode
[  516.402917][ T9774] device veth0_vlan left promiscuous mode
[  516.438045][  T431] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  516.698098][  T834] usbhid 3-1:0.0: can't add hid device: -71
[  516.703904][  T431] usb 1-1: Using ep0 maxpacket: 16
[  516.708904][  T834] usbhid: probe of 3-1:0.0 failed with error -71
[  516.715563][  T834] usb 3-1: USB disconnect, device number 28
[  516.858067][  T431] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  517.028078][  T431] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  517.037201][  T431] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.044902][T13113] Invalid ELF section name index: 32768 || e_shstrndx (32768) >= e_shnum (0)
[  517.045400][  T431] usb 1-1: Product: syz
[  517.057669][  T431] usb 1-1: Manufacturer: syz
[  517.062423][  T431] usb 1-1: SerialNumber: syz
[  517.067485][  T431] usb 1-1: config 0 descriptor??
[  517.120940][  T431] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  517.128897][  T431] usb 1-1: Detected FT232R
[  517.257390][T13133] loop3: detected capacity change from 0 to 256
[  517.347925][   T28] audit: type=1326 audit(2000000050.790:16172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13120 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a82c7cea9 code=0x0
[  517.378338][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  517.384345][T13062] Bluetooth: hci0: command 0x1003 tx timeout
[  517.408245][  T431] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  517.570438][   T28] audit: type=1400 audit(2000000051.020:16173): avc:  denied  { mounton } for  pid=13144 comm="syz-executor.1" path="/root/syzkaller-testdir3993589315/syzkaller.MUtTmC/9/file0/bus" dev="ramfs" ino=77040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  517.570972][T13145] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  517.604399][T13145] overlayfs: failed to set xattr on upper
[  517.744290][T13160] loop1: detected capacity change from 0 to 256
[  517.759467][  T431] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  517.778636][T13164] syz-executor.1[13164] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  517.778717][T13164] syz-executor.1[13164] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  517.791893][T13166] device tunl0 entered promiscuous mode
[  517.809990][T13166] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  517.818154][T13166] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[  517.971372][ T1353] usb 1-1: USB disconnect, device number 30
[  518.004177][ T1353] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  518.014148][ T1353] ftdi_sio 1-1:0.0: device disconnected
[  518.108049][  T431] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  518.147887][T13179] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  518.159434][T13179] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  518.167667][T13179] CPU: 1 PID: 13179 Comm: syz-executor.2 Tainted: G        W          6.1.78-syzkaller-00008-g4c45e2f34089 #0
[  518.179127][T13179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  518.189019][T13179] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  518.195094][T13179] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  518.214544][T13179] RSP: 0018:ffffc9000113f6c0 EFLAGS: 00010246
[  518.220451][T13179] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  518.228250][T13179] RDX: ffffc900037ca000 RSI: 0000000000000414 RDI: 0000000000000415
[  518.236061][T13179] RBP: ffffc9000113f818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  518.243871][T13179] R10: 0000000000000004 R11: ffff88811bc9a880 R12: dffffc0000000000
[  518.251892][T13179] R13: ffff888120d42780 R14: 1ffff92000227ee4 R15: 0000000000000000
[  518.259694][T13179] FS:  00007f5a8396f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  518.268459][T13179] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  518.274885][T13179] CR2: 0000000020010000 CR3: 000000013c415000 CR4: 00000000003506a0
[  518.282695][T13179] DR0: 0000000000000000 DR1: 00000000872c9164 DR2: 0000000000000000
[  518.290505][T13179] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  518.298318][T13179] Call Trace:
[  518.301444][T13179]  <TASK>
[  518.304219][T13179]  ? __die_body+0x62/0xb0
[  518.308388][T13179]  ? die_addr+0x9f/0xd0
[  518.312466][T13179]  ? exc_general_protection+0x317/0x4c0
[  518.317849][T13179]  ? asm_exc_general_protection+0x27/0x30
[  518.323399][T13179]  ? xdp_do_generic_redirect+0x303/0xad0
[  518.328874][T13179]  ? dev_map_generic_redirect+0x90/0x7d0
[  518.334335][T13179]  ? __free_pages_core+0x180/0x180
[  518.339288][T13179]  ? __this_cpu_preempt_check+0x13/0x20
[  518.344664][T13179]  ? bq_enqueue+0x3e0/0x3e0
[  518.349016][T13179]  ? bpf_prog_run_generic_xdp+0x9aa/0x1110
[  518.354654][T13179]  xdp_do_generic_redirect+0x411/0xad0
[  518.359944][T13179]  do_xdp_generic+0x53e/0x800
[  518.364456][T13179]  ? generic_xdp_tx+0x560/0x560
[  518.369160][T13179]  ? __schedule+0xcaf/0x1550
[  518.373567][T13179]  ? tun_get_user+0x2340/0x3a90
[  518.378254][T13179]  tun_get_user+0x238a/0x3a90
[  518.382767][T13179]  ? futex_q_unlock+0x30/0x30
[  518.387282][T13179]  ? tun_do_read+0x1ee0/0x1ee0
[  518.391891][T13179]  ? ref_tracker_alloc+0x31d/0x450
[  518.396920][T13179]  ? ref_tracker_dir_print+0x160/0x160
[  518.402216][T13179]  ? futex_wait+0x4b7/0x7e0
[  518.406561][T13179]  ? avc_policy_seqno+0x1b/0x70
[  518.411236][T13179]  ? tun_get+0xe9/0x120
[  518.415312][T13179]  tun_chr_write_iter+0x129/0x210
[  518.420178][T13179]  vfs_write+0x902/0xeb0
[  518.424254][T13179]  ? __x64_sys_prctl+0xd0/0xd0
[  518.428854][T13179]  ? file_end_write+0x1c0/0x1c0
[  518.433539][T13179]  ? __fget_files+0x2cb/0x330
[  518.438058][T13179]  ? __fdget_pos+0x204/0x390
[  518.442475][T13179]  ? ksys_write+0x77/0x2c0
[  518.446732][T13179]  ksys_write+0x199/0x2c0
[  518.450897][T13179]  ? __x64_sys_futex+0x100/0x100
[  518.455673][T13179]  ? __ia32_sys_read+0x90/0x90
[  518.460272][T13179]  ? fpregs_restore_userregs+0x130/0x290
[  518.465741][T13179]  __x64_sys_write+0x7b/0x90
[  518.470173][T13179]  do_syscall_64+0x3d/0xb0
[  518.474421][T13179]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  518.480145][T13179] RIP: 0033:0x7f5a82c7bbef
[  518.484400][T13179] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[  518.503841][T13179] RSP: 002b:00007f5a8396f090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  518.512092][T13179] RAX: ffffffffffffffda RBX: 00007f5a82db3f80 RCX: 00007f5a82c7bbef
[  518.519899][T13179] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8
[  518.527707][T13179] RBP: 00007f5a82cebff4 R08: 0000000000000000 R09: 0000000000000000
[  518.535520][T13179] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  518.543331][T13179] R13: 000000000000000b R14: 00007f5a82db3f80 R15: 00007ffeb1355e48
[  518.551152][T13179]  </TASK>
[  518.554005][T13179] Modules linked in:
[  518.557804][T13179] ---[ end trace 0000000000000000 ]---
[  518.563052][T13179] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  518.569127][T13179] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  518.588574][T13179] RSP: 0018:ffffc9000113f6c0 EFLAGS: 00010246
[  518.594462][T13179] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  518.602281][T13179] RDX: ffffc900037ca000 RSI: 0000000000000414 RDI: 0000000000000415
[  518.610087][T13179] RBP: ffffc9000113f818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  518.617885][T13179] R10: 0000000000000004 R11: ffff88811bc9a880 R12: dffffc0000000000
[  518.625712][T13179] R13: ffff888120d42780 R14: 1ffff92000227ee4 R15: 0000000000000000
[  518.633532][T13179] FS:  00007f5a8396f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  518.642289][T13179] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  518.648714][T13179] CR2: 0000000020010000 CR3: 000000013c415000 CR4: 00000000003506a0
[  518.656513][T13179] DR0: 0000000000000000 DR1: 00000000872c9164 DR2: 0000000000000000
[  518.664359][T13179] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  518.672167][T13179] Kernel panic - not syncing: Fatal exception in interrupt
[  518.679452][T13179] Kernel Offset: disabled
[  518.683585][T13179] Rebooting in 86400 seconds..