last executing test programs:

12.19672074s ago: executing program 0 (id=238):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f00000000c0)='+', 0xffffffffffffff60, 0xf405, 0x0, 0xf06)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
write$binfmt_script(r1, &(0x7f0000000100), 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
connect$inet(r0, &(0x7f0000000180), 0x10)

10.639305643s ago: executing program 0 (id=250):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010301000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="200125"], 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="20010e"], 0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_usb_connect$uac1(0x0, 0x0, 0x0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40a}}, {0x0, 0x0}]})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

7.218737234s ago: executing program 0 (id=266):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

6.869417934s ago: executing program 0 (id=268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00'], 0x1, 0x274, &(0x7f0000000000)="$eJzs3cFqE1EUBuCTNm1jNxPQlbgYcOMqNH2DQSqIASGSRV012BakCYUpBHRhu/NdfBwfwyeIIETaCSapoyC2jk2+D8IcuPnhThY5szg3OXg0PDk8PTvev/8lGo006hEX8TUiYi3Wo1Cbu9ZiM+ZdBABw13S7/azqPXC78jzrb0TE1k8rvU+VbAgAAAAAAAAAAIC/Vjr/P45olsz/r5n/B4ClYP5/+eV51t+ePr8tMv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVGc8mSST37yq3h8AcPP0fwBYPfo/AKye8UKvr4X+DwDL79X+6xdZp7PXTdNGxPDjqDfqFddiPTuOtzGIo9iJJL7F5fPBVFE/e97Z20mvNONgeD7Nn49664v5diTRLM+3i3y6mN+I7fn8biTxoDy/W5rfjCeP5/KtSOLzmziNQRzGZXaW/9BO06cvO9fyW1fvAwAAAAAAAAAAAAAAAAAAgH+hlf5Qen6/1frVepH/g98HuHa+vh4P69XeOwAAAAAAAAAAAAAAAAAAAPwvzt69P+kPBke54gaKez5VxZIUFX8xAQAAAAAAAAAAAAAAAADACpod+q16JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQndn//99eUfU9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKvhewAAAP//C57oKA==")
close_range(r2, 0xffffffffffffffff, 0x0)

6.318928041s ago: executing program 2 (id=263):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, r4})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000040)={0x0, 0x0, 0x0, r4})

5.898072907s ago: executing program 0 (id=274):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'wg2\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = dup(r0)
read$FUSE(r3, &(0x7f0000000380)={0x2020}, 0x2020)
read$FUSE(r3, &(0x7f0000004540)={0x2020}, 0x2020)

5.896536527s ago: executing program 0 (id=277):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000100))

5.879105548s ago: executing program 2 (id=278):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x20000014})
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
epoll_wait(r2, &(0x7f0000000380)=[{}], 0x2, 0x1000)

4.827294758s ago: executing program 2 (id=279):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
symlink(&(0x7f0000000000)='.\x00', 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0x22, 0x0, 0x2000e881)

4.075882092s ago: executing program 2 (id=280):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000100)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0)
ioctl$FITRIM(r1, 0x40305839, &(0x7f0000000080)={0x0, 0x0, 0x8000000})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

3.899389097s ago: executing program 2 (id=283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00'], 0x1, 0x274, &(0x7f0000000000)="$eJzs3cFqE1EUBuCTNm1jNxPQlbgYcOMqNH2DQSqIASGSRV012BakCYUpBHRhu/NdfBwfwyeIIETaCSapoyC2jk2+D8IcuPnhThY5szg3OXg0PDk8PTvev/8lGo006hEX8TUiYi3Wo1Cbu9ZiM+ZdBABw13S7/azqPXC78jzrb0TE1k8rvU+VbAgAAAAAAAAAAIC/Vjr/P45olsz/r5n/B4ClYP5/+eV51t+ePr8tMv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVGc8mSST37yq3h8AcPP0fwBYPfo/AKye8UKvr4X+DwDL79X+6xdZp7PXTdNGxPDjqDfqFddiPTuOtzGIo9iJJL7F5fPBVFE/e97Z20mvNONgeD7Nn49664v5diTRLM+3i3y6mN+I7fn8biTxoDy/W5rfjCeP5/KtSOLzmziNQRzGZXaW/9BO06cvO9fyW1fvAwAAAAAAAAAAAAAAAAAAgH+hlf5Qen6/1frVepH/g98HuHa+vh4P69XeOwAAAAAAAAAAAAAAAAAAAPwvzt69P+kPBke54gaKez5VxZIUFX8xAQAAAAAAAAAAAAAAAADACpod+q16JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQndn//99eUfU9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKvhewAAAP//C57oKA==")
close_range(r2, 0xffffffffffffffff, 0x0)

3.854126881s ago: executing program 3 (id=285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
unshare(0x60480)
ioctl$UI_ABS_SETUP(r2, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r2, &(0x7f0000001140)={'syz1\x00', {0x0, 0x80}, 0x0, [0x7fffffff, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x80000001], [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}, 0x45c)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r2, 0x5501)

3.084546827s ago: executing program 3 (id=287):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, r4})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000040)={0x0, 0x0, 0x0, r4})

2.762949994s ago: executing program 3 (id=291):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@barrier}, {@jqfmt_vfsold}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x10}}, {@journal_dev={'journal_dev', 0x3d, 0xd}}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000001f80)=ANY=[@ANYBLOB="757466383d312c757466383d312c757466383d312c636f646570cbea5f7d0d31453d43dbb3cc5d72b26167653d3835302c73686f72746e616d653d77696e6e742c616e695f786c6174653d302c73686fb710bac372746e616d653d77696e39352c73686f72746e616d653d77696e39352c726f6469722c6e6f6e756d7461696c3d302c696f636861727365743d63703835372c73686f72746e616d653d77696e6e742c757466383d302c696f636861767365743d6370313235302c696f636861727365743d6d616363656c7469c76179f96f8aaf8f3b32ed620aa44f31029d1ec6d58f7acc372590400bbda5fdf197b0"], 0x1, 0x2b7, &(0x7f0000000a40)="$eJzs3c9qY1UcB/DfTdPkqmCycCWKF3ThapjOE6RIBwazUrJQFypOB2QShA4U/INxQBBcuXHpA4ggzM6XcOMb+ACCO7soHLnJvU1ak9QLTeufz2fT03PO957fzblp6SKn770weXi/iAePP/s18jyL1iAGcZJFP1pR+yLOGXwTAMC/2UnK4/c01ySXRUS+vbIAgC06SanZ7/8nWy8JANiyN996+/X94fDgjaLI4+7kq+NR+Zd9+XU+vv8gPoxxHMbt6MVpRDozb99NKU3bRakfr0ymx6MyOXn35+r6+79FzPJ70Yv+rOt8/t7wYK+YW8pPyzqertYflPk70YvnVqx/b3hwZ0U+Rp149eWl+m9FL375ID6KcdyfFbHIf75XFK+lb//49J2yvDKfTY9H3dm8hbRzzVsDAAAAAAAAAAAAAAAAAAAAAMB/2K3q7JxuzM7vKbuq83d2TstvdqOo9c+fzzPPZ/WFLpwPNE3xXX2+zu2iKFI1cZFvx/PtaN/MXQMAAAAAAAAAAAAAAAAAAMA/y6OPP3n4/nh8eHQljfo0gPpj/c2v82SWGiz1vBSbU93FWq2quWGJ2PmympNFbKynvIkrelkuazy1ruYffmx6wfzyObvlWvm6OeUWNly03u6lnqh7stWvYfdscl4/JD/VPSml1Im/uXpn3VBq9Ph1Vg71Gm9l55lZY7phTmTrCvv6xcX7shrKLt5FJyKr3mUX47tVI9btYN7oef7rz4rMaR0AAAAAAAAAAAAAAAAAALBViw/9rhh8vDHaSt2tlQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA12rx//8bNKZV+PDo+2cvmdyJo0c3fIsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8D/wZAAD//1lbV6k=")
getdents64(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x401, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x2046022, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xc8000, 0x129)

2.440332942s ago: executing program 1 (id=295):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
symlink(&(0x7f0000000000)='.\x00', 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0x22, 0x0, 0x2000e881)

2.422843563s ago: executing program 3 (id=296):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000100)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0)
ioctl$FITRIM(r1, 0x40305839, &(0x7f0000000080)={0x0, 0x0, 0x8000000})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

2.09904208s ago: executing program 3 (id=297):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x14, 0x1, 0x8, 0x101}, 0x14}}, 0x0)

2.008324238s ago: executing program 2 (id=299):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)

1.531476619s ago: executing program 1 (id=298):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
close(r0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_io_uring_setup(0x1526, &(0x7f0000000100), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x4c02, &(0x7f0000000140))
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0x1, 0x3)

1.530915989s ago: executing program 4 (id=300):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.456268576s ago: executing program 3 (id=301):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010301000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="200125"], 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="20010e"], 0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_usb_connect$uac1(0x0, 0x0, 0x0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x40a}}, {0x0, 0x0}]})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.455715196s ago: executing program 4 (id=303):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000380)={0x50, 0x0, r3}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000002140)="a8698fe7c840998ff296b8001083e08d47cea0b5f5f1d62a6ba00c56a0c7171b20205ff3584fc355d27b14eecab7f12ad31242e982fb39b2743e97a2fc6ef560628457aa60837cb3a82d524d5caf117589c672270bf81f62c59472b483f2611fccddc7e33bf672b042e6709191976c6e9b5e972b810283e6b0fc9397d6cfecc0a8d185070efa26b5f303e6d6f044724e6e8a06649fbc5386996890d81987967aee5b6d6c44b4227237dea6b294a61de053bc506515a72c42bc4f94d0dd6bc3ab26864e5a4bbff035d710fc1577fb49f54030f1b53ac978447740c20a124afe33a0bbe2453a3a7f8eeb6ae566d1ebb17181e275c76f687b003d5237d5005ce73c184233ca8a9602d6636302cf562104a968be14bb18a1b4a2e218af0f2ea71a14bfae6ddbed7aa920110602bfd51a5cb2250c54ca9b14e40dbea16326b331e33d4eba3553405901cedcbbc1fdb615359eba07771e56ef6acc517728df5f84c3d014fd273e9d89df12869cd21dc1d1515c064ff3dba3b6c8440b78c3c4dad9eb09333ba216b3d6d8babdc59d347e09d25cba13b1a691921a756d4e0f935a216293214b50339552a8a2fc4ef5b5513916c152004a2219f6052a74263b8d216c6cd2c84cff6d3e5ab8a2f0f2800c6974f31bd1dbbcfc3d014f31a7f9846c43521c23b96d6e2c7cc2bd5dc1749dd004ce2ee9c4e2638b0b5033a9e188f537b0c26a82612504b2af4e26ea39c743ef3a459162e4fddfaad79b85044d88d94774a50963114ab30d22ddda2b47ea713157bd770f4bdd0f9b829e6d44637b5a417c8880b62cfa51ade109a13e4906d86619252724f0bd8ba90f02154725470f144e3942de0749ee3f5eef7f5d63097739623f110a9eb4b21d2f74b34bb392f373e4d8ec727d65424b2b660c9abf1f668d7ccb04be1b76242412ed884df954679aa3746a34e011bd122a0d46c3a3bf9b6b436c96eb5993735b2cb4b56d376f0278a7b259e29f19e385198ba64810e5b8cc258edb07306077806fc241699f838a57db56359cec57e2cbf664b642348ecf74b0b5a08badc0d10ee9d04857c5524cb6589b481c44324ea73f2dc26a87883b89decea3bd3fb28a1959db90e239cd98215bfdf0b7e932582a6ac7d15c154a9e5143be9a499402ffeed79b21516c09f5837b55f118ca2d224ad6022c58af48e12c2d2dfa0299a2c2c0165d09de9180dbd9c201623f672387154011d878ab2817663553e3ab9c1c0507e0129261751318a6e07d54d1b90c90a097d994c551b552c88d418b127ed130de600f74ca3c23451abf5f09537851ca657e14bc6409bb511eafd812253b582f130294da973acb9efbef063daae980d211e40bc73c0a098cc349f90e5f3292f4873ce1cfb1c0d3aa92a510970f43d2772b57487cfe2e3cb70861aeb3efaf9efe735d10d9249043212a961348c1d7fdf36660927245a5bb079def6e5c9a1d8f54689e45573790c2155df64aa06c093e1fc974127e80d5b9da02954e18c292a52f962bb9f8785599b7e1a35fe153b6022f7bb195f8e3c609dafa52aa3eb6fb2eb82d9a09ab0de0a47f92ee97b05b279e55720e3c4743a6d56f151e5363473d46ce5fb1c5162601856f8c0b3eb7f4f5502928e4bb3ed94ce7446f64578c9faec8a8133e041df740acf6ce510ef7b70dcf7f12e7024ebdd115895f40e684f91003fad967935be2ac19cfa057f2b61a6e2a988e0381f23ea1b204013b0111db5f9b9d018598577acefd7c719b366b8bc575de20ee497c8ed02760275ea9ceb38568f78919df95765296d75a7ccce394016cb02881a3d37de32caf64972cfea2554a591f1b1600a9b5a834af504851fcb400156df3448d671c488e3aebd152d0cc81bf8e8bb57b1d045f11b558cbea0519757025fae2fc2d06250e689743eb8f138711194bfaecbe3512bf32959bc683e84ad6f85b5d7333961c2e5d609255ef0db2b8af4d9f1f80103ff6cb130e0b4d7a9570382683222b709fd6b34aa5884bf7f43e00c4060daae2426bc0c5557057ccd1127e156b5dcd4022d823fc4b10905ad08f956ff0e1e03eadee4b60a325ec1d97193beb3f0c060ac37f05f33a9d5336743178a195e36751b959e47e8fd3cbe8ef3b35da1a5da92f21c50ab22649e95df6533f306314b8b216421f8767fd460550cd759dd6449e31a4b587338ff11eec3080b2bd5c3b0e4882289f6bd4d6e722275c3e2be2520ab3416c7ea85fa8838fa988524fc2f64e3ac7db344b83e095a343ad16d607b4aa5abc6872640cba99a317e8ce36d4068d712850a47be005c28c07ee71abbe40927a3db0afa1f235e3133cb2743db39404f6ab7925a800fe5e2e2d7b2cc1cb20f53aeb418c1a2cd19ef2a92b9cf21ffb78c5278179132cf93e4e266fef95bce9d3b4bd3cbd6a030b6b8684fead87c1793e72c0b4c7baaca7372faf429ed2b73387b5aec20d9fc4ea6232ebf6cb0101660d8c7a4f8b44aa2f92a3609c1634df6e304e9629bd3c0b2e829490037a3af8129e5526ef1618aade56b9dc083a417f21e5ce3b7582060b610d4a002a3508f9b8f0b700440c79eaaa604984bf8334af9adcc04d8463a17db03683c029e1d6835d210730b308b413eb6ef86dc9769bcb51c6769bee39de193666fd9acdc7f66b7d07403117e43f47a0bc06544069720951eaba218ce8d07a825b0ce5270988ab67f53aaeec00f8f3eeeae428aaa5b8cb1bb14c85e664f7fad1cbe0edbb06e23ce924554ba09a570531ea1363cf257eee4c029ed38f18bdfebb0cc65f40bbe9827b1fe573efd1583187f3b55c7c5a0afbf40f5aa01e145a109bb5e9e75e8f3df23744c6ac79d61baa1164f8a3241d4e232dd6ad622d9a31ccf52686e261601c41895172b957ee12ac62fb53a70e18e597c553c02e49eb62283b39264971782b225f5f92bd87d6252bf87ea5643b167414ffc3b437053747163de0d47bfd60181817ec961a3202f374489826bff503fc342c8c42cd3a662efefd48644cacf9d9af8403ddb8bb75a1db603bb7cb106a9d3a0aafabf5b94a7430658ded8606fdc5ad179a6de2c0f8bca762a482682353ecdbb61b37a62c955fa0767d936d7af967ae19557827b931e7d78f740f8e04920e97e644e0bdbe04a6129fd502fc3105f9847bbe2aee780bf8c2c04814b5d1eb7a2914f55d962391c48e159a3068d0ba0d9fffeabbd3c5c614586fcae265131f5b5ee7722f08389402ed49030e233f163c4a9bf2fe2edb40c62a0b444df6d1f71d06143d0eaf77c2f21e18e87f515496d95ed5371375f5049809606ae868e8432f5faa150d55ca279a108e2a699c2f3c17da228c3d04c249e176a9e1417191313f87486683bfd76e0d22f6dc28293a2ffc0ed382b232e452100d54b7246c86ee78fa94523f523ac18102e9ab3be1001863552bc2aff00232341e90af12ac093bad608ad8e7f14662756cdde565ab4afad649fdbe4beaaee1a84b0e6feb5ce315c5b9758ff16660984b1e3e8d0fdc55fafd8c9e2776f8a2fd4b47cea52a4266a40e4a6f35dfb7d648857a1dcd2d3bbf5a97e11f4ea34a961b84b278fac3db0d898528514b6fa237bcc0e6244fb79d6bf65c45833cbed0a2909934d85c67dd48be04894c39c58e46993f8237d1a48db2bb799826fab1fe81cff37a11ce45fcac5f91ce6d2fd83189501434be495147f8263566a471c2872be6d1ab7587cd8db97e5f45b1cfee6a9ef315d79d30c3a2d2ae72c9d9bb20daaeea1b701d4a8437411fc6c26193b0fc1e477b4c467b0096e5b210d85a270fc72860ed79808e0f77f7742d6318dff9b4274a4972ff652a0f0c22533f00000019f339d7be0503a55aaf462e02d63f8b8651dddfa69373bb9856bdc549bc5248acdc0274ab5af5582047f235083b4a1d2f42162eb1d4bb2b31402c5126e4dc18a0af93f0e71fa036518eab354dfd56f5d0dff6bcfb300b673dd575389f7ec97329d31f94505a34ddbc307a8d428963f97cd548a2380ada5998e24243804777283d993f5bffca4b8775782ce58d8e8390d590455d0914413616b7b9fe90b929029ef89ea983fea1af656653841dd8d479fa1b2ed31baf83aa0da4f6c8fb37affecaab651d211cea279599f0b58707e86a979da10833599d9bd8cd1b7e9cfa7509a600b650dbb62fe3e8d91411baee677dd9eec3707ca3ea2a3fb30f4f4fef55e3bbfe09c0f25340d7bc414ca99b2bcfdfca87015cce9b2e2cdf8aab550185897270d862eb345db7df4286cfb85a9cfba5826d5d045d5696d75838ab4760caea3a20617734bf61e667356cee8cdbfecccd5f022500cecc844b804b65f5320b4841a4b18841cb6a1c684b539a2eae2f6f30d4c21f3dd3de6a1032b62d062c6a005c9b7a218f70de341dbf3cf18cb2b6262eff861eb979ccf88746cf100e04dc31cd26f115f8d504d71c43a03ce250dc29cb3a5bb984cdd3b63e1b5bc399075997a41b8bb463ab781661f2cba9801534fd3e4563eae755f2c077da501289dc81b9e6ec66911b1a019e9a48385feaebcbd2a792f615ea0f250876dc0e0f7bb62bb0eea9bfbf6fe5037178e4bd1354011edec082ae14e15e2317e3a96bb31682574baa8eb4a27179181f656efe516db695358690b754ae31af5e4dc5f497a81281abc3cee25ad685ec660dcecd650f603fc39f626aabea34248cf67457bfb3d9fbf1e5c199dae306d272dffbc77a68cc7297cf9282912ed53e26b5bf0918e4eb01771c0cd637ca97c9368a5825ec364277872f9eb2a9d3642b09655eeb8e17718fcfc6de927705d919024916f2055e0b5ad201ac1dad1029e16b15f2b9d8dc60194f539f5af00adf01b1726e95e906226b53137a642ded6d86d1af43340e2ac88c5d3bd784beeab2a07a36f00736a01760118f7731c49a305b37b5510137efa315ce719f319f99e8b0d46ddc30922c548aa4ab0ad793da1e69ad7f1cda860e8bb11da86ce7cc35fe484aad7c9a213b1d6ac1e3472fbdd6ca17b4f8338a7ced682c9edc8746082f6561924727d90651967aff85b19153d67a6f16a6c1de1db5ffb6237f9d6c2b9d3e74fb4837c0015bdfa8dbbb6dc2f5a87e34ff5169a61c7ced56e508a7f46dc58c8c1d683c8ec27380e7a6fa896ada95212da08fc3036c4c002cb1a89116e668344a933fd14c786a163d5d2ec9039345d25d6583957be83869549b76b3355e787b4649b7698ce7870cd04a2315be98c3e84a12e4299c9c167022c7ee8e9bf49ecba1a490ec35c1c1e0eeba5cc2f53e38b6aa28c00501153a7c492d38808c2a999e07787b558ee387cccce009cc59b56d6c9eefefc9a0c99a86eb2ec036bf3a3e5335caa04ac55b9b4389ef620c57ce2128bec024fe8f23fdbcd751ae49d84bd7d769b1fc30927468b93ad331d29c3118546dd76f553754bc7c4669a845700038daece7fb64d4321ed4dd77a52eb14e89c05557a5b4ebd683b22a536a7010336fc19e9a6e50ba14d31222dc75c0fba29f74eadae35dd337d4f52caa75dce4405f81883b6f5c2912cd8cc4cc14123c001a8cc04107969100516608231ec7a3e79918453c604a10e3b5ab01232ef9446333b6a2fb08c18170d78883ec57f94c892f8d1fd56b0915d3de8df85266a0386e58cad506027c7b4c3350b0b598ef39fb1751b9f43eb30b5f218a4e4bda562d9d537b0a1d6a342e6a44a11b207f64bc63956f1d115e84b3a6ec05d9ffa92463aca8c524e50ed559f02327a1c4c6e6cb4181c2a2f4b02b342f3a5dce66c9df0e737b330f1e02fe6782187e88ab7362723519c828dab49fe864a84621f17380d84b1fa1876b04d5eae3becff186e38dfbe64cd10b02d43fd526f4ee740d9a9a2de6fe867596cdf8cda87dffb1ff63bcc82b0700073102bc6424cd4ff4b25b0730bbbacf982efc4d7ade1283b04469813dd93f8f880978c897eddff942c391e1bc4b66ce1796a507668dd00b900acb226709f0c0d40b379783f4f1ba2f7d76c1d4e2aa5d2daf986f7562d40b3fa0e37c87a0a3a35d14d84ff4e56371adde7f9c827fce74b63c8aba9b44c97631c5fe0fb4a51999c4c286f71cb57614eb3f353dfc7f4cdf82013afb20c9160fccc88e441902784969b5d243971ad012e2fd86bc2503f82beb63fab1416fab838b07e6550aa81183ac8a7390e2ee4ee55e9178cc18dfa1b8b818a4546882eb9375e12832bb179f556b28b6ca30852747be53923a5c1d0e0a9230006462d2e3cb40225773e504be673772c6606c3661b7d2e3d200ede07f75d776873a1120a114b89df7cc086895a7b69392d18098b2effa55721bcfc79a95e72dbd639f1b9f0a4dac34a1152b0c046885e7601c39a0f3e806cac7c4067ddb9bb7680acf58ea1d64a55a5b01346333999d0cc28243ee99d753b21f7da22d64e565ab6a4f454b6b95cba622831c9713b116869b9e50efca995fbe4373e85cbb95cd830868ef3efa01423982c62c0d6cb4ed0a50ceff560e613369c6b372cc4e506b314e8fca6a81c77aecbfb83c54b1202a1606116305face655d14f35d231ca016bfa2fa268f6a05def53430ad4fbfc9169d57fa5588c4931e068cdf63ddc33b79fd0fba54adc80c853a5e7cdde0b1ff435c35939c2fb132090265e66138cd8639702ee285b4e9634545443607a9a84f8c15709eb967c2062b1dd01827091d12bb697db53f68a375dee36e021c99a698bc6d928a930a1418e746628813b2829a367eb408993851f24cc393f2cc07840c9e73cd2f9ca7ded0bfac8a17bc03fc6195eb86a094c69edd41d5f0f9bd31b56d5d2e43572f3f8d2f26ad626ee9eaafaa571ded286e5c80d56581254c64a930c6cd6506fd59aa6e7878040d6471893a1b4d5c80b2a20a95af45b0f0665616296229bb2633f33c185f47176e3f86b10aedaae4b24adad936c0cc7512b90cf7e7de270edb58713b7ba93a1cf2b47d8cd1c00411bd201064558d21631f8e57ad46780ebd942a8b668fc692415f617408cb14faf49ea43f20bbb8185f0c0df8e4e457faca531d316a127bdc125e24d8c061c0f4e07ef38a4ddca42e5ed9e8b77d7545c8859a02dd8726f708183f8b11272bd79920cf646d5f4b37705b2c67467be9f46096eaea79510b34c54db1747241dffb94d984edd0b1607bc88cb4f3ad63ba90f4676c1e5383c1f4505da4b7945219e32ac1cd5ef7398c3a63c8c28e7bed523491b83a27c86245879f2c462cca3f45e82fd8345ee7770e13d3d30641c8a523d8270fdec3a03be1e962642d9394bafb8f0e930a6b7f5ed1e405699b8ad69a6221744582033aa473967e10e9fa16c78db5612f76cb966b3dbee2bde31ec1e941becb54e0bd771fc688f6e716925aa5fdb2aa5c4d5f950c2e0ab252fa9cb52528f52a000501a93aee20152c526a301585fb169cc57aac9b6ff17110420b73978a785d4bdad47b4ee0fbaabb3e3cc57ab9ef43d740eeafa693ab3266941c6bc2266e33ceb46c941e92543ad5428d9f140223658f796f9e53b5507a0983b81d1a916b1104783e5493b78c9999a4dcfdca7675f9711cab87f7f99fd7be5fc1513bead550bd4c61690b527481c650d540fe8888b245c0d35f1a55914a321f13344f4be45cfc07d106c547cec05debc344c506b8c3adb0728a3f1923be535eeac5492758bd51ea3aab0d8df79168d885748644ba3f616ef15fba79d818a45c4da4478e5a1a682cd07505e3b5c2ef2255a8fc058e1a4c0683c70ccf0b38e74e6ca88408266dd090409bad6c75212192804dc013d3dadc4ae0dae0fabb9627e65f6218f3ad09f2f436b52844aa0d63c5bf9845588e8a1b6ceb38d0dc025eca4995e90cf3c7acd801cc543f6c26ed92c8082537d72063d173f48c4fd7aab447e33a72836bfcedb8acaadab1ce9162d82e5b797fda854c90f7028c3137e6ea72815b5a73103efb9474fa32adef02b8174a71e87c1283f52021b9c1b443c2d0ad2d97512af2e91e9d302a246b4f1adefba69155144ae0bde1ead8826641105b74519826fe55fb2030cc04f64c336980620bf23dde2d521a8ab0e1743848f1bf53f75373c7bbd57279893754a44119055fd1278cea2fbd324ec614488419b789c931ebfacbd42c9ef910a7bfa9f53170667ae227a31316b9783c109e6d9172debdac681bb0e287185ddf85854d7679cb8022fd26efcd55dc80be8ba2f3e62668f18186a9d90324e36ad8e30bff59d2e9745ca43be7be9e24fa3896d883491f79e72e7e2e4e2d012169d21c2e7b70edd707b1144ff87e8299b232594549a340a1a5e4a2f303f738d1266473516d2ce1a128af47d6136254163c8224a0c65921684d33b6330eea4551aa8cb6d853097d98123accab534d5878970dcf7dd9bbc92461b4c4ace67f5ce435203e6b39f2dba9ff504e639d744e6c3ddb53fcefec0b28df235c2e27b37d0f66ec19edc6acc9b710293851fb4f6d1b324de851aa368c4c25720676d8cf8cba3a1fcdda9053d915758c76b0018398da4f6c9ae6d8ccb384ce51402b4ffcd168a4b2e81e2c6423dbb74221ee5f6a21e9874f3f3fff268e1e28cec744b449e8bd0951349186a9a9168a462982ae681e70eaed9ff0da0a91ba37e10428440e2b6fb53ad34445f86b400b687c3e412107de6c49adfd29370714be66132c43a588748ee9e88189f4b1a366657ce74b9281533e129d432d6f8aaceabe9953cadb0f2c1808d7630dec47b4305559ed0a2f4e17c49e1906b0febec47b4dad5017503b112441e8804c6b1ea252bd2d44876ccbecdc37ac70a21fdc4d2a5baac174db70e3e1370e01ebf1a42272500cd840aaa99d3120adcd30897d76e4a77a6244e46e0b4b5d7153a0c41487f3b7c71ac1b88c6da412a2331ba0ae4d660db37505fca4c8a75362e71a424c168fc18e1e58a1175b18852620661d2476d20ab5e8a935dd9b72bea4e481182ceef04f5ab274727c37841d99b8aa3d3272487540f457db07178091ad49e50b7bf8351909a83c5bc8a3abc5d941d6b8d628ed74832c21c93a65bef1cefb74a2038737bb8d03fa998208331a8cdb67b05ca225ed0e56eb6f76ec2c221d9c9d0059ff098efa801168000964aee15aac2c652fe2ae84a71a0c51b7eae1cc95779dd5c576909ca5ce99e9ee437d8732238c0dc386f5b0313bbf3ef2504f881a9c84c005fc7232be24c8f1ac6505d8d45b0d5af15628841bc385fc532ae8f900d7ae218fb1b152cdaf9d5c06191ada4b0f6ae9763cb763ae991d9dc28de27edb25f649ae9eb57150e95469e1a4fb4f52d3266a2c3aecefb5d2d6b17d483172edcd2fd5349f0b5cb038175110e85b0f4e1a0e645160f6c63381002cb75751f7290c8452a7febf264278f0b556831b78851598904a49754558a40dc36c5594e305a5f9938e6a0e63e39742b3c1b4fe30cd2102c12c55fe00424de2568b5a67ab138411c7e7e94f70bdbf09df60dacc12f7a72eba90e10eb73f8f3cd7b54438f32653186c71975fedc5c822ebbd0197dff5cc7eb2942c8abde04b570e77d72cfe1126d430732903dcfcc4bd137c05ee93b58a2730abc496c6fc9a34f509b43d69e5c1a3c18b47af168f4a129dc1f243eea9fe95739ddc5e02691eebae8147019b27b72e0c3b3469fcea1a65097af93a5220fa024474094976e52b5a374a18b2fc3b437748dd7c46c42f607c74e39ef5ffa3764aa6badc1a6da195a6239c6d5aafb0122f955708281087ec0d6ed0caf98413cabbd2b9b5b1342b3e1cb85caae60292c861af200bd7939efabb69dbf27cb44a23ca6f669820f70d1975de267f58e2b2e64ef0b17bb0b074b5c91adba8f3205650b783105d2a43c798c72160f28715f7032226efaaeab6f39a57e0837a1d7ac9df2a4059e51b8b0e8f0387aaaecf925398d006e94fb98db879cd5f4192640866c283775561375ac76b3aaa3f9e228b30b6e327393abe17d7659a3d5ab89598161127d2a43acb57319c9cc987a2bed86546d45be92d7904d10307d9f2fecf33bfb3c4f29331e49b38a959585ac98254efa4bb0841e63b079bae1d069d50f08758489e699f06016188b55ccf9ecb97f6d75198d9576c2ee81d3ef1ac3db748a6bf1afba6d10f6bd6a9a589cffbb348d4aa091369706e26011e80a8fd5d57fa38d6b8328de90cfb8d6675ac39b10d646a8179f9ff0f71f5d030246a85c6828fa7fdc04a9f51a742e33175e181712da01d2cdba35f82cf836cbcb84e1da57b6a0c2a90946c7065f0425b015ec436175e2220c273b8aa6848fe235142c43ca8df9db45659fc5ce84ffcda9ad058b9a83e778d77896a60a4d1f51ad14b9b840cb11a325e70740847f1fea6143d4f8193abbceb2e7d98690328911f538759ca1e81b4a5e4f8688774eb594f28117fb11efde05a94e4371b960ee05ff5bdd55d485c38de17d566ccd7ac38a1cfa427badbb9d648fb0a29b04f1d90ac9a521dc1e1ba40f46cc436b6b66e980608ed73f43e536f5ded2637da3b0b56f00faf03c9350669cfac4e8873b9e50c2d78b7f3160f54367c4e01100a30d12beee2e98fd8a70d07e1cc20b3db2adf9766d74806f320313fb92c56a2a879b7c9d03fe3b24b6ab1b3e8e8ad5c153303afabd871aac88b7efdd48c3fb47848f98e3d176a3ab6b3cca846ea32d950cb605517982f6844958b928302470a780d98c4b1a4b5ab01adc895c844fb9ac78ae8998de1f2ab8d0b21a81e5585601ef2fee598fef5c0ca9f0d749c156ed77d858f372023db32079ab1d44d75eae1b74101a3d31c885211152664a2dd0b3a9952f1d64c9a9ffd7480d48ceec13e0fa18bee849e3b0dffe05073cfe76fcdae647ca64e2c4864d9c080ba1f86c9c7ae632fbb3f9c0de1df72c372122321dfb969bed743ff4a6809cd4b8af60d8bb48f6fafc080bb4a7e55430796ad7e1ab7a0170b9259e14ab2875a6f9de4597aa5781f0a12fcd6588485be3bc6f15ab5d228b1144f616f5a0fde66943e5cbdfb511dca3c35222f53d6ce02c3c354b5071929c174d65f03e9501c481b1e4d223fe9424b469b907a821ef6ead43c8852cea298b1baf1ca39932526d9a1cbf5706ba47d694bf6a451dbff9727f8184c38b3c2f6c50f3459e6f7c32bd829c12d370fcd1940c583b28863e718dbe737662aa67147c9073ddb3ea47442fb4f8cb3db2c486cde6a480ba798362309269b06eb5f36465692899599db8b8f928b0d5ffd650737b18c0dc6a2b4a22ff842355f047f314f224e890a67ad8d92fe6fa4cca60859fa50779f3639bd20c6522a84680de3f181671ce762505f723930fddddea9884468f0349c3ef43468746914af91511db05b2e8ea31804c3cb78c411ab23df80edac64bd6a40711e5ed9146dfd0e090c84c4d6af48629ae746eddd57f93fa2b718245992a0c441ed7828c35522ff1943f2c46c2ade0267c28811171c13f6b5a9704b126884c10a1c4671908b55b3dd1dc8b9b16dfaa17dc286c723a5f5edd878673b3ebe9d7170513179dea4d1081869e81ee4a01a9b4bb8cb2cae6679bb6871b1e95462cbef80f35076efc3e554f8d7c60ff6c704d5ec9a44c42f2bceb95c71bf5538557722948e9b552ea000a9756c3d84bc40c32ee97de6a9c9", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x60, 0x0, 0x3, {{0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, 0x8}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

543.237563ms ago: executing program 1 (id=305):
r0 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @auto=[0x0, 0x39, 0x0, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x32, 0x0, 0x65, 0x39, 0x0, 0x63]}, &(0x7f0000000480)={0x0, "6035ae1e0fe721440500322203930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1abb01c103a4c600040000380000011d00"}, 0x48, 0xfffffffffffffffd)
fsopen(0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
keyctl$KEYCTL_MOVE(0x4, r2, r1, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r0, r0, 0x0, 0x0)

538.048434ms ago: executing program 4 (id=306):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x800081}, 0x10}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000001c0)=0x10000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

483.414809ms ago: executing program 1 (id=307):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x63)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0xe8}}, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c9], 0x0, 0x2c0710})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

482.602699ms ago: executing program 4 (id=308):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x3)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000500)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x94}}}}}}, 0x0)

463.66063ms ago: executing program 4 (id=309):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x66)

446.805852ms ago: executing program 1 (id=310):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')

384.89µs ago: executing program 1 (id=311):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r3}, 0x10)
write$cgroup_int(r2, &(0x7f0000000200), 0x43451)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r5}, 0x10)
write$cgroup_int(r4, &(0x7f0000000200), 0x43451)

0s ago: executing program 4 (id=312):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
symlink(&(0x7f0000000000)='.\x00', 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$nfc_llcp(r2, 0x6, 0x22, 0x0, 0x2000e881)

kernel console output (not intermixed with test programs):

 Invalid inode table block 0 in block_group 0
[   33.899271][  T291] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   33.909283][  T697] syz.1.136[697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   33.909348][  T697] syz.1.136[697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   33.928818][  T291] EXT4-fs error (device loop4): ext4_quota_off:6476: inode #3: comm syz-executor: mark_inode_dirty error
[   33.939458][  T691] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,inode_readahead_blks=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,delalloc,acl,max_dir_size_kb=0x0000000000000005,,errors=continue. Quota mode: none.
[   33.978282][  T291] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[   33.996197][  T688] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'.
[   34.005279][  T291] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   34.028346][  T689] loop2: detected capacity change from 0 to 32768
[   34.047391][  T291] EXT4-fs error (device loop4): ext4_quota_off:6476: inode #4: comm syz-executor: mark_inode_dirty error
[   34.068963][  T689]  loop2: p1 p3 < p5 p6 >
[   34.078762][  T689] loop2: p6 start 688167680 is beyond EOD, truncated
[   34.111828][  T705] loop0: detected capacity change from 0 to 256
[   34.129429][  T707] loop1: detected capacity change from 0 to 128
[   34.137688][  T705] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   34.196229][  T373] udevd[373]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   34.199675][  T707] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   34.210507][  T374] udevd[374]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[   34.217314][  T358] udevd[358]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   34.248531][  T707] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038 (0x7fffffff)
[   34.323808][  T720] loop0: detected capacity change from 0 to 128
[   34.339614][  T707] EXT4-fs error (device loop1): dx_make_map:1327: inode #2: block 20: comm syz.1.138: bad entry in directory: inode out of bounds - offset=792, inode=1633771873, rec_len=220, size=1012 fake=0
[   34.343201][  T720] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   34.358833][  T707] EXT4-fs error (device loop1) in do_split:2092: Corrupt filesystem
[   34.368952][  T720] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038 (0x7fffffff)
[   34.385848][  T707] EXT4-fs error (device loop1): dx_make_map:1327: inode #2: block 20: comm syz.1.138: bad entry in directory: inode out of bounds - offset=792, inode=1633771873, rec_len=220, size=1012 fake=0
[   34.407610][  T707] EXT4-fs error (device loop1) in do_split:2092: Corrupt filesystem
[   34.421912][  T714] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.422564][  T504] EXT4-fs error (device loop1): htree_dirblock_to_tree:1111: inode #2: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=1816, inode=1633771873, rec_len=220, size=1024 fake=0
[   34.449678][  T714] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.450498][  T504] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /24/file1/lost+found: directory fails checksum at offset 0
[   34.457032][  T714] device bridge_slave_0 entered promiscuous mode
[   34.471688][  T504] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /24/file1/lost+found: directory fails checksum at offset 1024
[   34.492537][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.500183][  T714] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.508696][  T504] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /24/file1/lost+found: directory fails checksum at offset 3072
[   34.530054][  T720] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   34.530246][  T504] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /24/file1/lost+found: directory fails checksum at offset 5120
[   34.541631][  T714] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.553247][  T504] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /24/file1/lost+found: directory fails checksum at offset 8192
[   34.575162][  T720] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   34.576132][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.599662][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.616203][  T714] device bridge_slave_1 entered promiscuous mode
[   34.617118][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.623513][  T731] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[   34.639533][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.667165][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.684218][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.714915][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.733617][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.750465][  T504] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   34.803185][  T737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'.
[   34.875261][  T741] loop3: detected capacity change from 0 to 256
[   34.882080][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   34.892318][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.904217][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   34.912586][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.920795][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.927671][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.940425][  T741] FAT-fs (loop3): Directory bread(block 64) failed
[   34.946871][  T741] FAT-fs (loop3): Directory bread(block 65) failed
[   34.953538][  T741] FAT-fs (loop3): Directory bread(block 66) failed
[   34.960427][  T741] FAT-fs (loop3): Directory bread(block 67) failed
[   34.966868][  T741] FAT-fs (loop3): Directory bread(block 68) failed
[   34.974062][  T741] FAT-fs (loop3): Directory bread(block 69) failed
[   34.978454][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   34.980780][  T741] FAT-fs (loop3): Directory bread(block 70) failed
[   34.992409][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   34.994287][  T741] FAT-fs (loop3): Directory bread(block 71) failed
[   35.002196][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   35.016208][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.017266][  T741] FAT-fs (loop3): Directory bread(block 72) failed
[   35.023068][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.036054][  T714] device veth0_vlan entered promiscuous mode
[   35.042546][  T741] FAT-fs (loop3): Directory bread(block 73) failed
[   35.057147][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.077708][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.100656][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.109936][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.117357][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   35.137019][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   35.145667][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   35.172013][  T714] device veth1_macvtap entered promiscuous mode
[   35.190889][  T755] loop3: detected capacity change from 0 to 512
[   35.205831][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   35.227184][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   35.228839][  T755] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.157: Failed to acquire dquot type 0
[   35.246713][  T755] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.157: Failed to acquire dquot type 0
[   35.259265][  T755] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.157: Failed to acquire dquot type 0
[   35.293850][  T755] EXT4-fs (loop3): 1 orphan inode deleted
[   35.300073][  T755] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   35.311237][  T755] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038 (0x7fffffff)
[   35.377201][  T769] loop4: detected capacity change from 0 to 512
[   35.378696][  T755] tipc: Started in network mode
[   35.389632][  T755] tipc: Node identity 4a4f2466e6a7, cluster identity 4711
[   35.396643][  T755] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   35.407127][  T750] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.415183][  T750] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.422984][  T750] device bridge_slave_0 entered promiscuous mode
[   35.436243][  T773] loop0: detected capacity change from 0 to 512
[   35.459083][  T769] EXT4-fs (loop4): Test dummy encryption mode enabled
[   35.466038][  T750] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.481249][  T750] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.490635][  T750] device bridge_slave_1 entered promiscuous mode
[   35.500302][  T773] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.163: casefold flag without casefold feature
[   35.513189][  T752] tipc: Resetting bearer <eth:syzkaller0>
[   35.513223][  T769] EXT4-fs error (device loop4): ext4_fill_super:4831: inode #2: comm syz.4.142: casefold flag without casefold feature
[   35.523331][  T773] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.163: missing EA_INODE flag
[   35.542475][  T773] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.163: error while reading EA inode 2 err=-117
[   35.552026][  T769] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   35.564344][  T773] EXT4-fs (loop0): 1 orphan inode deleted
[   35.571125][  T752] tipc: Disabling bearer <eth:syzkaller0>
[   35.579757][  T769] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue. Quota mode: none.
[   35.579954][  T773] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   35.653173][  T769] syz.4.142[769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.653244][  T769] syz.4.142[769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.731233][  T750] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.749594][  T750] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.756751][  T750] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.763556][  T750] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.808952][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.819045][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.870834][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   35.878149][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   35.907590][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   35.916027][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   35.918465][   T60] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   35.936357][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.943266][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.965445][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   35.978532][  T501] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   35.986199][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   35.998765][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.005668][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.026745][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   36.030512][  T780] loop4: detected capacity change from 0 to 40427
[   36.034897][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   36.049435][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   36.057527][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   36.076057][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   36.084787][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   36.099449][  T750] device veth0_vlan entered promiscuous mode
[   36.108588][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   36.116434][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.134207][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.142640][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.153587][  T750] device veth1_macvtap entered promiscuous mode
[   36.161955][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.170507][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.177229][  T780] F2FS-fs (loop4): Found nat_bits in checkpoint
[   36.178683][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.200188][   T10] device bridge_slave_1 left promiscuous mode
[   36.207853][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.216873][   T10] device bridge_slave_0 left promiscuous mode
[   36.222995][  T501] usb 4-1: Using ep0 maxpacket: 16
[   36.223713][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.236317][   T10] device bridge_slave_1 left promiscuous mode
[   36.237638][  T780] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   36.242540][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.263467][   T10] device bridge_slave_0 left promiscuous mode
[   36.269671][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.274212][  T714] F2FS-fs (loop4): access invalid blkaddr:2048
[   36.282953][  T714] CPU: 1 PID: 714 Comm: syz-executor Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0
[   36.292758][  T714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   36.302650][  T714] Call Trace:
[   36.305762][  T714]  <TASK>
[   36.308627][  T714]  dump_stack_lvl+0x151/0x1c0
[   36.313226][  T714]  ? io_uring_drop_tctx_refs+0x190/0x190
[   36.318796][  T714]  ? mempool_free+0x310/0x310
[   36.323305][  T714]  dump_stack+0x15/0x20
[   36.327415][  T714]  f2fs_is_valid_blkaddr+0xcc3/0x12d0
[   36.332639][  T714]  f2fs_map_blocks+0x1622/0x3ab0
[   36.337392][  T714]  ? f2fs_do_map_lock+0x70/0x70
[   36.338496][  T501] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[   36.342087][  T714]  f2fs_mpage_readpages+0xc9a/0x21a0
[   36.353182][  T501] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   36.358152][  T714]  ? dquot_release_reservation_block+0xa0/0xa0
[   36.368031][  T501] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.373108][  T714]  ? workingset_activation+0x3f0/0x3f0
[   36.373139][  T714]  f2fs_readahead+0xfd/0x250
[   36.373155][  T714]  ? blk_start_plug+0x5a/0x170
[   36.373171][  T714]  read_pages+0x15e/0xb00
[   36.384462][  T501] usb 4-1: config 0 descriptor??
[   36.386220][  T714]  ? lru_cache_add+0x279/0x540
[   36.408936][  T714]  ? page_cache_ra_unbounded+0x920/0x920
[   36.414405][  T714]  ? add_to_page_cache_lru+0x225/0x2c0
[   36.419707][  T714]  ? add_to_page_cache_locked+0x40/0x40
[   36.425084][  T714]  ? __stack_depot_save+0x34/0x470
[   36.430127][  T714]  page_cache_ra_unbounded+0x6cb/0x920
[   36.435430][  T714]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[   36.441760][  T714]  ? _raw_spin_unlock+0x4d/0x70
[   36.446439][  T714]  ondemand_readahead+0x9c8/0xfa0
[   36.451297][  T714]  ? do_wp_page+0x979/0xb60
[   36.455727][  T714]  ? page_cache_sync_ra+0x4d0/0x4d0
[   36.460759][  T714]  ? debug_smp_processor_id+0x17/0x20
[   36.465964][  T714]  ? kasan_quarantine_put+0x34/0x1a0
[   36.468489][  T313] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   36.471088][  T714]  ? selinux_inode_getattr+0x11f/0x3f0
[   36.483676][  T714]  ? fault_around_bytes_set+0xc0/0xc0
[   36.488880][  T714]  page_cache_sync_ra+0x2e9/0x4d0
[   36.493741][  T714]  ? force_page_cache_ra+0x420/0x420
[   36.498871][  T714]  ? do_handle_mm_fault+0x1807/0x2400
[   36.504170][  T714]  f2fs_readdir+0x52d/0xba0
[   36.508514][  T714]  ? f2fs_fill_dentries+0xd60/0xd60
[   36.513550][  T714]  ? avc_policy_seqno+0x1b/0x70
[   36.518230][  T714]  ? __kasan_check_read+0x11/0x20
[   36.523094][  T714]  ? security_file_permission+0x86/0xb0
[   36.528475][  T714]  iterate_dir+0x265/0x610
[   36.532728][  T714]  ? f2fs_fill_dentries+0xd60/0xd60
[   36.537764][  T714]  __se_sys_getdents64+0x1c1/0x460
[   36.542711][  T714]  ? __x64_sys_getdents64+0x90/0x90
[   36.547740][  T714]  ? filldir+0x680/0x680
[   36.551821][  T714]  __x64_sys_getdents64+0x7b/0x90
[   36.556691][  T714]  x64_sys_call+0x5ae/0x9a0
[   36.561114][  T714]  do_syscall_64+0x3b/0xb0
[   36.565361][  T714]  ? clear_bhb_loop+0x35/0x90
[   36.570004][  T714]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   36.575735][  T714] RIP: 0033:0x7f10766ed053
[   36.580059][  T714] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   36.599498][  T714] RSP: 002b:00007ffe021dd328 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   36.607740][  T714] RAX: ffffffffffffffda RBX: 0000555556ae34e0 RCX: 00007f10766ed053
[   36.615609][  T714] RDX: 0000000000008000 RSI: 0000555556ae34e0 RDI: 0000000000000005
[   36.623575][  T714] RBP: 0000555556ae34b4 R08: 0000000000000000 R09: 0000000000000000
[   36.629158][  T778] capability: warning: `syz.3.164' uses deprecated v2 capabilities in a way that may be insecure
[   36.631459][  T714] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   36.631476][  T714] R13: 0000000000000010 R14: 0000555556ae34b0 R15: 00007ffe021df5d0
[   36.631491][  T714]  </TASK>
[   36.658627][   T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 12592, setting to 1024
[   36.661510][   T10] device veth1_macvtap left promiscuous mode
[   36.675097][   T60] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[   36.688139][   T10] device veth0_vlan left promiscuous mode
[   36.689366][  T714] attempt to access beyond end of device
[   36.689366][  T714] loop4: rw=524288, want=45072, limit=40427
[   36.704971][  T714] attempt to access beyond end of device
[   36.704971][  T714] loop4: rw=0, want=45072, limit=40427
[   36.705074][   T10] device veth1_macvtap left promiscuous mode
[   36.715933][   T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   36.722051][   T10] device veth0_vlan left promiscuous mode
[   36.740019][  T313] usb 3-1: Using ep0 maxpacket: 16
[   36.753293][   T45] attempt to access beyond end of device
[   36.753293][   T45] loop4: rw=2049, want=40992, limit=40427
[   36.808635][   T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   36.817859][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   36.826063][   T60] usb 1-1: SerialNumber: syz
[   36.848515][  T773] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   36.868597][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.879444][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   36.888563][  T778] UDC core: couldn't find an available UDC or it's busy: -16
[   36.889285][  T313] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   36.896348][  T778] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   36.905331][  T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.923407][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.926561][  T313] usb 3-1: config 0 descriptor??
[   36.931614][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.944582][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.952654][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.961945][  T501] hid (null): unknown global tag 0x83
[   36.967445][  T501] hid (null): unknown global tag 0xc
[   36.990393][  T501] hid-sensor-hub 0003:0158:0100.0007: unknown main item tag 0x1
[   36.998014][  T501] hid-sensor-hub 0003:0158:0100.0007: unexpected long global item
[   37.005918][  T501] hid-sensor-hub 0003:0158:0100.0007: parse failed
[   37.023003][  T793] loop1: detected capacity change from 0 to 512
[   37.030227][  T501] hid-sensor-hub: probe of 0003:0158:0100.0007 failed with error -22
[   37.059230][  T793] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   37.072213][  T773] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   37.086944][  T793] EXT4-fs (loop1): 1 truncate cleaned up
[   37.093897][  T793] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   37.181595][  T797] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.185907][  T513] usb 4-1: USB disconnect, device number 4
[   37.196204][  T797] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.203859][  T797] device bridge_slave_0 entered promiscuous mode
[   37.211135][  T797] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.218016][  T797] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.225310][  T797] device bridge_slave_1 entered promiscuous mode
[   37.274976][  T797] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.281850][  T797] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.289239][  T797] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.295981][  T797] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.315847][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   37.323664][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.330836][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.340743][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   37.349089][  T296] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.355922][  T296] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.374083][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   37.382918][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   37.391495][  T501] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.398484][  T501] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.406436][  T313] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[   37.413573][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   37.418503][  T315] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   37.421169][  T313] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[   37.435382][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   37.443177][  T313] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[   37.450025][  T313] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[   37.456867][  T313] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[   37.464313][  T313] cp2112 0003:10C4:EA90.0008: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[   37.475487][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   37.484418][  T797] device veth0_vlan entered promiscuous mode
[   37.490902][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   37.498268][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   37.507682][   T60] cdc_ether 1-1:1.0 wwan0: register 'cdc_ether' at usb-dummy_hcd.0-1, Mobile Broadband Network Device, 42:42:42:42:42:42
[   37.513747][  T797] device veth1_macvtap entered promiscuous mode
[   37.527275][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   37.532922][   T30] kauditd_printk_skb: 39 callbacks suppressed
[   37.532935][   T30] audit: type=1400 audit(1725040468.598:284): avc:  denied  { read } for  pid=138 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   37.568616][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.576971][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.597415][   T30] audit: type=1400 audit(1725040468.658:285): avc:  denied  { unmount } for  pid=797 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   37.620573][  T313] cp2112 0003:10C4:EA90.0008: Part Number: 0x00 Device Version: 0x00
[   37.636126][   T30] audit: type=1326 audit(1725040468.698:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=809 comm="syz.4.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6f4883eb9 code=0x7ffc0000
[   37.662461][   T30] audit: type=1326 audit(1725040468.698:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=809 comm="syz.4.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6f4883eb9 code=0x7ffc0000
[   37.685981][   T30] audit: type=1326 audit(1725040468.698:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=809 comm="syz.4.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fc6f4883eb9 code=0x7ffc0000
[   37.708994][  T315] usb 2-1: Using ep0 maxpacket: 8
[   37.726710][   T60] usb 1-1: USB disconnect, device number 4
[   37.742632][   T60] cdc_ether 1-1:1.0 wwan0: unregister 'cdc_ether' usb-dummy_hcd.0-1, Mobile Broadband Network Device
[   37.828546][  T315] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   37.837690][  T315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.853190][  T315] usb 2-1: config 0 descriptor??
[   37.959642][   T10] device bridge_slave_1 left promiscuous mode
[   37.965707][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.973414][   T10] device bridge_slave_0 left promiscuous mode
[   37.979596][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.987527][   T10] device veth1_macvtap left promiscuous mode
[   37.993666][   T10] device veth0_vlan left promiscuous mode
[   38.290601][  T856] loop0: detected capacity change from 0 to 1024
[   38.379717][  T856] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,nodiscard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[   38.399946][   T30] audit: type=1400 audit(1725040469.468:289): avc:  denied  { mount } for  pid=855 comm="syz.0.175" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   38.422249][   T30] audit: type=1400 audit(1725040469.468:290): avc:  denied  { read } for  pid=855 comm="syz.0.175" name="file0" dev="overlay" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   38.444786][   T30] audit: type=1400 audit(1725040469.468:291): avc:  denied  { open } for  pid=855 comm="syz.0.175" path="/35/file1/bus/file0" dev="overlay" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   38.469468][   T30] audit: type=1400 audit(1725040469.498:292): avc:  denied  { remove_name } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   38.499250][   T30] audit: type=1400 audit(1725040469.498:293): avc:  denied  { rename } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   38.558128][  T862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=862 comm=syz.4.177
[   38.878532][  T513] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   38.878559][  T296] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   39.138487][  T296] usb 1-1: Using ep0 maxpacket: 16
[   39.238555][  T513] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.249404][  T513] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   39.262148][  T513] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   39.270946][  T513] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.278507][  T296] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[   39.280260][  T513] usb 4-1: config 0 descriptor??
[   39.289287][  T296] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[   39.301809][  T296] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[   39.311380][  T296] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[   39.321072][  T296] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[   39.330934][  T296] usb 1-1: config 1 interface 0 has no altsetting 0
[   39.331006][   T60] usb 3-1: USB disconnect, device number 3
[   39.337439][  T296] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[   39.337464][  T296] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.399112][  T296] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[   39.438023][  T886] device pim6reg1 entered promiscuous mode
[   39.478255][  T888] loop4: detected capacity change from 0 to 512
[   39.570493][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz.4.187: corrupted inode contents
[   39.582454][  T888] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #3: comm syz.4.187: mark_inode_dirty error
[   39.594051][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #3: comm syz.4.187: corrupted inode contents
[   39.605821][  T888] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.187: mark_inode_dirty error
[   39.617275][  T888] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.187: Failed to acquire dquot type 0
[   39.619087][  T296] scsi host1: usb-storage 1-1:1.0
[   39.636427][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #16: comm syz.4.187: corrupted inode contents
[   39.648378][  T888] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #16: comm syz.4.187: mark_inode_dirty error
[   39.660237][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #16: comm syz.4.187: corrupted inode contents
[   39.672177][  T888] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.187: mark_inode_dirty error
[   39.683831][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #16: comm syz.4.187: corrupted inode contents
[   39.695970][  T888] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   39.705136][  T888] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #16: comm syz.4.187: corrupted inode contents
[   39.717661][  T888] EXT4-fs error (device loop4): ext4_truncate:4292: inode #16: comm syz.4.187: mark_inode_dirty error
[   39.728715][  T888] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   39.737861][  T888] EXT4-fs (loop4): 1 truncate cleaned up
[   39.743370][  T888] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   39.754169][  T888] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038 (0x7fffffff)
[   39.769225][  T513] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[   39.776752][  T513] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[   39.790936][  T513] plantronics 0003:047F:FFFF.0009: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   39.812626][  T888] syz.4.187 (888) used greatest stack depth: 20400 bytes left
[   40.059285][  T513] usb 4-1: USB disconnect, device number 5
[   40.088549][  T315] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   40.098827][  T315] asix: probe of 2-1:0.0 failed with error -71
[   40.105837][  T315] usb 2-1: USB disconnect, device number 2
[   40.589009][  T902] loop1: detected capacity change from 0 to 1024
[   40.604347][  T902] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   40.624419][  T905] loop3: detected capacity change from 0 to 2048
[   40.639024][  T296] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[   40.717311][  T905] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   40.790729][  T905] EXT4-fs error (device loop3): ext4_validate_block_bitmap:420: comm syz.3.191: bg 0: bad block bitmap checksum
[   40.804174][  T905] EXT4-fs error (device loop3): ext4_ind_map_blocks:604: inode #15: comm syz.3.191: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   40.840674][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.856893][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.865934][  T908] loop4: detected capacity change from 0 to 40427
[   40.872747][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.889956][  T313] usb 1-1: USB disconnect, device number 5
[   40.893757][  T891] sddr09: could not read card info
[   40.900918][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.905089][   T10] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[   40.920354][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.926205][   T10] sd 1:0:0:0: [sdb] 0-byte physical blocks
[   40.947173][   T10] sd 1:0:0:0: [sdb] Write Protect is off
[   40.951126][  T908] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[   40.953515][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 0
[   40.961152][  T908] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[   40.982890][   T10] sd 1:0:0:0: [sdb] Asking for cache data failed
[   40.984172][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   40.989193][   T10] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[   41.005543][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 2048
[   41.019590][   T10] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[   41.026768][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   41.047638][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 4096
[   41.049308][  T908] F2FS-fs (loop4): Found nat_bits in checkpoint
[   41.063569][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   41.084315][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 6144
[   41.100854][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   41.116446][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 8192
[   41.120762][  T908] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   41.132321][  T295] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   41.139207][  T908] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   41.155018][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 10240
[   41.177592][  T295] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /40/file0/lost+found: directory fails checksum at offset 12288
[   41.187346][   T10] attempt to access beyond end of device
[   41.187346][   T10] loop4: rw=2049, want=45120, limit=40427
[   41.193052][  T295] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   41.224183][  T797] attempt to access beyond end of device
[   41.224183][  T797] loop4: rw=524288, want=45072, limit=40427
[   41.236291][  T797] attempt to access beyond end of device
[   41.236291][  T797] loop4: rw=0, want=45072, limit=40427
[   41.504508][  T920] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.511598][  T920] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.519063][  T920] device bridge_slave_0 entered promiscuous mode
[   41.526455][  T920] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.533696][  T920] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.540914][  T920] device bridge_slave_1 entered promiscuous mode
[   41.613034][  T921] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.620105][  T921] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.627254][  T921] device bridge_slave_0 entered promiscuous mode
[   41.637461][  T921] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.644500][  T921] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.653315][  T921] device bridge_slave_1 entered promiscuous mode
[   41.724496][  T920] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.731387][  T920] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.738497][  T920] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.745435][  T920] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.781675][  T921] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.788592][  T921] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.795869][  T921] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.802676][  T921] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.827393][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.836509][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.844633][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.852404][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.860127][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.874454][  T940] loop1: detected capacity change from 0 to 40427
[   41.881218][   T10] device bridge_slave_1 left promiscuous mode
[   41.887148][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.894554][   T10] device bridge_slave_0 left promiscuous mode
[   41.898530][  T296] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   41.900617][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.915680][   T10] device veth1_macvtap left promiscuous mode
[   41.921121][  T940] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   41.922909][   T10] device veth0_vlan left promiscuous mode
[   41.931066][  T940] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   41.954849][  T940] F2FS-fs (loop1): Found nat_bits in checkpoint
[   41.990113][  T940] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   41.997045][  T940] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   42.018277][  T940] overlayfs: invalid origin (0000007900f9435e3f0000ffffffff000000000000000000000000000000000000000000000000000000000000000000)
[   42.031787][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.037920][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.038843][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.046222][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.053730][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.061170][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.068864][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.069149][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.076497][  T750] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   42.084122][  T501] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.105653][  T501] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.112946][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.120974][  T501] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.127899][  T501] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.135295][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.143475][  T501] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.150346][  T501] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.157576][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.166006][  T501] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.172961][  T501] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.180295][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.188705][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.208983][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.217205][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.225306][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.233205][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.241936][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.250048][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.259178][  T920] device veth0_vlan entered promiscuous mode
[   42.278636][  T296] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   42.290538][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   42.298452][  T296] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.299684][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.309550][  T296] usb 1-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[   42.324349][  T920] device veth1_macvtap entered promiscuous mode
[   42.330866][  T296] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   42.332579][  T949] binder: BINDER_SET_CONTEXT_MGR already set
[   42.340522][  T921] device veth0_vlan entered promiscuous mode
[   42.350340][  T949] binder: 946:949 ioctl 4018620d 20000040 returned -16
[   42.351661][  T296] usb 1-1: config 0 descriptor??
[   42.357502][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.373835][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.386941][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   42.394561][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   42.402417][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.413925][  T953] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=953 comm=syz.1.209
[   42.437663][  T921] device veth1_macvtap entered promiscuous mode
[   42.444605][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.453211][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.460743][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.469275][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.477488][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.486209][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.494653][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.502941][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.511344][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   42.539107][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.547212][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.574163][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.588943][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.628532][  T313] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   42.658240][  T955] loop1: detected capacity change from 0 to 40427
[   42.665802][   T10] tipc: Left network mode
[   42.722323][  T958] loop4: detected capacity change from 0 to 40427
[   42.741698][  T955] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   42.749705][  T955] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   42.760533][  T955] F2FS-fs (loop1): Found nat_bits in checkpoint
[   42.783178][  T955] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   42.790354][  T955] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   42.807416][  T958] F2FS-fs (loop4): Invalid segment/section count (31, 24 x 1)
[   42.815280][  T958] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[   42.824470][  T958] F2FS-fs (loop4): invalid crc value
[   42.830891][  T958] F2FS-fs (loop4): Found nat_bits in checkpoint
[   42.840924][  T296] wacom 0003:056A:00D0.000A: unknown main item tag 0x0
[   42.858694][  T296] wacom 0003:056A:00D0.000A: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[   42.867853][  T958] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[   42.875192][  T958] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   42.878617][  T313] usb 3-1: Using ep0 maxpacket: 32
[   42.894914][  T296] wacom 0003:056A:00D0.000A: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.0-1/input0
[   42.908586][  T501] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   42.920635][  T920] attempt to access beyond end of device
[   42.920635][  T920] loop4: rw=524288, want=45072, limit=40427
[   42.921251][  T296] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00D0.000A/input/input6
[   42.937941][  T920] attempt to access beyond end of device
[   42.937941][  T920] loop4: rw=0, want=45072, limit=40427
[   42.955352][   T30] kauditd_printk_skb: 15 callbacks suppressed
[   42.955369][   T30] audit: type=1400 audit(1725040474.018:307): avc:  denied  { read } for  pid=85 comm="acpid" name="event3" dev="devtmpfs" ino=465 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   42.987445][   T30] audit: type=1400 audit(1725040474.018:308): avc:  denied  { open } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=465 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   43.001639][   T45] attempt to access beyond end of device
[   43.001639][   T45] loop4: rw=2049, want=45112, limit=40427
[   43.011445][   T30] audit: type=1400 audit(1725040474.088:309): avc:  denied  { ioctl } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=465 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   43.051176][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   43.065266][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   43.076292][  T313] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[   43.085951][  T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.098239][  T750] attempt to access beyond end of device
[   43.098239][  T750] loop1: rw=2051, want=53248, limit=40427
[   43.100297][  T313] usb 3-1: config 0 descriptor??
[   43.115900][   T20] usb 1-1: USB disconnect, device number 6
[   43.118726][  T750] attempt to access beyond end of device
[   43.118726][  T750] loop1: rw=2051, want=77824, limit=40427
[   43.132795][  T750] attempt to access beyond end of device
[   43.132795][  T750] loop1: rw=2051, want=86016, limit=40427
[   43.145288][  T750] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5
[   43.145317][  T750] F2FS-fs (loop1): Issue discard(7168, 7168, 2560) failed, ret: -5
[   43.153797][  T750] F2FS-fs (loop1): Issue discard(10240, 10240, 512) failed, ret: -5
[   43.198619][  T501] usb 4-1: Using ep0 maxpacket: 16
[   43.326493][  T969] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.333454][  T969] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.340418][  T501] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   43.342221][  T969] device bridge_slave_0 entered promiscuous mode
[   43.351637][  T501] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   43.359093][  T969] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.367748][  T501] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   43.386963][  T501] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   43.396496][  T501] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.406161][  T501] usb 4-1: config 0 descriptor??
[   43.411584][  T969] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.419563][  T969] device bridge_slave_1 entered promiscuous mode
[   43.427155][   T10] device bridge_slave_1 left promiscuous mode
[   43.433362][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.440901][   T10] device bridge_slave_0 left promiscuous mode
[   43.446927][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.454632][   T10] device veth1_macvtap left promiscuous mode
[   43.461084][   T10] device veth0_vlan left promiscuous mode
[   43.512787][   T30] audit: type=1400 audit(1725040474.578:310): avc:  denied  { ioctl } for  pid=979 comm="syz.1.216" path="socket:[19185]" dev="sockfs" ino=19185 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   43.538501][   T30] audit: type=1400 audit(1725040474.578:311): avc:  denied  { read } for  pid=979 comm="syz.1.216" path="socket:[19185]" dev="sockfs" ino=19185 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   43.627302][  T969] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.634413][  T969] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.641618][  T969] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.648350][  T969] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.669578][  T313] hid-rmi 0003:0461:4E72.000B: item fetching failed at offset 1/5
[   43.677595][  T987] syz.0.219 uses obsolete (PF_INET,SOCK_PACKET)
[   43.688833][  T313] hid-rmi 0003:0461:4E72.000B: parse failed
[   43.694682][  T313] hid-rmi: probe of 0003:0461:4E72.000B failed with error -22
[   43.697577][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.718935][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.726148][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.740583][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.748902][  T956] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.755771][  T956] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.763595][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.771572][  T956] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.778438][  T956] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.799949][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.809365][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.817119][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.826883][  T969] device veth0_vlan entered promiscuous mode
[   43.833570][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.841796][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.849069][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.861778][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.870350][  T960] netlink: 292 bytes leftover after parsing attributes in process `syz.3.199'.
[   43.879550][  T956] usb 3-1: USB disconnect, device number 4
[   43.880631][  T969] device veth1_macvtap entered promiscuous mode
[   43.895558][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.904249][  T501] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0
[   43.912231][  T501] microsoft 0003:045E:07DA.000C: item fetching failed at offset 30/34
[   43.920825][  T501] microsoft 0003:045E:07DA.000C: parse failed
[   43.922974][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.926718][  T501] microsoft: probe of 0003:045E:07DA.000C failed with error -22
[   43.988550][  T313] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   43.999688][  T998] loop4: detected capacity change from 0 to 512
[   44.006489][  T998] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.017811][  T998] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.223: invalid indirect mapped block 83886080 (level 1)
[   44.032042][  T998] EXT4-fs (loop4): 1 orphan inode deleted
[   44.037679][  T998] EXT4-fs (loop4): 1 truncate cleaned up
[   44.044155][  T998] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   44.061210][   T30] audit: type=1400 audit(1725040475.128:312): avc:  denied  { rename } for  pid=997 comm="syz.4.223" name="file1" dev="loop4" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   44.089778][  T969] EXT4-fs error (device loop4): ext4_map_blocks:602: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1)
[   44.105058][  T969] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[   44.111962][   T39] usb 4-1: USB disconnect, device number 6
[   44.126432][  T969] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   44.136060][  T969] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error
[   44.269362][ T1003] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.276297][ T1003] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.283760][ T1003] device bridge_slave_0 entered promiscuous mode
[   44.292348][ T1003] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.299277][ T1003] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.306435][ T1003] device bridge_slave_1 entered promiscuous mode
[   44.363789][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.371684][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.389413][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   44.398526][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.410685][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.418571][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   44.428312][  T313] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   44.437497][  T956] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.444354][  T956] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.451761][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   44.459762][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.468047][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.476170][  T313] usb 2-1: config 0 descriptor??
[   44.481823][  T956] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.488677][  T956] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.495933][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.503885][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.511832][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   44.521215][   T10] device bridge_slave_1 left promiscuous mode
[   44.527179][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.540895][   T10] device bridge_slave_0 left promiscuous mode
[   44.546966][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.555832][   T10] device veth1_macvtap left promiscuous mode
[   44.562050][   T10] device veth0_vlan left promiscuous mode
[   44.655010][ T1016] loop3: detected capacity change from 0 to 1024
[   44.679459][  T315] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   44.682917][ T1003] device veth0_vlan entered promiscuous mode
[   44.693675][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.702677][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.711093][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   44.718380][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   44.729587][ T1016] EXT4-fs (loop3): Ignoring removed orlov option
[   44.733587][ T1003] device veth1_macvtap entered promiscuous mode
[   44.753283][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.762198][ T1016] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802e018, mo2=0002]
[   44.770666][ T1016] System zones: 0-1, 3-12
[   44.772428][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.775260][ T1016] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,abort,barrier=0x0000000000000001,orlov,debug_want_extra_isize=0x0000000000000080,nouid32,sysvgroups,grpjquota=,debug,,errors=continue. Quota mode: none.
[   44.788806][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.826605][ T1016] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2739: inode #14: comm syz.3.231: corrupted in-inode xattr
[   44.866761][ T1016] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #14: comm syz.3.231: attempt to clear invalid blocks 1886221359 len 1
[   44.881081][ T1016] EXT4-fs error (device loop3): ext4_free_blocks:6224: comm syz.3.231: Freeing blocks not in datazone - block = 144, count = 1
[   44.903516][ T1016] EXT4-fs error (device loop3): ext4_ext_remove_space:2923: inode #18: comm syz.3.231: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   44.922212][ T1016] EXT4-fs error (device loop3): ext4_evict_inode:294: comm syz.3.231: couldn't truncate inode 18 (err -117)
[   44.928491][  T315] usb 3-1: Using ep0 maxpacket: 16
[   44.950813][  T921] EXT4-fs error (device loop3): ext4_free_blocks:6224: comm syz-executor: Freeing blocks not in datazone - block = 128, count = 1
[   44.968688][  T313] hid (null): bogus close delimiter
[   45.068527][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.082206][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.091984][  T315] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   45.101014][  T315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.112707][  T315] usb 3-1: config 0 descriptor??
[   45.288462][  T513] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   45.498526][  T313] usb 2-1: string descriptor 0 read error: -71
[   45.511097][   T10] device bridge_slave_1 left promiscuous mode
[   45.517306][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.524984][  T313] uclogic 0003:256C:006D.000D: failed retrieving string descriptor #200: -71
[   45.535093][  T313] uclogic 0003:256C:006D.000D: failed retrieving pen parameters: -71
[   45.535311][   T10] device bridge_slave_0 left promiscuous mode
[   45.538547][  T513] usb 4-1: Using ep0 maxpacket: 8
[   45.554410][  T313] uclogic 0003:256C:006D.000D: failed probing pen v2 parameters: -71
[   45.562596][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.570087][  T313] uclogic 0003:256C:006D.000D: failed probing parameters: -71
[   45.577630][  T313] uclogic: probe of 0003:256C:006D.000D failed with error -71
[   45.586202][   T10] device veth1_macvtap left promiscuous mode
[   45.592282][   T10] device veth0_vlan left promiscuous mode
[   45.598897][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   45.599745][  T313] usb 2-1: USB disconnect, device number 3
[   45.605685][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   45.625896][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   45.640361][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   45.647187][  T315] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[   45.662444][  T315] cp2112 0003:10C4:EA90.000E: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[   45.688559][  T513] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.701627][  T513] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.711353][  T513] usb 4-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[   45.720355][  T513] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.729183][  T513] usb 4-1: config 0 descriptor??
[   45.798655][  T315] cp2112 0003:10C4:EA90.000E: Part Number: 0x00 Device Version: 0x00
[   46.066319][ T1039] loop0: detected capacity change from 0 to 2048
[   46.130130][ T1039] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   46.161350][ T1039] EXT4-fs error (device loop0): ext4_validate_block_bitmap:420: comm syz.0.236: bg 0: bad block bitmap checksum
[   46.178800][ T1039] EXT4-fs error (device loop0): ext4_ind_map_blocks:604: inode #15: comm syz.0.236: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   46.202177][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.222854][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.231726][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.248269][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.248949][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.267301][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.273001][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.288857][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.293914][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.310229][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 0
[   46.317899][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.334079][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.340075][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.355805][  T313] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   46.362747][  T513] playstation 0003:054C:0CE6.000F: unknown main item tag 0x0
[   46.370314][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 2048
[   46.378241][  T513] playstation 0003:054C:0CE6.000F: hidraw1: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.3-1/input0
[   46.394830][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.420166][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 4096
[   46.435527][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.451610][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 6144
[   46.467821][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.484084][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 8192
[   46.499301][  T292] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   46.514706][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 10240
[   46.518577][  T513] playstation 0003:054C:0CE6.000F: Invalid reportID received, expected 9 got 0
[   46.539032][  T513] playstation 0003:054C:0CE6.000F: Failed to retrieve DualSense pairing info: -22
[   46.539153][  T292] EXT4-fs error (device loop0): ext4_readdir:220: inode #11: comm syz-executor: path /47/file0/lost+found: directory fails checksum at offset 12288
[   46.548127][  T513] playstation 0003:054C:0CE6.000F: Failed to get MAC address from DualSense
[   46.548144][  T513] playstation 0003:054C:0CE6.000F: Failed to create dualsense.
[   46.549980][  T513] playstation: probe of 0003:054C:0CE6.000F failed with error -22
[   46.571730][  T292] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   46.719692][  T513] usb 3-1: USB disconnect, device number 5
[   46.756327][  T315] usb 4-1: USB disconnect, device number 7
[   46.763381][ T1025] tipc: Disabling bearer <udp:syz0>
[   46.769026][ T1025] tipc: Left network mode
[   46.788579][  T313] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[   46.798682][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.808172][  T313] usb 2-1: config 0 descriptor??
[   46.818601][  T292] syz-executor (292) used greatest stack depth: 19872 bytes left
[   47.240051][ T1048] loop2: detected capacity change from 0 to 256
[   47.259027][ T1025] device bridge_slave_1 left promiscuous mode
[   47.265025][ T1025] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.272457][ T1025] device bridge_slave_0 left promiscuous mode
[   47.278937][ T1025] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.293941][ T1025] device veth1_macvtap left promiscuous mode
[   47.300233][ T1025] device veth0_vlan left promiscuous mode
[   47.444419][ T1052] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.451609][ T1052] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.459136][ T1052] device bridge_slave_0 entered promiscuous mode
[   47.465784][ T1052] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.472817][ T1052] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.480391][ T1052] device bridge_slave_1 entered promiscuous mode
[   47.518131][ T1052] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.525266][ T1052] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.532380][ T1052] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.539141][ T1052] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.557681][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.565482][  T296] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.572783][  T296] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.582184][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.590487][  T513] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.597341][  T513] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.615632][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.623771][  T513] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.630662][  T513] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.637954][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.646228][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.659887][ T1052] device veth0_vlan entered promiscuous mode
[   47.668595][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.676772][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   47.685068][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   47.688606][  T313] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   47.692428][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   47.702456][  T313] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[   47.720401][  T313] asix: probe of 2-1:0.0 failed with error -71
[   47.722913][ T1052] device veth1_macvtap entered promiscuous mode
[   47.730416][  T313] usb 2-1: USB disconnect, device number 4
[   47.734263][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   47.738747][  T296] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   47.754398][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.763113][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.788846][ T1065] loop3: detected capacity change from 0 to 256
[   48.008672][  T296] usb 3-1: Using ep0 maxpacket: 8
[   48.011066][ T1067] loop4: detected capacity change from 0 to 1024
[   48.048505][  T513] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   48.061440][ T1067] EXT4-fs (loop4): Ignoring removed orlov option
[   48.069496][ T1067] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802e018, mo2=0002]
[   48.077521][ T1067] System zones: 0-1, 3-12
[   48.083279][ T1067] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,abort,barrier=0x0000000000000001,orlov,debug_want_extra_isize=0x0000000000000080,nouid32,sysvgroups,grpjquota=,debug,,errors=continue. Quota mode: none.
[   48.122560][ T1067] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2739: inode #14: comm syz.4.243: corrupted in-inode xattr
[   48.148521][  T296] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.170521][ T1067] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #14: comm syz.4.243: attempt to clear invalid blocks 1886221359 len 1
[   48.184031][  T296] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.194199][  T296] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   48.201469][ T1067] EXT4-fs error (device loop4): ext4_free_blocks:6224: comm syz.4.243: Freeing blocks not in datazone - block = 144, count = 1
[   48.209164][  T296] usb 3-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[   48.221008][ T1067] EXT4-fs error (device loop4): ext4_ext_remove_space:2923: inode #18: comm syz.4.243: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   48.240426][  T296] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.248206][ T1067] EXT4-fs error (device loop4): ext4_evict_inode:294: comm syz.4.243: couldn't truncate inode 18 (err -117)
[   48.262675][  T296] usb 3-1: config 0 descriptor??
[   48.303146][ T1003] EXT4-fs error (device loop4): ext4_free_blocks:6224: comm syz-executor: Freeing blocks not in datazone - block = 128, count = 1
[   48.308466][  T513] usb 1-1: Using ep0 maxpacket: 16
[   48.379392][ T1080] loop1: detected capacity change from 0 to 128
[   48.438583][  T513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.453659][ T1080] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   48.455946][  T513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.474034][ T1080] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038 (0x7fffffff)
[   48.510593][ T1080] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[   48.512011][  T513] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   48.568461][  T513] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.581799][  T513] usb 1-1: config 0 descriptor??
[   48.603390][ T1085] binder: BINDER_SET_CONTEXT_MGR already set
[   48.619492][ T1085] binder: 1084:1085 ioctl 4018620d 200001c0 returned -16
[   48.700674][ T1087] loop1: detected capacity change from 0 to 2048
[   48.774742][ T1087] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   48.790917][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.803197][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.821078][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.828746][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.833934][ T1087] EXT4-fs error (device loop1): ext4_validate_block_bitmap:420: comm syz.1.249: bg 0: bad block bitmap checksum
[   48.842735][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.855459][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.864341][  T296] hid-steam 0003:28DE:1102.0010: unknown main item tag 0x0
[   48.875309][ T1087] EXT4-fs error (device loop1): ext4_ind_map_blocks:604: inode #15: comm syz.1.249: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   48.902142][  T296] hid-steam 0003:28DE:1102.0010: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0
[   48.934175][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   48.950198][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   48.966621][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   48.983419][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.002647][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.019657][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 0
[   49.034469][  T315] usb 3-1: USB disconnect, device number 6
[   49.034676][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.056440][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 2048
[   49.071510][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.087365][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 4096
[   49.102542][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.102954][  T513] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0
[   49.119784][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 6144
[   49.126843][  T513] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0
[   49.141253][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.147922][  T513] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0
[   49.163284][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 8192
[   49.187898][  T513] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0
[   49.188119][  T750] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   49.210242][  T513] cp2112 0003:10C4:EA90.0011: unknown main item tag 0x0
[   49.210895][  T513] cp2112 0003:10C4:EA90.0011: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[   49.217430][  T501] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   49.238937][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 10240
[   49.254600][  T750] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor: path /22/file0/lost+found: directory fails checksum at offset 12288
[   49.273224][  T750] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   49.348530][  T513] cp2112 0003:10C4:EA90.0011: Part Number: 0x00 Device Version: 0x00
[   49.498625][  T501] usb 5-1: Using ep0 maxpacket: 8
[   49.530777][ T1095] loop3: detected capacity change from 0 to 512
[   49.541072][ T1095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[   49.571337][ T1098] loop2: detected capacity change from 0 to 512
[   49.597850][ T1104] syz.3.258[1104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.597923][ T1104] syz.3.258[1104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.601005][ T1098] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   49.638538][  T501] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.639432][ T1098] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038 (0x7fffffff)
[   49.659395][  T501] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.669063][  T501] usb 5-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[   49.677956][  T501] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.696701][  T501] usb 5-1: config 0 descriptor??
[   49.709676][ T1096] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.716699][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.724064][ T1096] device bridge_slave_0 entered promiscuous mode
[   49.733123][ T1096] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.740084][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.747395][ T1096] device bridge_slave_1 entered promiscuous mode
[   49.824244][ T1096] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.833464][ T1096] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.840976][ T1096] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.847944][ T1096] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.874309][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.883217][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.890873][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.919010][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.927098][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.935394][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.943441][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.952613][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.960220][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.981789][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.995370][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.018573][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.041473][ T1096] device veth0_vlan entered promiscuous mode
[   50.047851][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.059340][    T8] device bridge_slave_1 left promiscuous mode
[   50.065399][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.073099][    T8] device bridge_slave_0 left promiscuous mode
[   50.079600][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.088033][    T8] device veth1_macvtap left promiscuous mode
[   50.094588][    T8] device veth0_vlan left promiscuous mode
[   50.180169][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.192669][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   50.192674][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.192702][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.210626][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   50.215173][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.230109][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.238155][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.248169][  T501] playstation 0003:054C:0CE6.0012: unknown main item tag 0x0
[   50.250181][ T1096] device veth1_macvtap entered promiscuous mode
[   50.268182][  T501] playstation 0003:054C:0CE6.0012: hidraw1: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.4-1/input0
[   50.282667][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.292718][  T313] usb 1-1: USB disconnect, device number 7
[   50.299448][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.317828][  T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.342458][ T1108] loop1: detected capacity change from 0 to 256
[   50.398868][  T501] playstation 0003:054C:0CE6.0012: Invalid reportID received, expected 9 got 0
[   50.423226][  T501] playstation 0003:054C:0CE6.0012: Failed to retrieve DualSense pairing info: -22
[   50.446783][  T501] playstation 0003:054C:0CE6.0012: Failed to get MAC address from DualSense
[   50.459581][  T501] playstation 0003:054C:0CE6.0012: Failed to create dualsense.
[   50.467951][  T501] playstation: probe of 0003:054C:0CE6.0012 failed with error -22
[   50.476429][ T1110] loop1: detected capacity change from 0 to 256
[   50.483302][ T1110] exfat: Bad value for 'uid'
[   50.495422][  T293] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   50.510409][  T293] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[   50.534783][    T8] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm kworker/u4:0: Invalid inode table block 0 in block_group 0
[   50.571404][  T293] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[   50.598683][  T293] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   50.610585][  T293] EXT4-fs error (device loop2): ext4_quota_off:6476: inode #3: comm syz-executor: mark_inode_dirty error
[   50.623251][ T1110] netlink: 104 bytes leftover after parsing attributes in process `syz.1.269'.
[   50.633060][  T293] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[   50.658849][  T293] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   50.669654][  T296] usb 5-1: USB disconnect, device number 4
[   50.676781][  T293] EXT4-fs error (device loop2): ext4_quota_off:6476: inode #4: comm syz-executor: mark_inode_dirty error
[   50.944666][ T1121] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.952262][ T1121] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.962862][ T1121] device bridge_slave_0 entered promiscuous mode
[   50.970683][ T1121] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.984118][ T1121] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.991725][ T1121] device bridge_slave_1 entered promiscuous mode
[   51.061260][ T1121] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.068457][ T1121] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.075534][ T1121] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.082778][ T1121] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.110676][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.119936][  T296] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.127254][  T296] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.170103][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.178146][  T501] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.185123][  T501] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.245556][ T1130] loop4: detected capacity change from 0 to 2048
[   51.255268][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.279202][  T501] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.286080][  T501] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.302257][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.316951][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.348498][ T1131] device pim6reg1 entered promiscuous mode
[   51.357239][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.382118][ T1121] device veth0_vlan entered promiscuous mode
[   51.404715][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.419139][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.431686][ T1130] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   51.446804][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.466936][ T1121] device veth1_macvtap entered promiscuous mode
[   51.520460][ T1130] EXT4-fs error (device loop4): ext4_validate_block_bitmap:420: comm syz.4.265: bg 0: bad block bitmap checksum
[   51.539735][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.567470][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.579881][ T1137] loop3: detected capacity change from 0 to 1024
[   51.589797][ T1140] EXT4-fs error (device loop4): ext4_ind_map_blocks:604: inode #15: comm syz.4.265: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   51.619136][ T1140] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 117
[   51.639921][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.653391][ T1139] loop0: detected capacity change from 0 to 512
[   51.670461][ T1140] EXT4-fs (loop4): This should not happen!! Data will be lost
[   51.670461][ T1140] 
[   51.684683][   T10] device bridge_slave_1 left promiscuous mode
[   51.701103][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.709513][ T1137] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   51.719177][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.730217][ T1137] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #4: comm syz.3.267: blocks 32-33 from inode overlap system zone
[   51.749153][   T10] device bridge_slave_0 left promiscuous mode
[   51.755149][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.755377][ T1139] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[   51.772559][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.788205][ T1137] EXT4-fs (loop3): failed to initialize system zone (-117)
[   51.795492][   T10] device veth1_macvtap left promiscuous mode
[   51.795588][ T1137] EXT4-fs (loop3): mount failed
[   51.801837][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.821520][   T10] device veth0_vlan left promiscuous mode
[   51.829294][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.855714][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.874832][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 0
[   51.898852][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.914421][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 2048
[   51.938509][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.955152][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 4096
[   51.976825][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   51.992405][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 6144
[   52.008650][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   52.018461][ T1147] loop3: detected capacity change from 0 to 512
[   52.026184][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 8192
[   52.045137][ T1003] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   52.052900][ T1143] device sit0 entered promiscuous mode
[   52.065223][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 10240
[   52.073456][ T1143] device vlan2 entered promiscuous mode
[   52.095993][ T1003] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /4/file0/lost+found: directory fails checksum at offset 12288
[   52.115555][ T1143] device sit0 left promiscuous mode
[   52.121895][ T1003] EXT4-fs error (device loop4): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   52.137331][ T1147] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   52.151389][ T1147] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff)
[   52.527624][ T1162] syz.0.277[1162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.527711][ T1162] syz.0.277[1162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.554090][  T481] Bluetooth: hci0: Frame reassembly failed (-84)
[   52.587336][   T30] audit: type=1400 audit(1725040483.648:313): avc:  denied  { create } for  pid=1161 comm="syz.0.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.641835][   T30] audit: type=1400 audit(1725040483.648:314): avc:  denied  { ioctl } for  pid=1161 comm="syz.0.277" path="socket:[21091]" dev="sockfs" ino=21091 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.751187][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.758133][ T1168] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.768913][  T501] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   52.781288][ T1168] device bridge_slave_0 entered promiscuous mode
[   52.798322][ T1168] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.813899][ T1168] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.828025][ T1168] device bridge_slave_1 entered promiscuous mode
[   52.879320][  T481] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm kworker/u4:4: Invalid inode table block 0 in block_group 0
[   52.972562][ T1168] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.979513][ T1168] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.986580][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.993450][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.002147][   T10] device bridge_slave_1 left promiscuous mode
[   53.008095][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.012712][  T921] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   53.029030][  T501] usb 2-1: Using ep0 maxpacket: 16
[   53.029148][   T10] device bridge_slave_0 left promiscuous mode
[   53.034462][  T921] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[   53.045643][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.062530][  T921] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[   53.076985][   T10] device veth1_macvtap left promiscuous mode
[   53.083344][   T10] device veth0_vlan left promiscuous mode
[   53.089755][  T921] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   53.108957][  T921] EXT4-fs error (device loop3): ext4_quota_off:6476: inode #3: comm syz-executor: mark_inode_dirty error
[   53.132956][  T921] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[   53.148556][  T501] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   53.150359][  T921] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[   53.164233][  T501] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   53.170482][  T921] EXT4-fs error (device loop3): ext4_quota_off:6476: inode #4: comm syz-executor: mark_inode_dirty error
[   53.191991][  T501] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   53.207158][  T501] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.224911][  T501] usb 2-1: config 0 descriptor??
[   53.298866][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.306805][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.317143][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.343693][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.352815][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.378748][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.392858][ T1168] device veth0_vlan entered promiscuous mode
[   53.399682][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   53.418669][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   53.426151][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.440653][ T1168] device veth1_macvtap entered promiscuous mode
[   53.459574][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.476079][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   53.484770][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.527378][ T1176] tipc: Started in network mode
[   53.546218][ T1176] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   53.559900][ T1176] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[   53.569306][ T1176] tipc: Enabled bearer <udp:syz0>, priority 10
[   53.603126][ T1179] loop4: detected capacity change from 0 to 512
[   53.633714][ T1177] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.639325][ T1179] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[   53.650665][ T1177] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.657989][ T1177] device bridge_slave_0 entered promiscuous mode
[   53.668754][ T1177] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.685168][ T1177] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.685170][ T1179] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,jqfmt=vfsold,noquota,min_batch_time=0x0000000000000010,journal_dev=0x000000000000000d,,errors=continue. Quota mode: writeback.
[   53.685258][ T1179] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[   53.699339][ T1177] device bridge_slave_1 entered promiscuous mode
[   53.731701][  T501] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[   53.742020][  T501] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[   53.768515][ T1179] EXT4-fs (loop4): Unrecognized mount option "·" or missing value
[   53.768579][   T30] audit: type=1400 audit(1725040484.828:315): avc:  denied  { remount } for  pid=1178 comm="syz.4.289" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   53.776295][  T501] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[   53.776320][  T501] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[   53.776342][  T501] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[   53.818089][  T501] cp2112 0003:10C4:EA90.0013: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[   53.833879][ T1179] ext4 filesystem being remounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[   53.849679][ T1179] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.289: corrupted xattr block 32
[   53.862269][ T1179] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   53.872047][ T1179] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.289: corrupted xattr block 32
[   53.884180][ T1179] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   53.895510][ T1179] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.289: corrupted xattr block 32
[   53.907420][ T1179] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[   53.948554][  T501] cp2112 0003:10C4:EA90.0013: Part Number: 0x00 Device Version: 0x00
[   53.994585][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   54.003697][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.030762][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   54.039052][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.047094][  T296] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.054053][  T296] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.062537][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   54.071114][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.079447][  T296] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.086780][  T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.094033][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.101992][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.116948][ T1177] device veth0_vlan entered promiscuous mode
[   54.128193][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   54.137210][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.145241][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   54.152955][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   54.161046][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   54.175661][ T1177] device veth1_macvtap entered promiscuous mode
[   54.186646][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.200766][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.215354][  T956] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   54.254242][ T1191] netlink: 'syz.3.288': attribute type 16 has an invalid length.
[   54.289403][   T10] device bridge_slave_1 left promiscuous mode
[   54.295481][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.319128][   T10] device bridge_slave_0 left promiscuous mode
[   54.326453][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.334970][   T10] device veth1_macvtap left promiscuous mode
[   54.352751][ T1195] loop4: detected capacity change from 0 to 1024
[   54.353826][   T10] device veth0_vlan left promiscuous mode
[   54.380244][ T1198] loop2: detected capacity change from 0 to 2048
[   54.397313][ T1195] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   54.408098][ T1195] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #4: comm syz.4.282: blocks 32-33 from inode overlap system zone
[   54.422732][ T1195] EXT4-fs (loop4): failed to initialize system zone (-117)
[   54.430038][ T1195] EXT4-fs (loop4): mount failed
[   54.433468][ T1198] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   54.464632][ T1202] device pim6reg1 entered promiscuous mode
[   54.480872][ T1198] EXT4-fs error (device loop2): ext4_validate_block_bitmap:420: comm syz.2.280: bg 0: bad block bitmap checksum
[   54.494834][ T1198] EXT4-fs error (device loop2): ext4_ind_map_blocks:604: inode #15: comm syz.2.280: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   54.526930][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.542815][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.559035][  T313] Bluetooth: hci0: command 0x1003 tx timeout
[   54.564976][ T1163] Bluetooth: hci0: sending frame failed (-49)
[   54.573070][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.596652][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.597007][ T1204] ------------[ cut here ]------------
[   54.618774][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.621679][ T1204] WARNING: CPU: 0 PID: 1204 at mm/page_alloc.c:5754 __alloc_pages+0x770/0x8f0
[   54.641613][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 0
[   54.658679][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.658976][ T1204] Modules linked in:
[   54.677897][ T1204] CPU: 0 PID: 1204 Comm: syz.3.285 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0
[   54.684301][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 2048
[   54.688586][ T1204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   54.712917][  T313] tipc: Node number set to 1
[   54.718043][ T1204] RIP: 0010:__alloc_pages+0x770/0x8f0
[   54.723784][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.723837][ T1204] Code: df e9 aa fb ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ba fb ff ff e8 0f 13 05 00 48 ba 00 00 00 00 00 fc ff df e9 a6 fb ff ff <0f> 0b 45 31 e4 e9 73 fc ff ff 48 8d 4c 24 40 80 e1 07 80 c1 03 38
[   54.759465][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 4096
[   54.759999][ T1204] RSP: 0018:ffffc900009d7a20 EFLAGS: 00010246
[   54.783495][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.784678][ T1204] RAX: 0000000000000004 RBX: 0000000000040dc0 RCX: ffffc900009d7a03
[   54.811381][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 6144
[   54.819606][ T1204] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc900009d7ab8
[   54.832046][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.837736][ T1208] loop4: detected capacity change from 0 to 128
[   54.849915][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 8192
[   54.871053][ T1121] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   54.872418][ T1204] RBP: ffffc900009d7b30 R08: dffffc0000000000 R09: ffffc900009d7a90
[   54.887336][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 10240
[   54.910483][ T1204] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[   54.919027][ T1121] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path /3/file0/lost+found: directory fails checksum at offset 12288
[   54.919168][  T315] usb 2-1: USB disconnect, device number 5
[   54.939524][ T1204] R13: 1ffff9200013af4c R14: 1ffff9200013af4e R15: 1ffff9200013af48
[   54.945670][ T1121] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   54.948556][ T1204] FS:  00007f0b859b06c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   54.961483][ T1208] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   54.978834][ T1204] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   54.979767][ T1208] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   54.985774][ T1204] CR2: 00007f53428e4110 CR3: 0000000126242000 CR4: 00000000003506a0
[   55.025711][ T1204] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   55.033784][ T1204] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   55.042616][ T1204] Call Trace:
[   55.045770][ T1204]  <TASK>
[   55.049060][ T1204]  ? show_regs+0x58/0x60
[   55.053226][ T1204]  ? __warn+0x160/0x2f0
[   55.057167][ T1204]  ? __alloc_pages+0x770/0x8f0
[   55.062047][ T1204]  ? report_bug+0x3d9/0x5b0
[   55.068292][ T1204]  ? __alloc_pages+0x770/0x8f0
[   55.073938][ T1204]  ? handle_bug+0x41/0x70
[   55.078783][ T1204]  ? exc_invalid_op+0x1b/0x50
[   55.083447][   T30] audit: type=1400 audit(1725040486.148:316): avc:  denied  { watch } for  pid=1207 comm="syz.4.286" path="/4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   55.083723][ T1204]  ? asm_exc_invalid_op+0x1b/0x20
[   55.134672][ T1204]  ? __alloc_pages+0x770/0x8f0
[   55.139952][ T1204]  ? prep_new_page+0x110/0x110
[   55.144793][ T1204]  ? do_vfs_ioctl+0xbc1/0x2a80
[   55.150513][ T1204]  kmalloc_order+0x4a/0x160
[   55.155102][ T1204]  kmalloc_order_trace+0x1a/0xb0
[   55.159942][ T1204]  __kmalloc+0x19c/0x270
[   55.163952][ T1204]  input_mt_init_slots+0xcf/0xa50
[   55.169092][ T1204]  ? mutex_lock_interruptible+0xb6/0x1e0
[   55.174639][ T1204]  uinput_create_device+0x522/0x630
[   55.180637][ T1204]  uinput_ioctl_handler+0xa63/0x16a0
[   55.185947][ T1204]  ? selinux_file_ioctl+0x3cc/0x540
[   55.193506][ T1204]  ? uinput_release+0x50/0x50
[   55.198107][ T1204]  ? __fget_files+0x31e/0x380
[   55.203507][ T1204]  uinput_ioctl+0x28/0x30
[   55.207679][ T1204]  ? uinput_poll+0x120/0x120
[   55.212172][ T1204]  __se_sys_ioctl+0x114/0x190
[   55.216674][ T1204]  __x64_sys_ioctl+0x7b/0x90
[   55.221332][ T1204]  x64_sys_call+0x98/0x9a0
[   55.225628][ T1204]  do_syscall_64+0x3b/0xb0
[   55.232091][ T1204]  ? clear_bhb_loop+0x35/0x90
[   55.237236][ T1204]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   55.243416][ T1204] RIP: 0033:0x7f0b86d32eb9
[   55.247721][ T1204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.267396][ T1204] RSP: 002b:00007f0b859b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   55.275681][ T1204] RAX: ffffffffffffffda RBX: 00007f0b86ecef80 RCX: 00007f0b86d32eb9
[   55.283801][ T1204] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[   55.294837][ T1204] RBP: 00007f0b86da093e R08: 0000000000000000 R09: 0000000000000000
[   55.302768][ T1204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   55.311599][ T1204] R13: 0000000000000000 R14: 00007f0b86ecef80 R15: 00007ffe55a86b78
[   55.319717][ T1204]  </TASK>
[   55.322611][ T1204] ---[ end trace fc053473d2a260a7 ]---
[   55.417356][ T1216] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.424688][ T1216] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.432265][ T1216] device bridge_slave_0 entered promiscuous mode
[   55.441449][ T1216] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.451957][ T1216] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.461857][ T1216] device bridge_slave_1 entered promiscuous mode
[   55.523920][ T1216] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.530824][ T1216] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.537902][ T1216] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.544724][ T1216] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.575540][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.584202][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.591841][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.610331][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.618365][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.625253][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.632574][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.640635][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.647474][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.660796][ T1224] netlink: 'syz.4.292': attribute type 16 has an invalid length.
[   55.674549][ T1228] loop3: detected capacity change from 0 to 512
[   55.685468][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.694326][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.703047][ T1228] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[   55.736064][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.749265][ T1228] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,jqfmt=vfsold,noquota,min_batch_time=0x0000000000000010,journal_dev=0x000000000000000d,,errors=continue. Quota mode: writeback.
[   55.764023][ T1216] device veth0_vlan entered promiscuous mode
[   55.773791][ T1228] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[   55.796583][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.809854][   T30] audit: type=1400 audit(1725040486.878:317): avc:  denied  { mounton } for  pid=1235 comm="syz.1.294" path="/proc/20/task" dev="proc" ino=22580 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   55.818511][ T1228] EXT4-fs (loop3): Unrecognized mount option "·" or missing value
[   55.845262][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.855644][ T1228] ext4 filesystem being remounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[   55.866059][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.883366][ T1228] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.291: corrupted xattr block 32
[   55.884116][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.895262][ T1228] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   55.912239][ T1228] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.291: corrupted xattr block 32
[   55.925607][ T1228] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   55.936149][ T1228] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.291: corrupted xattr block 32
[   55.942955][ T1216] device veth1_macvtap entered promiscuous mode
[   55.954203][ T1228] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   55.980719][   T10] device bridge_slave_1 left promiscuous mode
[   55.986783][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.000344][   T10] device bridge_slave_0 left promiscuous mode
[   56.006363][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.029646][   T10] device veth1_macvtap left promiscuous mode
[   56.037527][   T10] device veth0_vlan left promiscuous mode
[   56.092715][ T1242] loop3: detected capacity change from 0 to 2048
[   56.185663][ T1242] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: none.
[   56.246531][ T1242] EXT4-fs error (device loop3): ext4_validate_block_bitmap:420: comm syz.3.296: bg 0: bad block bitmap checksum
[   56.266500][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.275858][ T1242] EXT4-fs error (device loop3): ext4_ind_map_blocks:604: inode #15: comm syz.3.296: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   56.292433][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.301000][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.309322][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.317938][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.351989][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.371487][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.414617][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.432175][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.448862][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 0
[   56.467641][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.484238][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 2048
[   56.501253][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.526439][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 4096
[   56.546989][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.569771][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 6144
[   56.588863][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.608452][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 8192
[   56.624404][ T1177] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:405: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   56.640095][  T313] Bluetooth: hci0: command 0x1001 tx timeout
[   56.645948][ T1163] Bluetooth: hci0: sending frame failed (-49)
[   56.652133][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 10240
[   56.667574][ T1177] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path /5/file0/lost+found: directory fails checksum at offset 12288
[   56.682698][ T1177] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory block failed checksum
[   56.893810][ T1254] loop1: detected capacity change from 0 to 512
[   56.936036][ T1254] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.298: casefold flag without casefold feature
[   56.949216][ T1254] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.298: missing EA_INODE flag
[   56.962086][ T1254] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.298: error while reading EA inode 12 err=-117
[   56.974715][ T1254] EXT4-fs (loop1): 1 orphan inode deleted
[   56.981267][ T1254] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[   57.029127][ T1254] loop_set_status: loop1 () has still dirty pages (nrpages=1)
[   57.280158][   T10] device bridge_slave_1 left promiscuous mode
[   57.286224][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.293575][   T10] device bridge_slave_0 left promiscuous mode
[   57.299588][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.307004][   T10] device veth1_macvtap left promiscuous mode
[   57.312907][   T10] device veth0_vlan left promiscuous mode
[   57.923541][ T1278] kvm: pic: level sensitive irq not supported
[   57.923619][ T1278] kvm: pic: non byte read
[   57.977311][   T30] audit: type=1326 audit(1725040489.038:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.001494][   T30] audit: type=1326 audit(1725040489.038:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.027520][   T30] audit: type=1326 audit(1725040489.038:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.051110][   T30] audit: type=1400 audit(1725040489.038:321): avc:  denied  { mount } for  pid=1291 comm="syz.1.310" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   58.075463][   T30] audit: type=1326 audit(1725040489.038:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.098849][   T30] audit: type=1326 audit(1725040489.038:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.122766][   T30] audit: type=1326 audit(1725040489.038:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.145896][   T30] audit: type=1326 audit(1725040489.038:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.171717][   T30] audit: type=1326 audit(1725040489.038:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
[   58.195153][   T30] audit: type=1326 audit(1725040489.038:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1291 comm="syz.1.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ac1de8eb9 code=0x7ffc0000
SYZFAIL: mkdir(syz-tmp) failed
 (errno 28: No space left on device)
loop exited with status 67
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: repeatedly failed to execute the program
proc=2 req=299 state=1 status=67 (errno 9: Bad file descriptor)
[   58.685317][ T1323] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.692221][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.699406][ T1323] device bridge_slave_0 entered promiscuous mode
[   58.706089][ T1323] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.712950][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.718778][  T313] Bluetooth: hci0: command 0x1009 tx timeout
[   58.720297][ T1323] device bridge_slave_1 entered promiscuous mode
[   58.742157][   T10] device bridge_slave_1 left promiscuous mode
[   58.748120][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.755567][   T10] device bridge_slave_0 left promiscuous mode
[   58.761589][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.769377][   T10] device veth1_macvtap left promiscuous mode
[   58.775194][   T10] device veth0_vlan left promiscuous mode
[   58.915355][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.923771][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.933190][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   58.941299][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.949346][  T501] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.956164][  T501] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.963703][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   58.971914][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   58.980135][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.988035][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.994801][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.005738][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.021517][ T1323] device veth0_vlan entered promiscuous mode
[   59.028727][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.037014][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.045060][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.052361][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.059929][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.070915][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.079679][ T1323] device veth1_macvtap entered promiscuous mode
[   59.088830][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.096872][  T501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.113693][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.158839][   T10] tipc: Disabling bearer <udp:syz0>
[   59.164438][   T10] tipc: Left network mode
[   59.920355][   T10] device bridge_slave_1 left promiscuous mode
[   59.926277][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.933611][   T10] device bridge_slave_0 left promiscuous mode
[   59.939622][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.947312][   T10] device bridge_slave_1 left promiscuous mode
[   59.953408][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.961011][   T10] device bridge_slave_0 left promiscuous mode
[   59.967064][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.975285][   T10] device veth1_macvtap left promiscuous mode
[   59.981307][   T10] device veth0_vlan left promiscuous mode
[   59.987088][   T10] device veth1_macvtap left promiscuous mode
[   59.992962][   T10] device veth0_vlan left promiscuous mode
[   61.519130][   T10] device bridge_slave_1 left promiscuous mode
[   61.525087][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.532444][   T10] device bridge_slave_0 left promiscuous mode
[   61.539037][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.546540][   T10] device veth1_macvtap left promiscuous mode
[   61.552439][   T10] device veth0_vlan left promiscuous mode
[   63.919105][   T10] device bridge_slave_1 left promiscuous mode
[   63.925114][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.932665][   T10] device bridge_slave_0 left promiscuous mode
[   63.938704][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.946199][   T10] device veth1_macvtap left promiscuous mode
[   63.952147][   T10] device veth0_vlan left promiscuous mode