last executing test programs:

7.393435365s ago: executing program 0 (id=621):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x203, 0x30, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
r6 = socket(0x0, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x14}}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r7, &(0x7f0000000380)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000440)}], 0x1}}], 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000640)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000600)='\x00'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@ptr, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0xd5]}}, &(0x7f0000000140)=""/249, 0x3a, 0xf9, 0x1}, 0x20)

6.446008139s ago: executing program 0 (id=629):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@union]}}, 0x0, 0x26}, 0x20)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f00000001c0)=@v2={0x2, @aes256, 0x0, '\x00', @b})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000040009504020000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x30, &(0x7f00000001c0), 0x10}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r2, 0x0)
ftruncate(r2, 0xc17a)
r3 = socket(0xa, 0x3, 0x6)
getsockopt$nfc_llcp(r3, 0x29, 0x4c, 0x0, 0x20000011)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xcc, 0x0, 0x300, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x72}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x72}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@private=0xa010102}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr=' \x01\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x30}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x800}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f00000002c0), 0x24, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r4, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
renameat2(r5, &(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000200)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000e7ffffffe0ffffff", @ANYRESDEC=r6, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000000b000/0x3000)=nil)
mremap(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000861000/0x1000)=nil)

6.344078768s ago: executing program 0 (id=630):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x203, 0x30, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
r6 = socket(0x0, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x14}}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r7, &(0x7f0000000380)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000440)}], 0x1}}], 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000640)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000600)='\x00'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@ptr, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0xd5]}}, &(0x7f0000000140)=""/249, 0x3a, 0xf9, 0x1}, 0x20)

5.434123153s ago: executing program 0 (id=635):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x40}}}}}}}]}}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r2, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r2, 0x0, 0x0)
pwrite64(r2, &(0x7f00000001c0)="5da9", 0x2, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r1, 0x89fa, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={@remote, @remote, 0x8, 0x1f}})
getsockname(r1, &(0x7f0000000140)=@ax25={{0x3, @null}, [@rose, @netrom, @remote, @rose, @netrom, @rose, @default, @default]}, &(0x7f00000001c0)=0x80)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000d00)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

4.96607858s ago: executing program 3 (id=639):
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0xe, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB])

4.91990371s ago: executing program 3 (id=641):
clock_getres(0x8957b56da8435663, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

4.89202979s ago: executing program 3 (id=642):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@deltaction={0x50, 0x31, 0x0, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x50}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x4c, 0x0, 0x2, 0x301, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_MASK={0x4}]}, 0x4c}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x100000c, 0x41010, r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x10001, 0x0, 0x1}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r7, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="0213000002"], 0x10}}, 0x0)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f00000001c0), 0x4)

3.579926442s ago: executing program 3 (id=649):
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x1000, 0x3d, &(0x7f0000000fc0)="7177808fd324300c02d738326bcc12cb86655404f6b04e5517904a559286abeedae762624c8de1c83921eb281a2bc36874edfab7cd5d691e043f52d3e9b696c863a3653aa9ec92343b4fd908bbea95dbbdb352d995908f9ef0d04ef57c2f276f289166c418a55b2d60f8847baded1f7e2e8188bc5063dadd86d53d0b50b4a5348d23b63fcfa4d3c99570122305acf35983ff42e65f97da6f0e8bd381f1bc9a601e32cdf90db4b9b1b6e74d589480280126f199fb09f165b7319925f980d973f1ee9a5568ecba4b7c25286d17da641727e7f8aa4976e7b3411f8c766c22d1fe42518f7240efc3f81b7b4d3d9a79ddf1c294d585990a9258031d6fc9b7f6234c2a227ea8cd22211227e1fd3bf264ef956dc13be0e9fc47a8dab89c42bf1f06baedd1c5cb214208db2fce4cd23320adfcc6d0d565546d6200c92bb26c7b254dc51a4cae373731aefb4ac4b5b7b157ad70d163f87db58ad6c54d8695cf2c9a65c4b62bbb3d6f37e6855e88aec6bd7724ae6002f7e3171bee2b446732a1fd7b34b6dde782253de7176d549a7147ee93a5078f5ee23b9766a08829ce6e7f00da3fa902bc2c45ab77fca65dcda90e57b0a21023bd9c9dbaea5007326970b164237260a092b3380640ca093d0e935c57f590bb0ba553294814e76402dfdf64aff53a81e12d48b15eee1319033a5d67e288048914d274d2735a59077d69e49dc5161196be90d15f1729225d5f06500cfa8f94f5c2c4c0f902dc24f1886d71168a21aa368bc23a0e6b82567f7e0120d85ad0b89072201d7e40f2590bb7dfa7300354b8fbc9ddf565c315579e08e145102813a7048ed9de9318bbd1c7040ef16ea4c9b63fe148e48750d9bae3c725bec73bf9ac304b1c7fbf3420863c9cefd20458442212894865592fa5fcb76566535abc293f9d2acae239f29b51367193ed4530a52a6e6b33c31de584f9d4c478a8763aeb701a67b50e06da3b079a972e1c9f8b87d71239b52460b65f457d682aeeeb5f5143f08f221b6f89691ba88f124c9fad0c9ac5482e5b93f9ece7b0f972f1036a5be99404e06f2e10f6c982288e0ddf589f2264a7479f6ee027130bbd65b63d31453e12bdb029cc69088fd98ef82b4a8cd30386e45d1929e5bd27a116b1db88f1ee38d11e846c84855236979e0a778dfb2bcefbe202935e6d04ea7587041d42a9e1467a909f628e6f566e5bbc78abfd074b5fd1270d82acb53acef8a90249e3d3935e23011d29cd849881959b63677de741b39a0211e7a1023cfbb50be9c106240641e9e35fadbac692a5c5e217d2ce8009ef5ae9d902196aa1969bfa264b9e9cde15fcd163b078a8bb49475a5948d511a0af274522f27e3dc0c1652245f4da16af36381530983b7ba58b8ae49acbec67940720d811475857a1d6704301593b3353132a232b6af3fa9975117f67f1f2dea905eb5031261ba60c9d2750d19d658ffbaf462244e55a58312f45742e171b60a3a5dfa570e82f0d3411cce82255833f1d8f0e2b3786623ecc212a80f6158b7e2b701aff6635ca72986b39d2fc725a15ffb5e3ce57d406b8c70b68de6ca1e258ba77040b61fe79b891b3cd620c85a58c9c402296e8078488da2b56661a19d4057dcae9e53b2b9450da180097bc3cc24ea0d225ba1f8f28935b48b295b319c45bdd020ac6d8c470cf1e31aea72827fae1270e7e33c86d1bd53b689baaeb95f067521df745b6ea0152639f116c192183cebdd0fb44c5e1279ec3fd5e54f5494d1f39c2bf807b8ac8e0785cf0f038f58815a63132ebba4b3af3a9d7480430478ae05dc27f5ee7494f78f36e398a28de2cdd4ec46ca15f370057ada634556d7028ec670ee9fb46a59bba9eae97706219776ca4943501c0e0729928dca1de34c10390d9e2d83d87ca7f4e267d1b9d72f980e667c075fb6f9545c13b1b94c8e0dbcafa38645c2a6ec5b52eccd2c9cd95a9d32897cd35b4352d6882486b42c68e5612788f222480b011ec42af7b420741a20ac23e4fe86d52bfb1e78672b70a0e4937ee1c9cb4274e7dfd2c7ed0cfb7b3f6c3a5a15792a9296733c73d7aed2652252f4641f9358bb6742355a334119ef3cf6883c6761e146e836e9ad4f83b75d39609c58157d30c2c67e4649979084716fb6e546023a51e2e35505a863d3e07c306769105001b0ceed4b6dc8945d16f4fcee369f65a93e20f5ff10bc23bc993d2fdefcc8d760a8e94dd75c11812c97a4a4787d8229f231994812040452893323c4e800b74c56c4749183813709820a3386ff457a4040603a77bc519c437fd838f64d72aeb5311a6218a3b515e626c6565456bc6aa7e86a10fc81ee65d1246f7e5b10a76ce7672a69d653a9c941453651c12962f089e4d5c061250b963dafb381dcc203633584e4fa31d324a52c044b37d695f36a3006a0bfc5436c537e7ae3b59964f7e1da662f4a8a31fc47b0bddfaabf8b1cb86648f1d933bfdfd81fa9a2cb7c7d5e54eb05c5a4003d448b2d48ff7b196e4a997a712f29c54fb3fac4c0fbb61da564b566ae97ee39f056f8b34e4672fbee89e9f8334e3790aa9f14425efbd043f363687ee9f49cc10b154aad3a7e2b456cbad9d88bacf70bb7b38be7667bec49866c09ae2209fa35c62989c3518cb28c464273ca7b12792830ce1ebb99c50eac35052192362ed4df7f3b987fdc12561bb4226ee57f470dd22e2e9f893b8d9d68e32d2d5937acd46ab82bc95f582a9115c1eae0b037732860ffe637935f388271fa26f12e0dbd527866176377f776e329eb387f7a853bde4e8de6d65e788258f4863979a002ad9d1b283029701b544e52cbee64b535a98221025672fbdd16b50bd7141edabe43f2f7f7dac78c302dccec18a1334361eae1af2ea5bbb6adf9e41e88401454ccf607099817a0f7c04c2b12480f8a3e91413e5166643ea795a378c5e042a98d50feb589c5f4d2656c3e38d6cc3fdada5030ecd3bab854de5487b79bd1b4d047194e737541f15b2c7be7dba32ecc7e340004ed4f4b7e9d6db3cdcd29e566a2857b39ffb485f9627bd28eb1fce2c47adad05714d3f02b5f4509194235188cf9df8e6884e52e3fbfbc10d03205d665472f8ac0e4f67ebc7e42927bff891679273784ac04bbe236ffb99d92cf81c77477418e48250eca025ae340206d20ac89fdb084e7548203a3dd0d14cee6bfa0e0d1521a13aa2ef98e014def89af5efa38c5cbef9f8fd5dadba7c8323ed7ee6ed79df3b08eb528038e18774fc20a9eef7bd6b8385c1cc4c3c3d1b001d5c07a01f2802b058cbb5a65fb861beb85d5900a29e9e06ddbdb705dbe14ec773062f3e298b8e28f3a226559ae147c0827aaa625211ad0a004411a2845e5adcddfa115e67b3f51763303b3293cc61c2821f58117e4331cdbfe3edda64431dbb436c9abb3cf5ed5c3a2da9a43aa4bb167a2d2a5605b3364cf7d282ff94ad899b3245eaeffe265758c85643ca8ba2726380d19b871d01369298506bb1ff88fdfdf54f835cb9a33a259fdd4457a00f2897eac3ef486f906ad706317944a527226f5a64c21530b6f7cf792c972a0932d088ab227d9dcde3a090eee8e524ab2ed6978709f7139daf8fd4f17f08fbc026f06f0b4a0d2056ff59ba102f72b3f77060fee32ebe5c76ee65bf406aa9aabaa124a425ada46b37ba282d8a297e38a8f6b916039d8a17e7eef1f99e00cedc6d0b9f1f33c4c3a07f163673682322a30213a5499c513c35758747ccb91a36fbfd3fc8397a1ee29660ad00c477d3cabcaca24865843443d809212c46e0a4fa531d4ebd78f2d0ca9ee5d5cbfd4793ca09f160fb7ff90899ed53b3593a5ac50d2e85e192d116ac03063c0397ec3fffaa63df3e6930e03a04884e014237e06d44239bd66439d9c8eed9c6e1fbedc49a26a4edc7cc518309921b901c3e704853717cfa9978b4037db54ae4cdafdd57c87f7b2505f3de8bcc80e4f13fdc4d9f3e4fd1ec8f58fd56809b5fa61127da953c3e2b6bbbbfc99b03668467cb183d3d611c12d8a5a56205b63886fc51f7b435888be4e78a73709390a8b3794ddbca672c181619bdd5b2b1f88c2ea444aceaf19b5d7b97e98fc20db1abb11a5f523e5ebaa35b858987a169464034f2e10acd8d85667238193fe69682bf01bf625e58902d7a29750d6100c3de35e676a7270a0397aad5356c16307e220ef32973fdbe9f6ee964eb39217ef9a46aecff01bd597e6b67928cdfbe70cb280a6bba311afb1d7a313d2f4000ec4f394b82cb80cf011bce47a866b891a7a573832bcfb43e361b6e3f6048a9de477eae5f98cfc6683542cb5205298334abf9ee6cb4713b2677339b920a1d976974af27539ee528d1749d0bf04e5ae98d4e4dd9dd5402e036c6b7d994df3a9353a98d8b4cd515d2a21e6fb6a5c13afb14ffc6c7cb693cf32171e1ccb29516b8131e93102d75961adecab24d50c445ef545dbba90c2add34189d69f9971da187599a0c1ad201b07319636ed16d9acbe5886ad027a3b62358a04a37372f20145dbe65933aeef7bce88fe8820e6623202f24649e4df51dd467a0c50ad17417e1d48c49f442c28e0a60e765e2c212eb779082bdcf36d9df7346cd7774b56765d15418388eaebf6a18baf692cfe737dee078a68521931154a3f8c7afa6152265f723308378701269009bb185c9e57831c14428d84f179cb34b2801c3fa50f9d7e6bc554b57fdf5a9b809286577ddff714987c84aaeb4afa29f285fb2e1e22e8b24bf2366163cb3a336fecdfb61de7d81a607e4d6b31fa7ddf25342eb72e032a05bb3af187d7c12af37ebd179396048d89b0a969fea14f41fb473677d08011f3d549eedabdd5708b23b040eaddaa82402d96150f59e739f3acdc8b156c48ae4463f70478d2009ae9f081a0dd5d3c21b17ab88ce51f53bed674497b2f7149b257fe0f5e1d65d2a7b996181519161674c0c01709799fba0f3ddee5d9f461f851d9775ff32ec030f6accc17d135bfcdb28a07f113aaebb4eb07ecc761386bf4911adeb42796963577988fccb03ca4751eb57d10d54afa586643cddfd5a51f4b24a636be2c2227db9049bb509827f2f62e286b7a52c21736269afdbd20445e0a91b2eb249741883f9367b236e2a7a80298b9543b667c8da9a6783587434e96aa13ec62a854e638413b876a45a8985b6c5e65c23905fa907ea3183eb5d630415cb6b6570047e46c63eb2da4785e80589f9507927e1ec3b85baac0b9271cac6876e875f962d0ade80eb49b40c6fe7210d6a4c1f42546f0e54ec72ea932a8ceea2865832cfbea7616223b0848123626544645f6a6f35529d7f695458cd7a1fbb8bf885ee935a0ba4b4cda2a35007c00d178d20e87cfd6a0214a6c68e2461c84b932cfc3dfd3e76cde9a9456c665c5e9594266d32dc10a617b658744ef09d910d9cbc68cc2c5e5749f168156e9cc4633c13069ec1f4eea09258579977e18280f73596c8b4dad0debacf32cc8169d165d42c1887fca659ce96ab954eda73ea1ed190a38e82b97439df39ed03681e0afafdcee2d3ff0a525e9d7a20c6039fa51d84d5b09dcd1878dbb7a7fc94e98d13c3dbe2143db4ed384e2cfa76e15203a638cae7b78475384a480277385ee209606d2ca405f02e667b03bdfd28c83b084f5a5a01400aa8d3f16ded8b679baad664a3c54eea5ef33c655d9275574364f7e9a16b6663a2b4085de130f5871b905cdc28f963b0fb5f4fe44fa91853076f6c025e8498fbd36058c48b8b0bc246cfa931379b0daf44a7c5cb906c09d6118a0418537230b9a54e27bee6034232f2d5cf422ff275e9", &(0x7f0000000100)=""/61, 0x3ff, 0x0, 0x3c, 0x66, &(0x7f0000000140)="0a82c1319d14c126daa4a2c3235af5f5de7dd25d3748c5157e990880b199f87c57251e3ec5733e20c232ed251d4aa676b566227bfb608f0d23df659d", &(0x7f0000000180)="785ceeb018463ee2cd75db577fbc7b0c22254ce6b836547244994f1910ab6fbc9258a384fe43f0fd6251d12631f105c12d21b9f3734cc72b9f13239cdfbcb6563d49d7cde3cb1bb3b5de88d1b59e6d9691d4111fe79c2d38329b74d7bcea86073a69b891b950", 0x1}, 0x50)
r1 = socket$inet6(0xa, 0x800000000000002, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r3, 0x1, 0x200000010, &(0x7f00000000c0)=0x1, 0x4)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x1088002, &(0x7f0000000340), 0x0, 0x5e7, &(0x7f0000000c00)="$eJzs3c1vFVUbAPBnbj9oKe/bQoyKC2liDCRKSwsYYlzA1pAGP+LGjZUWRAo0tEaLJpQENybGjTEmrlyI/4US2bLSlQs3rgwJUUNcmXjN3DtTetvpJ+0dZH6/5HLnnHOn5wy3T+fMuefMDaCyBtN/ahF7I2I6iehP5hfKOiMrHGy+7t6fH51OH0nU66/9nkSS5eWvT7Lnvmznnoj48Yck9nQsr3dm7sr58ampyctZenj2wvTwzNyVg+cujJ+dPDt5cfSF0WNHjxw9NnJoU8d1tSDv5PV33+//ZOzNb776Oxn59pexJI7Hy9kLFx/HVhmMwcb/SbK8qO/YVldWko7s92TxW5x0ltggNiR//7oi4onoj464/+b1x8evlNo4YFvVk4g6UFGJ+IeKyvsB+bX90uvgWim9EqAd7p5oDgAsj//O5thg9DTGBnbeS2LxsE4SEZsbmWu1KyJu3xq7fubW2PXYpnE4oNj8tYh4sij+k0b8D0RPDDTiv9YS/2m/4FT2nOa/usn6lw4Vi39on2b896wa/7FC/L+VPl9txvDbm6x/8P7mO70t8d+72UMCAAAAAACAyrp5IiKeL/r8v7Yw/ycan//91bJfX0Qc34L6B5ekl3/+X7uzBdUABe6eiHipcP5vLZ/9O9CRbf2vMR+gKzlzbmryUET8PyIORNeOND2ySh0HP93z5Uplg9n8v/yR1n87mwuYteNO547WfSbGZ8cf9LiBiLvXIp4qnP+bLJz/k4L5v+nfg+l11rHn2RunVipbO/6B7VL/OmJ/4fn//l0rktXvzzHc6A8M572C5Z7+8LPvVqp/s/HvFhPw4NLz/87V438gWXy/npmN13F4rrNekN0I4c32/7uT1xu3nOnO8j4Yn529PBLRnZzsSHNb8kc33mZ4FOXxkMdLGv8Hnll9/K+o/98bEfNLfnbyR+ua4tzj//T9ulJ79P+hPGn8T2zo/L/xjdEbA9+vVP/6zv9HGuf6A1mO8T9o+iIP0+7W/IJw7Cwqand7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRUIuIXZHUhha2a7U00RcRj8XO2tSlmdnnzlx67+JEWtb4/v9a/k2//c10kn///8Ci9OiS9OGI2B0Rn3f0NtJDpy9NTZR98AAAAAAAAAAAAAAAAAAAAPCQ6CtY/z801Cz7raPs1gHbrrPsBgClKYj/n8poB9B+zv9QXeIfqkv8Q3WJf6gu8Q/VJf6husQ/VJf4BwAAAACAR8rufTd/TiJi/sXexiPVnZV1ldoyYLvVym4AUBq3+IHqMvUHqss1PpCsUd6z4k5r7bma6dMPsDMAAAAAAAAAAAAAVM7+vdb/Q1VZ/w/VZf0/VFe+/n9fye0A2s81PhBrrOQvXP+/5l4AAAAAAAAAAAAAwFaambtyfnxqavKyjTcejma0c6Ner19Nfwselvb8xzfyqfDtr7071vHifK3f+n5yeX+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVv8GAAD///5GJUU=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f00000006c0)={[{@user_xattr}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@delalloc}, {@user_xattr}, {@errors_remount}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r5 = open(&(0x7f0000000080)='./bus\x00', 0x10b942, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000580)='./bus\x00', 0x0, 0x1000, 0x0)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x21000}], 0x1, 0x1800, 0x0, 0x3)
sendfile(r5, r4, 0x0, 0x80000000)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
r7 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r8=>0x0}, &(0x7f00000000c0)=0x9)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x4b, &(0x7f00000002c0)=0x2, 0x4)
setresgid(r8, 0x0, 0x0)
sendto$unix(r2, &(0x7f0000001c80)="a4", 0x1, 0x0, 0x0, 0x0)
recvfrom$unix(r3, 0x0, 0x0, 0x2, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000000)=0x7, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000f80)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000000800), 0x62, 0x12141, 0x0)
syz_usb_connect(0x5, 0x9a, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0xf5, 0x54, 0x78, 0x20, 0x19d2, 0x1070, 0x1c8a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x88, 0x4, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd3, 0x1, 0x1, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x9, 0x4, "cbafcce7284a5c"}]}}]}}, {{0x9, 0x4, 0x18, 0x40, 0x0, 0x27, 0x68, 0x3c, 0x2}}, {{0x9, 0x4, 0x1, 0x2, 0x0, 0x32, 0x4b, 0xb8}}, {{0x9, 0x4, 0xb0, 0x0, 0x0, 0xff, 0x1, 0x6b, 0x1, [@uac_control={{0xa, 0x24, 0x1, 0x6a3, 0xea}, [@input_terminal={0xc, 0x24, 0x2, 0x3, 0x1ff, 0x3, 0x0, 0xe8c8, 0x4, 0x89}, @output_terminal={0x9, 0x24, 0x3, 0x2, 0x307, 0x5, 0x1, 0x6}, @feature_unit={0xd, 0x24, 0x6, 0x3, 0x6, 0x3, [0xa, 0x5, 0x4], 0x20}, @processing_unit={0x8, 0x24, 0x7, 0x2, 0x0, 0x0, "ab"}, @extension_unit={0xa, 0x24, 0x8, 0x1, 0xb3, 0x3, "3eda6c"}, @input_terminal={0xc, 0x24, 0x2, 0x6, 0x204, 0x1, 0x33, 0x6, 0x0, 0x1}]}]}}]}}]}}, 0x0)

3.445646011s ago: executing program 2 (id=655):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xeef, 0xc002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}}}]}}]}}, 0x0) (async)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) (async)
r3 = eventfd(0x0) (async)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) (async)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x0, 0x0, 0x0}) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) (async)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
syz_emit_ethernet(0xdb, &(0x7f000001aa80)={@broadcast, @remote, @val={@void, {0x8100, 0x7}}, {@x25={0x805, {0x3, 0x9, 0x65, "a5a21b803031b57719533740e26c0169b38264426753618709efae2326586d2acd7051f8a7a6b0f98e84662a0bb54acb4a947f860b545c8b61bcd5f510388e36bf197695c38a224f219d16d10a5e32426ef0f89620e5af335763ffcb94a5f22120d812929c7b63a4155e9be48ac2148f86174660a64dc541564a93afafde829569779e890389a127f4779a3209899eb763167960204ce1434bbee3a0c20069f3beeb14f6ea46602f32c02a6ced37912c8054f65bba523098b20041fc18465bf220bd43e8a298"}}}}, &(0x7f000001ab80)={0x1, 0x3, [0xd4c, 0x2dc, 0x322, 0x268]}) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async, rerun: 64)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="b635a23a2016a72187bea6f49af69fc50e62be9b91036831bdeecb48c13bb131c346c3e92f08dc3e906534c965dc3029c871de321968e3788fa100e23ffcf4070c9b5731c9e315676713c5668adcb232058a72dd3f9dcc3393a54b66f68e5013e2e74bea3da949fc18e58f7df102ad2f65aa31a773ef5c353b7f3c623a575938ff845618fd087df36099d5ca1d7d6f038c546fb310bb3178bc9a693e6cac76ca27f8afec8f31c9a8d5bca4a31a7ae7dc0cb36afe6165ec1206172879c342d63c402f7e40b6a80dffd8b53b37c7c6dd80d3032019c28cbfb59a2f9def205c9ae2523de159bf7e367b1dbdf3876a29c6dab82b439251424cfb62e9cc83178036852558af1ce423a4e05f196e061d5a25a83571b7165033e1f383acd2d854ee70ed2510a3e48f318bebe7381415a12697523e93a617b0946dfaed978c334f15b5a3453e69cf879a8c655f2066fc4bbe5ac4453118bab0be6f6130d1a1e152be82c67e9e79b51308d6a11b6b0a28d0683f4cee3a515d094f34cd7e265de644974c75598d69d42c23d6287bde741cc04419c95262e4857feb0961a04a05815bc39a36f44f5af86927075ba9770afc6d292077bab454e333c2071c7c3cbec060b9a1971de44fe264dbcdf855c6ccdd0e352dcb6829c0bca7944a71ba92290ab85d19c0da056cb03a5cfe64961a8009b29881a19e5875df770af2e8a01c83aaa6987102bf4333d47ef6163f4dd459de363c2fe2a45b1c7b884a058aa78aa24bda266734dda02c483484658f2be92b2a62f9c670415d710e10a6abc8545a84e7f63ee8b1bb030abdd2f25089c57a014b67f0c769d18f3339eddd70289ce779b374c7f811fae76c38d057e0f71fd7c53bd8f18491293c390ab97c3a9490e6b3cc6482990393b1248166e68dc532b2f0c2c375c014e738c0833d109c66c97cc1b318b44b2664aa94ae689452707465b08f5d0df59fc1662c9a96365a9a01f5de018abe3c035e069e928d7dbf1f010cb9b0c30ee806414e8cc3d2c010087892280735686d2c4fbf42bec52487ab0a8f5c46882860a51549b97c6c6cd5bafe0059ecb52963a89a4e45041041b2c7a544c09e258d757db52942943a6a091d57764d1c200c787012229bd224964ade40e3c26a11b8a73b38fdb9efd4f43affbec9d94b86fddb18ad22b7308c4722c98648e2ee10bd19a0ddff955c001eeeb27391fd19cc9e75ecc281ab175c92becf420aee960e99702d83b1fdbd6cb14b64a3f2b01a2949dfaaa2cd21c83b456721cda5fc55f2fbd4d79739c9d515d4e17a5cbee63fd7781806525107471dca76fb8630780d71737890587d64446dd8f683421647024ee0d4743d3a1c40a36dd775050b1eae69ca0b2a3eb064a8e1c24a3d465ef3fd470f844294ab23b8e6a8e88ce7ecafe84c4e31c08f3444c1a9cf8527f50f11b809235e54f4704222a473c87e3209fdc615d5a01d5dee3178c7175d2f0464042157c6249261050ca66f07635ee324535c524ed7e199d2df42666f07047069ee7bc72a788140a4aef44bd258d01a3ed28be4089f797022022f3a7e30c2e50af2888782bfd8e410d41452165e3c86cc703455fb811947defd3462621c665ae555c9bc75ce4dcdaffa3241d140774dce1d1213f0b9200813db316fe70dbb7c518cf393daad90dba2f79bc8665da6f55e0a4e309fe2ea95868af4258df212e3ffe3ecd56a847378c4b6349c4ecf165b07521ff4d272fdb07745d5bcdd02685cb9d7833002cd9edb6331ca8f6f877df03621b67308246b7a552e61c9820fb108a9a0c89c9774956a23e2ad56fc40fa8da59f6fc6ffc21fba200ad858fe0ec974100a878552d9ff24fb80bef586375e3bbd15c72f40cd66e1eec9de67800fdcf00b2b88c4c07b27a0db91a467ee1a1294cdb077a327cf8ecafa211b60208d56d1732b87b448b039c7b5271270ed46d507a6a81716fdff750127a50e7f5b34b5b3d4e99140ce6b933be3b021cbad405d4a1d50668163b1064b879fcf267cd1ff40261aa410ee086643bf43687992b094045e409db0ad7b8b9070fef8b9b618d138f377d6eca58ba46b419ee787e35d351dd196f18645970724768122e6e7b272080b217c68d47d14cbd240811a23fecf0d580eca7e05da64d8a438479f70eae43cd676f92f8b0e77bd829c4b2b3f7e96e180b6113b1528cc13ce684f864d808210d4a8ed4f9a73005ad761ad46307413d493bf7452907c17af88a4628040c37ebd2fbb5cd7b382621105a7af874f0cf7c99ff478d7f5800b5be59d3b74ec160f22a586ba9a017cc4fe0c1cc58e289fc060ce3a415d55660e28f92eee2ace1c4b3a0cc700de3b8f617b0ece1415e2b917d906303ce018af05661a261690d3b2b1c738981791f9e5f2abf97beaa27e4deb3e12b2ffacaf68798945ee7ee7a955969ef6e7c71f6f85609c6485500e18f39f9ea927ccd26dbfd28269750149a44ab81a739a5367549364b71ea8c3f4275e0041261e356c21f58527a704af6828df7a209a4ba2a42c96b506d04000adfd16df424624a6981276a4fe4777c2d91e516195c56c8b7cbf88a091c903049d5563db8a62f39cc0c29824779fac1d8a4899d1cdac16f076202f587ae05333d208bdb3b4dfe52e65fb1ffdb740667032960114a06967910f4c8bea2e3d93f438b4e6a3b5c1144cb95d2137e508e575c49cf114d06a56bf9336548a09a8b82374622d58084fd4f740aca1704f44ec359525bfaa23058ff4fc5c3f50e1f7bf8d05abe5467f77b03c3f6188afeccc15dc0b2fd51e5f699a67475de8302fb1585f6b2e7e5c3c470efdc51fe58787417304ab43cda673883b689b3e00fab6328b40af8a0194d56ad91bb7195bdeec56eece40c5269f275bca2e23748838446a0f7d4219bce3d96038fc4f20b7272604c8f9b7c6ce4fd2b91d104c23b6e2e59c2efea536536f332cb7f2d113c7ad1613ebe9ec50c86be7acde5c703dd663f6b821c7408917a62adb7795f6508408fdb327f2a3bcecf9892bd815ba7373dd80548b92afb12ce395577ba3a638189eb9978d1941b836f7785dae64e62c5d7b0e46b62ba639b0c6a790dfa850104e0413ae0b386438e0eb87c4acababc30eb376f6f47485a11c884a187d67ea7d679a367e32337a1bbb07ec05324a3dbc2586bc0991a304aaf035ec99abf8bcad6b10295d9f832d8879b9690447ed3854806095565689e7655ba7ada3c41b814b436615dd491b13613cc8cd6e826b159c0b07d86841904d8db164b2d95b77dd8cee127e33e9f72697af5bdac028586bd580548bab55d712aa656cf9fa86f07e0bf6394b5b9e78a2f0ee6de2ce7f1f4764787fccbfd7df104b50099205e14a7e65c2fe0afa688aef20043841767e1cc18c058bd83db3d5efba9c2f40aed1712730177124f71664b00112c2a801e3f7632fd9aa67bc9b2b6fa494c1596cf96f277f50d51bba6441733f0a7d73bd8055c88068c8e566e1dd4121ec95ca6df211a7cac1c6f3dc67270b86b6bdf1b2a98db3756796d8ca726be861bf70c90151eba75ff30b8fa17e5640f6bec0a042593f2f113875b9e18114e55be082083dfb8799d9c5d0a5828cebaea60f7fad3c98c078c09c245ed56a4fc7f9a7bb407daac2cc9d4bf8d3ed454cc022ab10ce4d41a2d4c6bc1ec3d6925426a5f4eca2e9bded77515c0896ffb0001adf51d9f43462222f7e06ad6cd69c4d02a384c4d8bce93638a24364d6ba8d17a537ea78655c3305bf069e07691a78aaa3ac03dd987972cd3c79b32b90a0376b9bbe0a6fe95ebe1e95de12fd0e53f5bc9b047146ef5ff4b40a2bdcf0bd53a6887b37107b6d37c86aacfee3478d3d81a5ca8be63559ea5276a64d88657c0d59859a2d1b76c0a382ad851ba8411a7e6e17d838694b156c5550c5cc14212e65e3b3231e5837cd7866381705db015245cc258ff1bd66517feaaa4f7d154b24c51ae54dc5466846b5e9a64ba88d3bc799f6118dcb2e5a972aa3823ddf5bd2a39109e56b820194c172c7e87ef1240701659149f7b05897aa7945fe5040d7e67c635ac0dca05e5ef0e9d6f542f8b1f15fec8897667587fe7db94fe36d73e51c8ab6f2b0ae3f6c51325b27ffd344a91bcd174adaa4569b9d52c0d31191ad191c3a52129e425307dd9ec1d1dea3bccd3fd7e5774915012b0369704f3d298c175d58accb97ac897153146e7f3b1982aaa9af9433b7d3cc40a2804e8246d06ffcee41f5c771c5cfc327acd8061303acd961a22fe2483f375d5c249214aadd9c8ccc3831e31f19ebfb124df863b9809f767cdec9905257b8dfb1a4c7e78db768daf6bbb6863f649a6f3023d1d5b32bb746fab105a25b07395b10d539c691710c6f80182ec0029844881f0d41b856f8a576339d16fcf1462af2ca95125d6f4771fdb3a880bbd240b671f9d904b8740f88b691c8fd783f1bbd22679beb7170cf07c85773ebd8363e75f4343b1579c7a40a9744f1f505b9a956faaccedc1df39d1e3c7d0912640afd4f666aea9363a8d84eccdcf3cda738443640aac65baf492fffc5643e87e6922867db2037cc927ebb30398334f4f9ce3b304d4a0ffda5b7de5ce781633dabd8eebe44a6feb454414d6e766608ba9f6b1ec8ac5ca11ea6438db7d86902d99b7d0749a646bbe3b0a988ef9a9a1f2ded7e238a31ea7241ad6de45d8f33d084520c8a68334de96c32948b9baf68333d5b51ca4bd0c91b75487c00b41dc2070b8b3d8923af1bb358e64bac194e8aff8645993b018f9e8c63917d220cc7a49980c920109e62c042fc4b757422724ff875a54bc3fd1cc278c4ae08f225d4da56e2e3c5056126681c8592bd195c438ff06afd66026cd08c5ede98b7a700dd3bd5fada703baaebbb1f96c49ce5c1263de39a5c5cbb56e610e43091b4e8af3448404d8d84d9a29430949d51f141e1f12451c71f4c07af6558d987b000f1a14cc33a26a4a80da7827fa536fd78fb8878b498ae174f2e8a5b9666d2c6e6ef678bb1b81b58e1bf26a64a1d73fd49005bf6b04f7a22b17f324c10b60a20da359f4df247ebc59a0895dd4559f17dc6f08e063ec8033b25d8cb0ab49c6bb302038889f15dfbaf21208e737ca121894b29d915bff2ea53ca74e67fd4adc802c3e839e586bbe2a65e843614dd96ef1c121d9989a56e2ad321d8ef5006882a8a03de4f192e057fb40ae6332e40934e78dabf392085dff93eebfe6072fca2e31603c988dd5bbdb16d95aa8a8cddcd1635905d1e347a51d2ec219b2e7581ce7d060c0de274cfbd9e6d9d132c4fc0149ca5a13c9e41fc46b88da841fb0a301c050d21f80938651029fd5dc2fce4a06e524f540a89e53eb93fe04dff0853505cc3299a97370581c7fdb8159f95f44629ca7a9e34bb447f7e5f549c18ffd06da6ccbc2d48c5bf3537360c4b185a5284dd4988dc0a6f2381e640b900cb56e0ec43ffa95b23d70f6a7b73dc29e41c710968f0ad01717aee92abfd67cde9cdea149b47641602014318998d675a141a2d3ab75e718ab382d305b4a961c9e8b621861e435d006faccc5929c0365d890b3d3973babe159e8db74d6c61d07f55b6fc49b5dcca788eddfb28916a36c80eae7c2554882ec31d1813dce2034ba8973a2919405e94589c24c3cdfa1bf2fcc0feefb87d1af27a2f80316d4462ea309a30eec785c3a597c6107897df297d930a686426b6afc2277e3c9929d00d9000ca9388427f060af654e8c4bb3993b01cf8eac473e7215f0e5cbe75e91c245a746b86a6d876bb7e624e690384cc0be32d3fad30640af8befe0f39ea10fc578214fb7db22b0b8d4a797d56335da88ae9c7a74dd685234178a4e49b8ca81893c30bb33fb3d8db2ed69c69fc2ba7ad04df26f49018088798906471f9b29392bc3fe78d612be345d838a72a00741af079446a5fc6fc7b779c0a4d8f75eb945c65e60f2894bfd9a526bdc29e277f15481b82f10dc8329d6b3f27f352a49dee12e435aaaf8e832aed574b17fc029ecfbf8862d0dfab18bf095d70b1f226c932f8ce3ccaec100477e2071dd1ca48af36ecf96cd063c9708216fd9d65d0e69658911e157cf47c64060acdb28cb05b9757db3da23b8a57705559b59667158862168d25b44b4b6e6b92f0ed2d6df1d08e328889c16da0bb46bb751b5cbb008f66493d5ab425284ade4d6a181ab708489efa3afab44511df1e217e5ae255026394ec9d89d8e8cffb9e32494ddb0fdcea1c53a6d1a962a0a886dca255cd0b58ad7ba90701a1f826c4febfd444c5d92a302fe9c99f085741dfe5082dcdb442174e825b5baa790fc03fb23f7a20f82d259fdf6708398fca2c9a9d28c953282e3c8db92b12afe96cbef7ddcde5d0552af596bc367c7a3f4ac5dcc93b885fe2ff9ad008527820524b8601313703665de05ebe7ff3f22e2cc6d6294a7732a11dbc5f82951c97bc78c2875f12265ee0762c42cc0e27c3c7e6242b70a2b98e3990d0a4c337795a26e63976b470b1b4ee0e338bd8565d317f21744a3a26e8ade2685cee223dd29472ba5b9e8e83cc7e1ab322cb79274573bbedbe8d8d7194fc2d4098f3a1716e07cafa7fd89a229e278851373dc71ecd7f4ea6d1d2936e8553a95c37ce51d33878004515e84780fd9720b71c745c3248b4ea2fe1a5572908b79242d41314412b414cb303d5f30af096774632994aac2be64472215c96c5d680f3c5dcc8b148f7facc44420adf727857a0ef912b6834672ff2d6ddfcd6ff64667635c724a7294ff3bb61ccabf1c00e13c1070d000febf9ccbd8bb111827ca9d30db4ec554953db59d93e555a9502f09eef63bbe4de97de381aad868bb9fd7d6586d4c8d0dfbb200cf87295b3ae9a8f10da508dd34392f601bcf7c6e58e737a0e25a00059550b4e2b6d490d854eb209f0cbb332a59e582acc01431d250e1199c91c7f840962d1b8648938e23bf1937b61afbaf0f38af84dacaa0585d749ef7c53bef067c09fddacf3349af13f3d265e7281164d085c845bc2396ee5d02f02f619f4dbb8acdaa66fa36910582b83a49421d1494b1cb20f7b26f692c4e3f314884b79cc49962e364ab5be2d411cfbc90e235c03a2c6e505eec9a42fe5eb90bb14cd24ab483ea7113b69d1eafca2fa96d4a92c4f5ff75391f3eefb12a2ac90faeddbc8041e5c836a46a345cc4bf0c4c2f7c9cb3ada8b35b05c15e8a36aeff8becc43c71ea0499e09aa8e21866c7e6887e24ebab1ca5f8d16389a4c4238727cea23eff3daeb5ddb960b1754087dc716c576e06c05febfd949fd7d57342036cfc6e4aa0d8712b53abaf0e644c4ca7d3734707a3f49c251178a94804aad6352ddaa22b4f27f5fb42b03537493e37c3948fba46a61f27b4017fc0e2b14a8e42b6526d341dade056f462f19cd7c950c7453fb8110cc16a731d3201a2a91279de59c18a1c1626a3dec8e21164521756b5e05913c119cb10910b4fbb6985b8fffd58b801db77f94d1f49a1e7def0eb9182c6b8e5335854020a570f0c62698b28f54cc034d67ec016374387ed340a1fee896b681916522fa9d6808af508b156629e2b59a43ea8fa8038bd42dab28592bae496170156d335949087d05399c64ff83437ecded598382d57288dc09f3fb19ee29328bfde4f600dafa49d462c8a305190044bf998495585b4812b5a2d7bbad8fb539bf65d40ec96bf14d19f20b94cb4f837bb59af74e0819a10d38978df3e06112ed6dbbfd057f52a24622050f6b59c90aadc20aca0a624cd14b65287c75222e32de6f169ef50d83a3c870fb1a119aba1b86ecc49e90511f0a038c85a36273638f791779517b525ec7e5dccec04ba74db44e81e5fb010371a9ee60eeea324ccf3dfce9f29ececc9c2e78f5e0b65ef38a472f61a747103decfb4be0932f36f1dd13f960251fb1371d1583b4a5c9d266e1dbab3fcd0a316c90cc9f52640fb8578324acc4bda0ed316ee891c2f64f573f163f05753e39197b97f119b96f0a8761a27ed952761aa9e37928037cca04069ec57f232067c6e8155c5e648f78a795eff6ddc33b8964bf6fe490f86fca8a7a269c877406032df2ae120afbf8a714910049b70b5e0355a81967a7b745d3e3d02b52ddfc105caed8f0dd2e38523a5918e920dfd024a276d00921251a48e380b09559fdf9c21a242608c2be5eb95740dfdb17f150f66704e752a23794980dcf51c6c5403a9ccb6cd1da068acb385061a4c7e195b0f3eb47ed7d4388a5fc8c039316783563d02bcd7cd33be35d91c35c4c6a68dd43b072735eb86fc01c650a2457d4d77a2c9a21878aee24ac379af9c73f3dc5e76de7516abb3b7d45c755ebbf9eb72d0ea4c97b3c34bf2609060fb20409706b82cd59aac37a392008e1e0df08bd17b56e8127ba631b0c57b2a7d6bc6c03ee347c00b4858ac0867d650db51b8e0ebed1ac770726190cc2fbb8bea49824b5286ffdf7897336863cb7900f34950c141444c784f9b787d77e8bf083c138cffdbe548569faf553aeb2ea26039a1bdd5e31ea649f69a838cf2c5134dabd1f9f2d3f4b92bd5f9728ed92fa10d750c4eb0b2e5f93a7eaeeb50c01f3af6f2b2500b0b2d8b3adf59ad0ec247d4dacd048bbba6dd28e57babef6a93a4e8eeece780225c14956a47a6f21db0077045359acd4f60686eeca084f02c57ec2724da1096c97ba635091a5ec9ddae8b60988055a456e8cf2146852e3526e2de46ba6b63f1d0c6df52af897674a09d1ed9efee6c510f893b79ae374a1bb0167356ce9741015f99b2aaecea7476c9a3922da674da08ed3e5cadfbccebfb7f651521db771c4d3e692e37d7035a7134a7baa8c7bb4f3f063cc67757236c38cb11e2ed1497e3f1c6db6921d19fb13606a51a78f6c4ec63f6dc23d77a5d1c0de680b104fb67b42b0cc550eada029cd67a7b4bd4aa4a5479ac5c9c7bf98c08c8ad7009cf5087e6556ec54e66af1ab3f96ce74a8abf5420ff52b0390d5c40aa372c1ca53b5a0e72960a4db4da2b2fa318effcb6069d7d24f29977fbf4219be9e95299dbed5bdaa998bb00ef8d6e5310c365568b5570b5a715a325dfb9eed5d12be78e0728141d866ff0c4f21a2085499d1cfb1b68a6733bad33384a258fa2465e41e45b44a2fc243127b6070fb4b56e8ff73702751d1f39967ead0155649ef2fd15abee559756014dfcb99cd37c70d387af273971a72a230638b13a18847ec72dbd27084b19b2db9fc60ce4e35ce1df93dc6d2270fb12887fd3323241444d45e2e6dc1044e6528bbc92da13f3e2c2b5b8165e6701d05d10a516f9e0186b4c642da2aa36d7bee3cc9fdc335c6bf490cf612c78e90ac299d8b796a301c6b64a932161559642b6c2d110cb37f89facfb95d5225abf15650bbc488918f40ec0b5b3200bb51ff3b26f7717c69e3117da1b1e78b2723ad96268196a5b90fa19fc0d3e7193749182582305b220d0b10a893882efee2f52e1f518a94216ddfde785dc64a430b1e40a458e035e0957cdb47d2694540e5954908a3db963a18014f3b039a59ad7e36e375f2da6030224e21a7fc368d09b911c86e5ed0a6826bbead358aaa5fa6a8d6de3ed1b2c03cd1803e9a20af367badbf0f8398613eb18f176932a970d8faa5fb3e1084c13e80985ed2f2bc8b40f9678f9c6b9c06b78eaff781fb0cebe251d3b803288fc9a5f0e3521c72bb5bda8d56d42fe82fe22c2cca2bab39f50c98a830f55fd92a69b9f82ffd4d3666770a9d67bce8d17a336c7fcef0f72ecb9098c55d36fba7d1926b91dda03ce015d9c2dab5789ba4e06e92374631a2aa3e2d3bbe8cc418b5158bd782fa9f7a934b006ab68ddff40d68912686259ee1d4b237faefc836abce067bea39fcba8190728e554a0e6b871876a70acd5f54bff40570ff6fdea36b07b23d66464810d7346c0fd1ae15338deecf6435938e1dec0e050ff405ea2c920a47c5cfb3d28c60b58a237b2f585e6046718c86f4c174d938be859454c0620a3e45db73b9120013b588916f4c6bcc4d10031d292850aeb51be2eb5d9bb84de911ccb0e583277c2f49084466d4c56bd276cbbf2d300484da635e2d37adfedb86cb16e8df8cfb18607a56ef4a5e7b57051102b166ec1c5312920ac5a5775e6b0b4ef935fd9a210d2e245a2611fdacce530079dbe3da30df27f1a758b4ed7d22f38ae0a96b556c0df0ebb7353f034d1c704252a00442b2160ade3c7d167f10f20b613a7a9dda06ae98b08e108a209bba8cfb8aca037cc83ca78ceca58f109c0ea7ae10e82474b071d261a5edfc27928c3a928949e32056eab09808542908f72d59101f2b86439e9fc67f97330dd7fb184be394dbe63c92b005be7cd567874e9903b927a76c1b709cbbaba204c679ea0a6aae1adc158cba623c1650e13fed834f413feb644e4c767255b25270f417ac80bb48e172335041d5b2b9f468eb0eaba4a9a4288bfcfeb1421efa1394a9e46c0d5e1e2d549a6ea4644b09ea2feaef5aba678ad24032ff4bee46ce1e4bbe0d06fbd7a754b1c4ac92a3093b103c78e4b5aff6e3c91fccc72d4c51e24d81e50ac1ac0b236c0cd635801746e5f84fde70f8adf69bac0c983440004c7155461a7e3cf9c38594a7f96ccafedd634126d6e85696625e8ef65ce11c051dbd66af7f448837b2871ca21f6aa5521c108ee1ab88ebab414f1e60cbddc0d07dfb98720ab7e8ec3bc1a145b1ace1807379b79123d60da7e7525f7f15e2f71341774dd11f76f3d6b179613174cb703091c11ca173a41d56111deb81235e9c9297a82621905521103d11a421f7dc6a62815ac14675de433e8a030db12505dda28b3cdd7098436c0bea1b30ae7fbd728a7bdd7fa7e96946774ca3f9a00eac6fb71ad49b597c55bca7ca6ba7fc6883ad000a29ba7be6765af00da3573a34eb29c1ec117f76103d508825c1a2f74fd04b07b0af10842fe3e54778220b4b98d14ee1919dd542ae59c7febef84d13f8b58853935736fbbd79ea4747bdbb91421a7af922378a522383b6aa96db3a72d18cc144f6c5151a9cfc677cc2933188f78c78953ed345cee4f9a55bee94ef23a37ef4caafba79aff21aa9f34d753b3f1fb85a7a30028a41b1be9099a2711c62fbdd1f9fa02d1ddde2bc859a84c26285a5243d429136ae19c9053057e99a66cfa279484d2a9ffd4f2a87837a215d3c2a64967b30e2188ecf1e71f78f221fdef3eeb7b6e260071144f7e6dc6fc511c29dc9f05a2e351de14520d474b12566800f2cc80eabcd6ab6da47ffa4fee7b6cff648dff503b25c99ae9293f71638ef158b8b75c1dc7ae07a6a85bce1f92c4e4c9ff501136a01c444b9699bf04466a577a6ba3d3699eb7bcdbf3209142f8891387f1243a3cf22b1a2f509c475c1ee9c6e7f3ed4bd833432740237d932ac8d60fa0639fed912264347fb255da9729f2e9f07be78a4be7b3723233edda69bf69aa08857e47f413c0500942e2e136d79e21d35abeab638dd7128602a0854f2f73167794418e33d5d07dc9c226bf43822a16481f04a77595220185aa2b4b172a607fb31ac624ac648c31207071274be3cc2a2eed64516efaa9aaab1a62b18dfe1819ef4d6e6cbf75aaed931bbebbc8ee9264337693a20ebef52bf54ea3d2a86ce11e8a36d", 0x2000, 0x0) (async, rerun: 64)
syz_usb_control_io$hid(r0, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00220a000000aa676829"], 0x0}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
listen(r4, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000900)={0x8, 0x0, 0x0, 0x9007, 0x0, "010004000416df00"}) (async)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0x16)

3.33196931s ago: executing program 2 (id=656):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000540)=ANY=[@ANYBLOB='shortname=mixed,rodir,errors=remount-ro,shortname=lower,shortname=win95,shortname=win95,uni_xlate=1,rodir,nonumtail=0,shortname=win95,nfs,nocase,uni_xlate=1,shortname=win95,utf8=1,rodir,nonumtail=0,shortname=winnt,uid=', @ANYRESHEX=0x0, @ANYBLOB="70107dbb696b007126"], 0x1, 0x2a3, &(0x7f0000000180)="$eJzs3b9Pa3UUAPBzS2mLDu3gZEi8iQ5OBFhdSgwkxE6aDuqgRCAxtDGBhMQfsTK5ujj6F5iYuPlPuPgfmLiavO0xkNyX2977Wnil0BcK78fns3D43nO+99zLLYShp1+u9o/20zg8++HfaDSSqLRjJc6TaEUlSj/FJe1fAgB4mZ1nWTzKRuapSyKisbi2AIAFmvvv/58LbwkAWLBPPv3so61OZ/vjNG3ETv/n027+n33+dXR86zC+jl4cxHo04yIie2oU72RZNqimuVa81x+cdvPK/hd/F/tv/R8xrN+IZrSGS5frdzvbG+nIRP0g7+ON4vztvH4zmvHWlPPvdrY3p9RHtxbvvzvR/1o045+v4pvoxf6wiXH9jxtp+mH26+PvP8/by+uTwWm3Pswby5bu+UcDAAAAAAAAAAAAAAAAAAAAAMArbK2YnVOP4fyefKmYv7N0kX+zHGmpdXk+z6g+KTe6Mh9okMVv5Xyd9TRNsyJxXF+Nt6tRfZirBgAAAAAAAAAAAAAAAAAAgBfLybffHe31egfHdxKU0wDKt/U/7z7tiZV3YnZyfXyuShHO2DmWypwkYmYb+UXc0W25KVi5ruff/5h3w8bNOcuz7s/dBOXTdbSXTL+H9ShXGuVD8tdkTi1uea7adYdWixZut09t6qHm3Ndee3MYDGbkRDLrdfHBf6O2i5Xk6ouoNryrU8uXi2Ci/MqzMdfz/OzvisS0DgAAAAAAAAAAAAAAAAAAWKjxm36nHDybWVrJ6gtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADu1fjz/+cIBkXxLZJrcXzywJcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAa+BJAAAA//9YAl9K")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4138ae84, &(0x7f0000000040))
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000080)=0x8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000100)=0x5)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000000)={0x40002006})
epoll_pwait(r5, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x0, &(0x7f0000000480)=0x5)
mmap(&(0x7f0000325000/0x4000)=nil, 0x4000, 0x0, 0x110, 0xffffffffffffffff, 0x24b72000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x2d)

2.548022176s ago: executing program 1 (id=660):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x203, 0x30, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
socket(0x0, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet6(r6, &(0x7f0000000380)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000440)}], 0x1}}], 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000640)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000600)='\x00'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@ptr, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0xd5]}}, &(0x7f0000000140)=""/249, 0x3a, 0xf9, 0x1}, 0x20)

2.052325353s ago: executing program 2 (id=661):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x202, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\\'], 0x48)

1.964043472s ago: executing program 2 (id=662):
socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x2000400)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYRES64=r0, @ANYRES16=r4, @ANYBLOB="dbac745330f53041b767c25ada423643d8aeda08ea65e437bbfe855685342530cffb4c93c8335ef469ce212a7db6e0137e3f765608071b768a1382539d55c4849962dc0943955247fc900a022355c3612a6c23b3e9630c20df31a3ca222042c3211da52b08898ea1809fa28e0f34bbb6092ebd3ba757a5596b2c79da251ee0109aeb809dbda69979abb13387d820281812c0bca3fb2bb75d7bbdc6d19d8fe8ee8042cb022ead7d233dab6848126836964ef037677bbee4e22ea58e7999a827b6ad5841b2212c49b1da641cae9ee89339b15d2b7f63936f51fc5898c0a1cc11", @ANYRES32, @ANYRES16=r1, @ANYRESOCT=r3], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x10, 0x803, 0x0)
write(r6, &(0x7f0000000900)="2600000022004701050007008980e8ff02006d20002b1f00c0e9f7094a51f10101033500b088", 0x26)
unshare(0x20000400)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r7, 0x888cc000)
recvfrom$inet6(r6, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x20000000)
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000100)='./file0\x00', 0xfb36b7c5edb7f4c7, 0x0, 0x1, 0x0, &(0x7f0000000000))

1.66437155s ago: executing program 3 (id=665):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001d80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b706000008ffffffcf6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad855d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f0000000000000003fe70928295a82b12d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1a68c467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088956d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="adaa0000004fad007110150000000000d500000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3})
fcntl$lock(r5, 0x6, &(0x7f0000000080))
fcntl$lock(r5, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x3e08})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000001500)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r6=>0x0})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x4, 0x0, 0x0)
ioctl$int_in(r7, 0x5421, &(0x7f0000000300)=0x208)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
setsockopt$sock_int(r7, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4)
sendto$inet6(r7, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
poll(&(0x7f0000000040)=[{r7, 0x80}], 0x1, 0x800)
sendto$inet6(r7, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r7, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r4, 0x84009422, &(0x7f0000002040)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r8=>0x0}})
bind$inet6(r7, &(0x7f00000001c0)={0xa, 0x4e21, 0x3, @mcast2, 0x4}, 0x1c)
ioctl$sock_SIOCOUTQNSD(r7, 0x894b, &(0x7f0000001980))
ioctl$BTRFS_IOC_GET_DEV_STATS(r7, 0xc4089434, &(0x7f0000000640)={r8, 0x9, 0x0, [0x0, 0x0, 0x0, 0x9], [0x100, 0x7fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xb062, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x5, 0x0, 0x800]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, r6, 0x0, @inherit={0x58, 0x0}, @devid=r8})
ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f00000002c0)={r8, "3c2610a262d9f2a1f41052b3267b8609"})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000004700)={r8, 0x1f, 0x3c1, 0x1})

1.6356361s ago: executing program 1 (id=666):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x6e0}]})
ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000080)={0xf794, 0x0, [0xa7, 0xff, 0x5, 0x7fffffffffffffff]})

1.57963198s ago: executing program 4 (id=667):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000040)={'security\x00', 0x2, [{}, {}]}, 0x48)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) (async)
pipe(&(0x7f0000000000)) (async)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000040)={'security\x00', 0x2, [{}, {}]}, 0x48) (async)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, 0x0) (async)

1.54855069s ago: executing program 4 (id=668):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080), 0xc)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in, 0x0, 0x0, 0x0, 0x7, 0xfffffffa}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)

1.5250293s ago: executing program 1 (id=669):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

1.471221569s ago: executing program 1 (id=670):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x50}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x0, 0x0, 0x4, 0x5}, 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@nfs_export_off}, {@index_on}, {@nfs_export_on}, {@metacopy_on}, {@xino_auto}]})
mknodat$loop(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000001180)='./file1\x00', 0xffffffffffffffff, 0x0, 0x0)
unlink(&(0x7f0000000200)='./bus\x00')
creat(&(0x7f0000000080)='./file0\x00', 0x0)

1.411976819s ago: executing program 3 (id=671):
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
fallocate(r0, 0x0, 0x3, 0x6)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001100)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac85800000000000000024e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0fe8a7d06d7535f7866907dc6751dfb292f7d3acec77f5efad9c11650300000000000000649c1cfd138d5521f9451759c3421eed73d5661cfeecf9c66cf6dd6dcd54c3b3ff02000000d7c983c044c03bf3cc2367a48dfe3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff050011bbecc2f4a37c9af2551ce935b0f327cb3f011a7d069111d5a34ed09baafa9e87110bd5602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2fc7925bfacbb031e7743f541cd0aed4af7588c8e1b44ccb19e810879b70a70000000000000000000000d7900a820b63278f4e9a217b98000000002a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a1420cfd9e1f84d8271ff6606b2a44bc47b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b207000000000000001d24291c25449f106a99893ed20fa7a050fbbef90327e827e513e96068fd1e8a43e89f9c050022a961546ed5365470fa503c1fac35b903e10c62bebc943c17ff1432d0881406bc176e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40e4ffff06aabca77e64c988dd413230d60a7f7681314df1c2a0f4249c7be5329ac624fb2997df9e6867053a4b239d17ba83b498812a8f57b9b52ebc8b327a967e41f61fe4382601bff5f5dbcd3d50a065bcc67943ba05f3a5366ca6d291f931d9cde41bdabdae4717317621abaa7179e2d44f8ebca654f9e4571963a3f198769e309fc99f6320f47140bb9a5e359804c2653d19462139d5c505dc6e4f178c9a098b51333cccfe0d2eb41dd079de3cfa60365787ca4b8eb920a06969c5da49fc87d37f18205f4b5c0f44d16a2d9f2bc894"], &(0x7f0000000080)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x9, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000003a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r3}, 0x10)
setresgid(0x0, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000000)=0x80000000001, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f0000002700)=[{&(0x7f0000001440)="b4", 0x1}], 0x1}}], 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup3(r4, r5, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_SECURITY(r7, 0x112, 0x4, &(0x7f0000000040), 0x2)
ioctl$NS_GET_OWNER_UID(r6, 0xb704, &(0x7f00000000c0))
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/4096, 0xfffffffffffffeea, 0x0, 0x0}, &(0x7f0000000280)=0x40)
r8 = fcntl$dupfd(r5, 0x0, r6)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r8, 0x6, 0x23, &(0x7f0000001380)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xa9, 0x0, 0x0, 0xc00c0000}, &(0x7f0000001400)=0x40)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFCONF(r9, 0x8912, &(0x7f0000001240)=@buf)

657.132014ms ago: executing program 2 (id=663):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={0xfffffffffffffffc, 0x103e000, 0x1000, 0x0, 0x3}, 0x20)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x202, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0xfffffffc}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000000000000400001801001af8ff00000000bfa1000000000000076fc06165d8b659955c084b7d010000f8ffff7fb702000000000000b7030020e8f8f296aaac8bd9661ee9f827484ed31e80ec65f94d2c29de23424f59308a4a6acf789136dc6f60ac00b77914a2950bf8cbd509ef30215deffafc62346800"/142], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000208500000070"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='workqueue_queue_work\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000007ac3994a0ba3a41300000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000001100)=ANY=[@ANYBLOB="9feb010818000000000000003300000033000000020000000a0000000200000f030000000500000080000000ff03000001000000000000268f5b738f024ddf4b3e0ea8570fb192d6d5ff23cf2b974128efbb5baca6687b1993038b7fcbdaf893e7a5fc78b489e93f67f96a73b0e4c61fec1e5183a0dfcd0bcd763a6819c753846a20a5da1210b7664fbf97f0784aa0d50a09cb8aa2f50d049cdaa990279fe688c29820c8493bd083628bd60336e5de4b6e69ee8338d0f50e7ebe05bbbc13764639bacd7e770f574cc3663796a61e07bc7085b000e94a90fe85002b581a91ed26fd71011a9cfbdb03163c623c22d14bf09c4cd7601094ccbd1035268a966b19a4626e4045571da9b16a585278f566cc04d8bf689f042264b40fee1506b80d3a886a2f5000"/314], 0x0, 0x4e}, 0x20)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x9)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={0x0, 0x1, 0x18}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x1, &(0x7f0000000780)=ANY=[@ANYBLOB="25588166975f3f3926a6dda964fca3ce290a00"/33], &(0x7f0000000440)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f0000000480)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x1, 0x1, 0x40000ff, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000540)=[0x1, r8]}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r9, 0x58, &(0x7f0000000940)}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000001240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000400)=[0x0, 0x0], &(0x7f0000000540), 0x0, 0x54, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0xd8, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYRESHEX=r1], &(0x7f0000000340)='GPL\x00', 0x0, 0x30, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd20, 0x0, 0xffffffffffffffff, 0x40}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001080)={r10, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f086ddef", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

626.885224ms ago: executing program 2 (id=673):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@deltaction={0x50, 0x31, 0x0, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x3c, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x50}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x4c, 0x0, 0x2, 0x301, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_MASK={0x4}]}, 0x4c}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x100000c, 0x41010, r2, 0x13140000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r7, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="0213000002"], 0x10}}, 0x0)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f00000001c0), 0x4)

575.443514ms ago: executing program 1 (id=674):
ftruncate(0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)
r0 = epoll_create1(0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80080)
write$UHID_CREATE(r1, &(0x7f00000001c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000100)=""/133, 0x85, 0xffff, 0x8, 0x800, 0x7f5, 0x6}}, 0x120)
r3 = socket(0x23, 0x4, 0x10d)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r3)
sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xffffffffffffff88, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r4, 0x20, 0x71bd2b, 0x25dfdc03, {{}, {}, {0x8, 0x2, 0x537c79ff}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x20000011)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), r2)
fchdir(r5)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[], 0x24}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="6400000065490104e5aff6a4150036fe", @ANYRES32=r8, @ANYBLOB="08000a000400000014000600feffffffffffff7f03000000180700001400060004000000010001004ba2000008000000080008005000000014000200ff020000000000000000000000000001"], 0x64}}, 0x40815)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="b10000001000"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000180016801400018010000300ffffffff00000000000000000800040000000000"], 0x40}}, 0x0)
mount$bind(0x0, &(0x7f00000004c0)='./file1\x00', 0x0, 0x10c3033, 0x0)
ioctl$TIOCGPGRP(r0, 0x5450, &(0x7f00000000c0)=<r11=>0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10)
tkill(r11, 0x0)
unshare(0x400)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000e20000001801000020786c2500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r13}, 0x10)
fchmod(r12, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000680)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa0086dd60f53a0400383a00fe8000000000000000000000000000bbff02000000000000000000000000000102009078000000006050835900003200fc01000000000000000000000000000000000000000000000001000000000000000000000000000037c1f48d792472e72bc4dadd2937258cba6d4ee9930301fc4c93b2538182e286c621c493c54bc3d4cc1e2584e69176f9fa7cf17e7ca1868500a870450e4908a34231146e762b66b5cbb9e4cacc87dad000d07b6beca160f64b98d664ac175a5d8bfb653b664519a189d10e655a566c0f7503ecd09f266a03fcf03302295b57ab5d0eca5f79fba7c369eb63a73109970bbf17d9a4"], 0x0)

574.870784ms ago: executing program 4 (id=675):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x203, 0x30, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
socket(0x0, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet6(r6, &(0x7f0000000380)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000440)}], 0x1}}], 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000640)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000600)='\x00'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@ptr, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0xd5]}}, &(0x7f0000000140)=""/249, 0x3a, 0xf9, 0x1}, 0x20)

511.957324ms ago: executing program 1 (id=676):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x4000, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}]}})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0x203, 0x30, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0xb}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
socket(0x0, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet6(r6, &(0x7f0000000380)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000440)}], 0x1}}], 0x1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000640)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000600)='\x00'}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@ptr, @var={0x4, 0x0, 0x0, 0xe, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0xd5]}}, &(0x7f0000000140)=""/249, 0x3a, 0xf9, 0x1}, 0x20)

169.942412ms ago: executing program 0 (id=677):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x80580f9a1ca3ef02, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRESDEC=r0, @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRESDEC=r0, @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, 0x0) (async)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, 0x0)
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0xb, &(0x7f00000001c0), 0x4)
preadv(r2, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
creat(0x0, 0x0) (async)
r4 = creat(0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0) (async)
ftruncate(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f0000000140)=ANY=[@ANYRES32], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
socket$igmp6(0xa, 0x3, 0x2) (async)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x310, 0x0, 0x4c, 0x1a, 0x0, 0x25, 0x240, 0x258, 0x258, 0x240, 0x258, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xf8, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x370)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r7 = open(&(0x7f00000000c0)='./file0\x00', 0xc01, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000040)={{0xfffffffffffffffe, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000080)={{0x0, 0x2}})
sendmsg$NL80211_CMD_LEAVE_MESH(r7, &(0x7f0000000800)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="2004827af1b14d11000000", @ANYRES16=0x0, @ANYBLOB="00002bbd7000fbdbdf25450000000c009900010001002a000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x501100)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x30, 0x4, 0x0, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x9, [0x401, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@dev}, {@remote, 0x4}, {@multicast2}, {@private=0xa010101}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@private=0xa010102, @rand_addr]}, @rr={0x7, 0xf, 0x0, [@dev, @remote, @private=0xa010102]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)

123.923891ms ago: executing program 4 (id=678):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x0, 0x0, &(0x7f00000004c0)='GPL\x00'}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000d00)={"8858bde0d7f6311bf16c671fc9d87024dbe4bbb080be0900000200000016591b7390035985dcaa66a958a8a970391decb4b7d3e52996ff674f707cdf49c7381d2964c301f29e875ce36aa6b1930032da440a2e212da56797dfe5748aaaae9fbc3f7ffd295072e1ea64bad7d354900200000000000000383692bf1b90d3c1bab243eb0d17151ba3e65431ac11adc58b77321481fd65569362b3a8bddbed39d885f990908ce1892580ee43159c1db62d59fe2cb71882dfb0abf9dcb8ee30aadea127f169312855440d9ec40deaf8215a2bdcc65fcbbd5e0b83d2f1e3ea96ef1c9946b76ab53dee477b7ade8550d47e5a3eea926f58efb6fb7f33064fb7b6951eae379648695b27505fa731a2454174592ef7a0227f59ac45d0ed37cccabee68ba44346135659abe531ca418b0841f5a8f285605fc1e0e77f9e97a47277ed3f9cc1a9f8a7efd669ba9819c2db199a88aa87c399b7ada0ff033039d0d3a8b043b53335d15c275ea6ce63f3c34655761c1182bc26b1a590a8cb8667e764c3f74dc55dd44ca9e7c6a61c6376761acb0fd9fb1941caca01396905eeeead3e189fd11bd19137b214eecefa07116dc4b4b7ea423308ac9183ffc62c8dc69021249027b7b0929660135b3161d08e109a46b6fd1b7fc08a3bc0934ee2648df2b04716aff5342d9897218f91371f6c06666e0082b8a66e973930c219a568f1e0938a6a1681c7268147b1e0425c41da41a55877c32797bbfa11736d046b681bf70f376112a9094c5f23bedd87986014e72730b64d9e33412e3d423cf8213370fc4338e6f0d722dde3135706e615085bf76fa752bac824485910a6acc45b6552537fbbf0909a08d9b891ce78d11af59ca07eaf5bba689017f082dce61d3682695c75e6c2d0388412fe7f36823a0e74de0f91d4fc15397a14a831d37dc60d6bd3d455649347f6257d05cbbd9fc145e958955fd219d1ab60dbc058e0ba5565daed86f86e6356a782b305d5e2f6e1b190479e6376b4e6247c0f020e607e9468f48fa9a16e0770b05f6bcda150dc373437963a045e0ca1272848ae96fd7823f3eac82ae253a7d907b237ff231bbae89a93ac077db04197707ff3de99ca9191ed561e972fd60356654e89242b3ac8b112092d28e10759bb3e85cfab2ae11ce90b6b52f7d2be1fd3e6d9eaabe37a3083749c11f54c17b6402fc1b54c3c030d0266480faa910856106800ba90c26ccefc230296f498c1304abe91a8fb37eb7abda2072c686aae830cc5abd72b47dc87cb4e0105000000dc6ac2bee572bf601e02d9a51851877f1498d6e2ba3b5947d83d90072eaf0cefed3dceb9bf35b36cbca3f1feba2c3d0f16ce04e13237e8b78689b9599d33db4fe890f9e655ba57658bc1671878ab615bc37943f9c9b8e9d5069bf7de6aaa74b0470389f22935cedbb9e22523e400"})

574.62µs ago: executing program 4 (id=679):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

315.19µs ago: executing program 0 (id=680):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x24b)
getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x24b)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x7c, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109026a0002010010000904000001020d00000b2406000100000000200005240040000d240f01000000000000ffff0006245dfc557e8b5361bb000004000905810300020000000904010000020d00000904010102020d0000090582020002000000090503020002000000"], 0x0)
r3 = memfd_create(&(0x7f0000000340)=':QiKmode', 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080))
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040)={0x0, <r7=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="380004002e00000094a1f1f2dbda3ebf07520e300138c81a361c885a91aff3285b6b6dc690d010cff828cc45801e1d4cb07ca9783cf39081", @ANYRES32=r7, @ANYBLOB="0b000080976b64086860300014000180991a54fc28d627d80740ede1a4724090"], 0x38}], 0x1}, 0x0)
r8 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r8}})
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c04ac57f711d20b555ee141afe0429638b580398c7198ff8cc091703bcec59120a18e130b2c207045d5b8fea2097711284800da8d765f8570d3f7875301fe6be9"])
chdir(&(0x7f0000000000)='./file0\x00')
syz_read_part_table(0x103c, &(0x7f0000001040)="$eJzszjEOQUEYhdE7iEwlswRqq/i1apVNWILEWjQ2p1BLRK+W95Jz6pubL8zS8X15JdftLrdaJD1pPUmN3A/7bEZy/s5qmWet00ay+vFyevy/HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACm5xMAAP//1hgIrg==")
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)

0s ago: executing program 4 (id=681):
syz_emit_ethernet(0x5e, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x50}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback={0xfeffffff00000000, 0x1ff0000aa}, @private2}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

750
[   35.980578][  T776]  ? f2fs_hash_filename+0x95a/0xc50
[   35.985620][  T776]  f2fs_find_data_page+0x182/0x3f0
[   35.990561][  T776]  __f2fs_find_entry+0x57c/0xc90
[   35.995333][  T776]  ? asan.module_dtor+0x20/0x20
[   36.000039][  T776]  ? f2fs_find_target_dentry+0x10f0/0x10f0
[   36.005668][  T776]  f2fs_lookup+0x273/0xee0
[   36.009932][  T776]  ? f2fs_encrypted_symlink_getattr+0x40/0x40
[   36.015818][  T776]  ? _raw_spin_lock+0xa4/0x1b0
[   36.020417][  T776]  ? _raw_spin_trylock_bh+0x190/0x190
[   36.025625][  T776]  ? _raw_spin_unlock+0x49/0x60
[   36.030415][  T776]  ? d_alloc+0x18b/0x1c0
[   36.034491][  T776]  __lookup_hash+0x117/0x240
[   36.038921][  T776]  filename_create+0x202/0x750
[   36.043541][  T776]  ? kern_path_create+0x40/0x40
[   36.048205][  T776]  ? strncpy_from_user+0x1c0/0x300
[   36.053150][  T776]  do_mkdirat+0xcc/0x2c0
[   36.057232][  T776]  ? vfs_mkdir+0x690/0x690
[   36.061483][  T776]  do_syscall_64+0xca/0x1c0
[   36.065832][  T776]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   36.071549][  T776] RIP: 0033:0x7fb9153874d7
[   36.075803][  T776] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.095341][  T776] RSP: 002b:00007fb914609e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   36.103579][  T776] RAX: ffffffffffffffda RBX: 00007fb914609f00 RCX: 00007fb9153874d7
[   36.111389][  T776] RDX: 00000000000001ff RSI: 00000000200016c0 RDI: 00000000ffffff9c
[   36.119195][  T776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   36.127006][  T776] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200016c0
[   36.135119][  T776] R13: 00007fb914609ec0 R14: 0000000000000000 R15: 0000000000000000
[   36.160764][  T840] F2FS-fs (loop0): access invalid blkaddr:730368
[   36.167071][  T840] CPU: 1 PID: 840 Comm: syz.0.109 Not tainted 5.4.276-syzkaller-00020-g4275fce9fe94 #0
[   36.176501][  T840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   36.186388][  T840] Call Trace:
[   36.189528][  T840]  dump_stack+0x1d8/0x241
[   36.193704][  T840]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   36.199326][  T840]  ? f2fs_lookup_extent_cache+0x16b/0xc30
[   36.204878][  T840]  f2fs_is_valid_blkaddr+0xc79/0x1380
[   36.210088][  T840]  f2fs_get_read_data_page+0x4d1/0x8c0
[   36.215384][  T840]  ? page_cache_prev_miss+0x410/0x410
[   36.220587][  T840]  ? f2fs_get_block+0x1b0/0x1b0
[   36.225276][  T840]  ? pagecache_get_page+0x5a7/0x750
[   36.230308][  T840]  ? f2fs_hash_filename+0x95a/0xc50
[   36.235341][  T840]  f2fs_find_data_page+0x182/0x3f0
[   36.240290][  T840]  __f2fs_find_entry+0x57c/0xc90
[   36.245062][  T840]  ? asan.module_dtor+0x20/0x20
[   36.249753][  T840]  ? f2fs_find_target_dentry+0x10f0/0x10f0
[   36.255394][  T840]  ? schedule+0x143/0x1d0
[   36.259576][  T840]  f2fs_lookup+0x273/0xee0
[   36.263818][  T840]  ? f2fs_encrypted_symlink_getattr+0x40/0x40
[   36.269713][  T840]  __lookup_slow+0x306/0x460
[   36.274139][  T840]  ? lookup_one_len+0x2c0/0x2c0
[   36.278823][  T840]  ? handle_dots+0xf10/0xf10
[   36.283342][  T840]  lookup_slow+0x53/0x70
[   36.287418][  T840]  walk_component+0x2dc/0x590
[   36.291929][  T840]  ? path_put_conditional+0x90/0x90
[   36.296965][  T840]  ? is_bpf_text_address+0x24c/0x260
[   36.302082][  T840]  ? stack_trace_save+0x1c0/0x1c0
[   36.306946][  T840]  ? generic_permission+0x141/0x3e0
[   36.311988][  T840]  ? __kernel_text_address+0x94/0x100
[   36.317192][  T840]  ? security_inode_permission+0xad/0xf0
[   36.322657][  T840]  link_path_walk+0x5c6/0x1040
[   36.327255][  T840]  ? security_inode_alloc+0x24/0x110
[   36.332375][  T840]  ? handle_lookup_down+0x5b0/0x5b0
[   36.337409][  T840]  ? path_init+0x8bd/0xee0
[   36.341663][  T840]  filename_parentat+0x233/0x650
[   36.346441][  T840]  ? kern_path_locked+0x450/0x450
[   36.351480][  T840]  filename_create+0xf7/0x750
[   36.356388][  T840]  ? kern_path_create+0x40/0x40
[   36.361072][  T840]  ? strncpy_from_user+0x1c0/0x300
[   36.366027][  T840]  do_mkdirat+0xcc/0x2c0
[   36.370189][  T840]  ? vfs_mkdir+0x690/0x690
[   36.374451][  T840]  do_syscall_64+0xca/0x1c0
[   36.378781][  T840]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   36.384512][  T840] RIP: 0033:0x7fb915388b99
[   36.388760][  T840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.408201][  T840] RSP: 002b:00007fb9145e9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   36.416588][  T840] RAX: ffffffffffffffda RBX: 00007fb915517078 RCX: 00007fb915388b99
[   36.424483][  T840] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[   36.432290][  T840] RBP: 00007fb91540977e R08: 0000000000000000 R09: 0000000000000000
[   36.440102][  T840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   36.447925][  T840] R13: 000000000000006e R14: 00007fb915517078 R15: 00007ffe2c798d58
[   36.468448][  T776] F2FS-fs (loop0): access invalid blkaddr:730368
[   36.474788][  T776] CPU: 0 PID: 776 Comm: syz.0.109 Not tainted 5.4.276-syzkaller-00020-g4275fce9fe94 #0
[   36.484218][  T776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   36.494193][  T776] Call Trace:
[   36.497329][  T776]  dump_stack+0x1d8/0x241
[   36.501489][  T776]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   36.507138][  T776]  ? f2fs_lookup_extent_cache+0x16b/0xc30
[   36.512783][  T776]  f2fs_is_valid_blkaddr+0xc79/0x1380
[   36.517984][  T776]  f2fs_get_read_data_page+0x4d1/0x8c0
[   36.523284][  T776]  ? page_cache_prev_miss+0x410/0x410
[   36.528487][  T776]  ? f2fs_get_block+0x1b0/0x1b0
[   36.531146][  T556] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   36.533177][  T776]  ? pagecache_get_page+0x5a7/0x750
[   36.545490][  T776]  ? f2fs_hash_filename+0x95a/0xc50
[   36.550523][  T776]  f2fs_find_data_page+0x182/0x3f0
[   36.555477][  T776]  __f2fs_find_entry+0x57c/0xc90
[   36.560251][  T776]  ? asan.module_dtor+0x20/0x20
[   36.564936][  T776]  ? f2fs_find_target_dentry+0x10f0/0x10f0
[   36.570575][  T776]  f2fs_lookup+0x273/0xee0
[   36.574826][  T776]  ? show_sid+0x250/0x250
[   36.579002][  T776]  ? f2fs_encrypted_symlink_getattr+0x40/0x40
[   36.584900][  T776]  ? from_kgid+0x1a3/0x730
[   36.589145][  T776]  ? security_inode_create+0xb4/0x100
[   36.594350][  T776]  ? f2fs_encrypted_symlink_getattr+0x40/0x40
[   36.600259][  T776]  path_openat+0x15c9/0x34b0
[   36.604686][  T776]  ? do_filp_open+0x450/0x450
[   36.609208][  T776]  ? do_sys_open+0x357/0x810
[   36.613617][  T776]  ? do_syscall_64+0xca/0x1c0
[   36.618128][  T776]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   36.624037][  T776]  do_filp_open+0x20b/0x450
[   36.628372][  T776]  ? vfs_tmpfile+0x2c0/0x2c0
[   36.632800][  T776]  ? _raw_spin_unlock+0x49/0x60
[   36.637487][  T776]  ? __alloc_fd+0x4c1/0x560
[   36.641824][  T776]  do_sys_open+0x39c/0x810
[   36.646077][  T776]  ? file_open_root+0x490/0x490
[   36.650763][  T776]  ? switch_fpu_return+0x1d4/0x410
[   36.655715][  T776]  do_syscall_64+0xca/0x1c0
[   36.660052][  T776]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   36.665776][  T776] RIP: 0033:0x7fb915388b99
[   36.670042][  T776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.689480][  T776] RSP: 002b:00007fb91460a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   36.697719][  T776] RAX: ffffffffffffffda RBX: 00007fb915516fa0 RCX: 00007fb915388b99
[   36.705532][  T776] RDX: 00000000000026e1 RSI: 0000000020000380 RDI: ffffffffffffff9c
[   36.713339][  T776] RBP: 00007fb91540977e R08: 0000000000000000 R09: 0000000000000000
[   36.721148][  T776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   36.728962][  T776] R13: 000000000000000b R14: 00007fb915516fa0 R15: 00007ffe2c798d58
[   36.742522][   T23] kauditd_printk_skb: 7 callbacks suppressed
[   36.742534][   T23] audit: type=1400 audit(1719796633.240:208): avc:  denied  { ioctl } for  pid=851 comm="syz.1.125" path="socket:[14249]" dev="sockfs" ino=14249 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   36.773873][   T23] audit: type=1400 audit(1719796633.240:209): avc:  denied  { write } for  pid=851 comm="syz.1.125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   36.793638][  T776] F2FS-fs (loop0): access invalid blkaddr:730368
[   36.800229][  T776] CPU: 0 PID: 776 Comm: syz.0.109 Not tainted 5.4.276-syzkaller-00020-g4275fce9fe94 #0
[   36.809666][  T776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   36.819551][  T776] Call Trace:
[   36.822684][  T776]  dump_stack+0x1d8/0x241
[   36.826846][  T776]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   36.832507][  T776]  ? f2fs_lookup_extent_cache+0x16b/0xc30
[   36.838042][  T776]  f2fs_is_valid_blkaddr+0xc79/0x1380
[   36.843251][  T776]  f2fs_get_read_data_page+0x4d1/0x8c0
[   36.848542][  T776]  ? page_cache_prev_miss+0x410/0x410
[   36.853750][  T776]  ? f2fs_get_block+0x1b0/0x1b0
[   36.858438][  T776]  ? pagecache_get_page+0x5a7/0x750
[   36.863468][  T776]  ? f2fs_hash_filename+0x95a/0xc50
[   36.868505][  T776]  f2fs_find_data_page+0x182/0x3f0
[   36.873454][  T776]  __f2fs_find_entry+0x57c/0xc90
[   36.878223][  T776]  ? asan.module_dtor+0x20/0x20
[   36.882920][  T776]  ? f2fs_find_target_dentry+0x10f0/0x10f0
[   36.888556][  T776]  ? unwind_get_return_address_ptr+0xa0/0xa0
[   36.894367][  T776]  f2fs_lookup+0x273/0xee0
[   36.898633][  T776]  ? f2fs_encrypted_symlink_getattr+0x40/0x40
[   36.904524][  T776]  ? lockref_get_not_dead+0xb3/0x170
[   36.909645][  T776]  __lookup_slow+0x306/0x460
[   36.914080][  T776]  ? lookup_one_len+0x2c0/0x2c0
[   36.918866][  T776]  ? handle_dots+0xf10/0xf10
[   36.923267][  T776]  lookup_slow+0x53/0x70
[   36.927350][  T776]  walk_component+0x2dc/0x590
[   36.931861][  T776]  ? path_put_conditional+0x90/0x90
[   36.936896][  T776]  ? is_bpf_text_address+0x24c/0x260
[   36.942013][  T776]  ? stack_trace_save+0x1c0/0x1c0
[   36.946876][  T776]  ? generic_permission+0x141/0x3e0
[   36.951912][  T776]  ? __kernel_text_address+0x94/0x100
[   36.957133][  T776]  ? security_inode_permission+0xad/0xf0
[   36.962758][  T776]  link_path_walk+0x5c6/0x1040
[   36.967365][  T776]  ? handle_lookup_down+0x5b0/0x5b0
[   36.972390][  T776]  ? path_init+0x8bd/0xee0
[   36.976647][  T776]  filename_parentat+0x233/0x650
[   36.981422][  T776]  ? kern_path_locked+0x450/0x450
[   36.986287][  T776]  filename_create+0xf7/0x750
[   36.990794][  T776]  ? kern_path_create+0x40/0x40
[   36.995476][  T776]  ? strncpy_from_user+0x1c0/0x300
[   37.000428][  T776]  do_mkdirat+0xcc/0x2c0
[   37.004507][  T776]  ? vfs_mkdir+0x690/0x690
[   37.008758][  T776]  do_syscall_64+0xca/0x1c0
[   37.013098][  T776]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   37.018826][  T776] RIP: 0033:0x7fb915388b99
[   37.023077][  T776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.042517][  T776] RSP: 002b:00007fb91460a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   37.050766][  T776] RAX: ffffffffffffffda RBX: 00007fb915516fa0 RCX: 00007fb915388b99
[   37.058576][  T776] RDX: 00000000000001ff RSI: 0000000020000040 RDI: ffffffffffffff9c
[   37.066470][  T776] RBP: 00007fb91540977e R08: 0000000000000000 R09: 0000000000000000
[   37.074368][  T776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   37.082183][  T776] R13: 000000000000000b R14: 00007fb915516fa0 R15: 00007ffe2c798d58
[   37.093011][  T380] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   37.101765][   T23] audit: type=1400 audit(1719796633.600:210): avc:  denied  { create } for  pid=853 comm="syz.2.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   37.123990][   T23] audit: type=1400 audit(1719796633.600:211): avc:  denied  { create } for  pid=853 comm="syz.2.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   37.143525][  T258] device bridge_slave_1 left promiscuous mode
[   37.149519][  T258] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.156471][   T23] audit: type=1400 audit(1719796633.600:212): avc:  denied  { map } for  pid=853 comm="syz.2.126" path="socket:[14264]" dev="sockfs" ino=14264 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   37.179525][   T23] audit: type=1400 audit(1719796633.600:213): avc:  denied  { read } for  pid=853 comm="syz.2.126" path="socket:[14264]" dev="sockfs" ino=14264 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   37.202701][  T258] device bridge_slave_0 left promiscuous mode
[   37.208671][  T258] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.267270][  T556] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.278112][  T556] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   37.287702][  T556] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   37.296549][  T556] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.305156][  T556] usb 4-1: config 0 descriptor??
[   37.313813][   T23] audit: type=1400 audit(1719796633.810:214): avc:  denied  { remove_name } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=848 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   37.336375][   T23] audit: type=1400 audit(1719796633.810:215): avc:  denied  { rename } for  pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=848 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   37.360627][   T23] audit: type=1400 audit(1719796633.810:216): avc:  denied  { create } for  pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   37.387187][  T380] usb 5-1: Using ep0 maxpacket: 16
[   37.407288][  T802] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   37.507326][  T380] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.519374][  T380] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   37.529706][  T380] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   37.542620][  T380] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   37.553467][  T380] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.564396][  T380] usb 5-1: config 0 descriptor??
[   37.681437][  T859] EXT4-fs (loop1): Unsupported blocksize for fs encryption
[   37.754505][  T857] F2FS-fs (loop0): Found nat_bits in checkpoint
[   37.800679][  T857] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[   37.807708][  T857] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   37.818528][   T23] audit: type=1400 audit(1719796634.320:217): avc:  denied  { getopt } for  pid=858 comm="syz.1.128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   37.867328][  T802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.891057][  T857] attempt to access beyond end of device
[   37.891057][  T857] loop0: rw=2049, want=45104, limit=40427
[   37.896013][  T802] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   37.910279][  T857] netlink: 12 bytes leftover after parsing attributes in process `syz.0.127'.
[   37.918057][  T802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.921121][  T857] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=114 sclass=netlink_route_socket pid=857 comm=syz.0.127
[   37.949098][  T802] usb 3-1: config 0 descriptor??
[   38.000176][  T868] EXT4-fs (loop1): 1 orphan inode deleted
[   38.005871][  T868] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   38.015823][  T868] ext4 filesystem being mounted at /root/syzkaller.7HkAlr/23/file1 supports timestamps until 2038 (0x7fffffff)
[   38.037946][  T847] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   38.059082][  T380] microsoft 0003:045E:07DA.0002: No inputs registered, leaving
[   38.068659][  T380] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[   38.082622][  T380] microsoft 0003:045E:07DA.0002: no inputs found
[   38.089153][  T380] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[   38.108364][  T556] usbhid 4-1:0.0: can't add hid device: -71
[   38.114152][  T556] usbhid: probe of 4-1:0.0 failed with error -71
[   38.121704][  T556] usb 4-1: USB disconnect, device number 3
[   38.230284][  T878] cgroup: syz.1.132 (878) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
[   38.246941][  T878] cgroup: "memory" requires setting use_hierarchy to 1 on the root
[   38.262916][   T24] usb 5-1: USB disconnect, device number 4
[   38.327664][  T883] overlayfs: failed to resolve './file1': -2
[   38.333971][  T883] overlayfs: failed to resolve './file1': -2
[   38.340526][  T883] overlayfs: failed to resolve './file1': -2
[   38.346676][  T883] overlayfs: failed to resolve './file1': -2
[   38.352920][  T883] overlayfs: failed to resolve './file1': -2
[   38.359170][  T883] overlayfs: failed to resolve './file1': -2
[   38.365275][  T883] overlayfs: failed to resolve './file1': -2
[   38.371501][  T883] overlayfs: failed to resolve './file1': -2
[   38.377640][  T883] overlayfs: failed to resolve './file1': -2
[   38.383857][  T883] overlayfs: failed to resolve './file1': -2
[   38.390137][  T883] overlayfs: failed to resolve './file1': -2
[   38.396376][  T883] overlayfs: failed to resolve './file1': -2
[   38.402607][  T883] overlayfs: failed to resolve './file1': -2
[   38.408736][  T883] overlayfs: failed to resolve './file1': -2
[   38.414887][  T883] overlayfs: failed to resolve './file1': -2
[   38.421122][  T883] overlayfs: failed to resolve './file1': -2
[   38.427501][  T883] overlayfs: failed to resolve './file1': -2
[   38.433696][  T883] overlayfs: failed to resolve './file1': -2
[   38.440244][  T883] overlayfs: failed to resolve './file1': -2
[   38.446371][  T883] overlayfs: failed to resolve './file1': -2
[   38.457970][  T802] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[   38.468752][  T802] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0003/input/input10
[   38.554158][  T802] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[   38.806315][  T890] incfs: iterate_incfs_dir / -22
[   38.811359][  T890] incfs: iterate_incfs_dir / -22
[   38.859935][  T888] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   38.867495][  T888] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   38.879508][  T888] F2FS-fs (loop0): invalid crc value
[   38.887449][  T888] F2FS-fs (loop0): Found nat_bits in checkpoint
[   38.934193][  T888] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   38.941106][  T888] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   39.007503][  T350] attempt to access beyond end of device
[   39.007503][  T350] loop0: rw=2049, want=45104, limit=40427
[   39.038792][  T905] fuse: Bad value for 'fd'
[   39.743940][  T380] usb 3-1: USB disconnect, device number 2
[   39.816723][  T930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.146'.
[   40.001492][  T936] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   40.017330][  T936] EXT4-fs error (device loop2): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   40.018294][  T935] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 30 with error 28
[   40.018302][  T935] EXT4-fs (loop2): This should not happen!! Data will be lost
[   40.018302][  T935] 
[   40.018309][  T935] EXT4-fs (loop2): Total free blocks count 0
[   40.018314][  T935] EXT4-fs (loop2): Free/Dirty block details
[   40.018321][  T935] EXT4-fs (loop2): free_blocks=2415919104
[   40.018328][  T935] EXT4-fs (loop2): dirty_blocks=32
[   40.018333][  T935] EXT4-fs (loop2): Block reservation details
[   40.018339][  T935] EXT4-fs (loop2): i_reserved_data_blocks=2
[   40.085361][  T942] EXT4-fs error (device loop1): ext4_quota_enable:6052: comm syz.1.149: Bad quota inum: 2, type: 2
[   40.106562][  T942] EXT4-fs warning (device loop1): ext4_enable_quotas:6100: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix.
[   40.106867][  T942] EXT4-fs (loop1): mount failed
[   40.248571][  T942] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=942 comm=syz.1.149
[   40.368995][  T955] EXT4-fs (loop1): orphan cleanup on readonly fs
[   40.393806][  T955] EXT4-fs warning (device loop1): ext4_enable_quotas:6100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   40.413043][  T955] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   40.420116][  T955] EXT4-fs error (device loop1): ext4_orphan_get:1260: comm syz.1.153: bad orphan inode 16
[   40.430416][  T955] EXT4-fs (loop1): Remounting filesystem read-only
[   40.436720][  T955] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,max_batch_time=0x0000000000000c23,noquota,max_batch_time=0x0000000000009c52,resgid=0x000000000000ee01,barrier,stripe=0x000000007768e9ec,stripe=0x0000000000000009,nogrpid,grpjquota=,noauto_da_alloc
[   40.474379][  T955] EXT4-fs error (device loop1): ext4_lookup:1806: inode #2: comm syz.1.153: bad inode number: 12
[   40.480959][  T967] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=967 comm=syz.0.155
[   40.485382][  T955] EXT4-fs error (device loop1): ext4_lookup:1806: inode #2: comm syz.1.153: bad inode number: 12
[   40.514741][  T955] EXT4-fs error (device loop1): ext4_lookup:1806: inode #2: comm syz.1.153: bad inode number: 12
[   40.525593][  T955] EXT4-fs error (device loop1): ext4_lookup:1806: inode #2: comm syz.1.153: bad inode number: 12
[   40.537161][  T556] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   40.837241][  T556] usb 5-1: Using ep0 maxpacket: 8
[   41.037255][  T556] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   41.046164][  T556] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.058621][  T556] usb 5-1: config 0 descriptor??
[   41.321599][  T993] EXT4-fs (loop0): Ignoring removed orlov option
[   41.338634][  T993] EXT4-fs (loop0): mounted filesystem without journal. Opts: block_validity,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue
[   41.647174][  T680] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   41.717669][ T1011] FAULT_INJECTION: forcing a failure.
[   41.717669][ T1011] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   41.744252][ T1011] CPU: 1 PID: 1011 Comm: syz.1.170 Not tainted 5.4.276-syzkaller-00020-g4275fce9fe94 #0
[   41.753773][ T1011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   41.763664][ T1011] Call Trace:
[   41.766810][ T1011]  dump_stack+0x1d8/0x241
[   41.770960][ T1011]  ? panic+0x89d/0x89d
[   41.774868][ T1011]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   41.780509][ T1011]  ? stack_trace_save+0x118/0x1c0
[   41.785370][ T1011]  should_fail+0x71f/0x880
[   41.789712][ T1011]  ? setup_fault_attr+0x3d0/0x3d0
[   41.794570][ T1011]  __alloc_pages_nodemask+0x1b4/0x840
[   41.799773][ T1011]  ? avc_denied+0x1d0/0x1d0
[   41.804207][ T1011]  ? check_preemption_disabled+0x153/0x320
[   41.809928][ T1011]  ? gfp_pfmemalloc_allowed+0x120/0x120
[   41.815313][ T1011]  ? unwind_next_frame+0x1ea0/0x1ea0
[   41.820432][ T1011]  ? get_reg+0x220/0x220
[   41.824510][ T1011]  __pmd_alloc+0x3d/0x220
[   41.828677][ T1011]  handle_mm_fault+0x277f/0x4990
[   41.833452][ T1011]  ? finish_fault+0x230/0x230
[   41.837978][ T1011]  ? down_read_trylock+0x179/0x1d0
[   41.842912][ T1011]  ? check_preemption_disabled+0x9f/0x320
[   41.848463][ T1011]  ? vmacache_update+0x9f/0xf0
[   41.853068][ T1011]  __do_page_fault+0x509/0xbb0
[   41.857670][ T1011]  page_fault+0x2f/0x40
[   41.861657][ T1011] RIP: 0010:__put_user_4+0x1c/0x30
[   41.866604][ T1011] Code: 01 ca c3 66 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 80 8d 02 00 48 8b 9b 98 0b 00 00 48 83 eb 03 48 39 d9 73 3f 0f 01 cb <89> 01 31 c0 0f 01 ca c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 65 48
[   41.886149][ T1011] RSP: 0018:ffff8881e8f67a98 EFLAGS: 00050293
[   41.892047][ T1011] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020000a40
[   41.899857][ T1011] RDX: 1ffff1103d1ecf60 RSI: ffffffff860e7d40 RDI: 0000000000004b3b
[   41.907764][ T1011] RBP: ffff8881e8f67c68 R08: 0000000000000005 R09: ffffffff827731aa
[   41.915569][ T1011] R10: ffff8881da674ec0 R11: 0000000000000039 R12: ffff8881e9294800
[   41.923377][ T1011] R13: 0000000000004b3b R14: ffff8881f5c1a178 R15: 1ffff1103eb8342f
[   41.931199][ T1011]  ? vt_ioctl+0x1ca/0x28f0
[   41.935447][ T1011]  vt_ioctl+0x13d3/0x28f0
[   41.939613][ T1011]  ? vt_waitactive+0x760/0x760
[   41.944299][ T1011]  ? get_pid_task+0xde/0x130
[   41.948727][ T1011]  ? tty_jobctrl_ioctl+0x23f/0xac0
[   41.953673][ T1011]  tty_ioctl+0x8c6/0xcb0
[   41.957755][ T1011]  ? tty_do_resize+0x180/0x180
[   41.962353][ T1011]  do_vfs_ioctl+0x742/0x1720
[   41.966787][ T1011]  ? ioctl_preallocate+0x250/0x250
[   41.971734][ T1011]  ? __fget+0x407/0x490
[   41.975717][ T1011]  ? fget_many+0x20/0x20
[   41.979798][ T1011]  ? debug_smp_processor_id+0x20/0x20
[   41.985006][ T1011]  ? security_file_ioctl+0x7d/0xa0
[   41.989950][ T1011]  __x64_sys_ioctl+0xd4/0x110
[   41.994467][ T1011]  do_syscall_64+0xca/0x1c0
[   41.998804][ T1011]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   42.004532][ T1011] RIP: 0033:0x7fbb32a3fb99
[   42.008781][ T1011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.028221][ T1011] RSP: 002b:00007fbb31cc1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   42.036465][ T1011] RAX: ffffffffffffffda RBX: 00007fbb32bcdfa0 RCX: 00007fbb32a3fb99
[   42.044278][ T1011] RDX: 0000000020000a40 RSI: 0000000000004b3b RDI: 0000000000000003
[   42.052091][ T1011] RBP: 00007fbb31cc10a0 R08: 0000000000000000 R09: 0000000000000000
[   42.059901][ T1011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.067715][ T1011] R13: 000000000000000b R14: 00007fbb32bcdfa0 R15: 00007fff30431b58
[   42.418853][ T1015] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2930: inode #16: comm syz.2.169: corrupted xattr block 8
[   42.428733][ T1023] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   42.430935][ T1015] EXT4-fs warning (device loop2): ext4_evict_inode:321: xattr delete (err -117)
[   42.440331][ T1023] ext4 filesystem being mounted at /root/syzkaller.ddGKxq/38/file0 supports timestamps until 2038 (0x7fffffff)
[   42.448357][ T1015] EXT4-fs (loop2): 1 orphan inode deleted
[   42.469847][ T1015] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   42.478756][  T680] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   42.480007][ T1015] ext4 filesystem being mounted at /root/syzkaller.LjS95d/14/bus supports timestamps until 2038 (0x7fffffff)
[   42.489423][  T680] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   42.511876][  T680] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.530262][  T680] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   42.571423][  T354] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[   42.597858][   T23] kauditd_printk_skb: 25 callbacks suppressed
[   42.597870][   T23] audit: type=1400 audit(1719796639.100:242): avc:  denied  { block_suspend } for  pid=1031 comm="syz.2.173" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   42.625723][  T354] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   42.635431][  T556] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   42.645841][  T354] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   42.649017][  T556] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   42.655628][  T680] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   42.665340][  T556] asix: probe of 5-1:0.0 failed with error -71
[   42.680973][  T680] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   42.685006][  T556] usb 5-1: USB disconnect, device number 5
[   42.689212][  T680] usb 1-1: Manufacturer: syz
[   42.701517][  T680] usb 1-1: config 0 descriptor??
[   42.738193][ T1037] netlink: 16 bytes leftover after parsing attributes in process `syz.2.175'.
[   42.746935][ T1037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.175'.
[   42.906041][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.914525][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.922611][ T1042] device bridge_slave_0 entered promiscuous mode
[   42.930235][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.937060][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.944773][ T1042] device bridge_slave_1 entered promiscuous mode
[   42.996967][ T1048] incfs: Error accessing: ./file0.
[   43.002705][ T1049] incfs: Error accessing: ./file0.
[   43.008471][ T1048] incfs: mount failed -20
[   43.012806][ T1049] incfs: mount failed -20
[   43.017725][ T1048] 9pnet: Insufficient options for proto=fd
[   43.042046][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.048913][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.056040][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.062801][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.112753][  T556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.123506][  T556] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.136807][  T556] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.163416][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.171660][  T682] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.178522][  T682] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.298621][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.306791][  T682] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.313663][  T682] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.334075][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.349517][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.358856][  T680] usbhid 1-1:0.0: can't add hid device: -71
[   43.364735][  T680] usbhid: probe of 1-1:0.0 failed with error -71
[   43.373248][  T680] usb 1-1: USB disconnect, device number 3
[   43.391161][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.407399][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.427628][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.436549][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.458332][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.479743][ T1056] F2FS-fs (loop4): Found nat_bits in checkpoint
[   43.518211][ T1056] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   43.527669][  T258] device bridge_slave_1 left promiscuous mode
[   43.541242][  T258] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.549042][  T258] device bridge_slave_0 left promiscuous mode
[   43.555074][  T258] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.556512][ T1064] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,inode_readahead_blks=0x0000000000000800,noquota,,errors=continue
[   43.576678][ T1064] ext4 filesystem being mounted at /root/syzkaller.SPsZtm/0/bus supports timestamps until 2038 (0x7fffffff)
[   43.664529][   T23] audit: type=1400 audit(1719796640.160:243): avc:  denied  { mount } for  pid=1063 comm="syz.3.178" name="/" dev="configfs" ino=9282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   43.756922][ T1072] syz.4.182[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.757191][ T1072] syz.4.182[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.937347][   T23] audit: type=1400 audit(1719796640.160:244): avc:  denied  { search } for  pid=1063 comm="syz.3.178" name="/" dev="configfs" ino=9282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   44.007175][   T23] audit: type=1400 audit(1719796640.280:245): avc:  denied  { create } for  pid=1055 comm="syz.4.182" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   44.042725][  T774] attempt to access beyond end of device
[   44.042725][  T774] loop4: rw=2049, want=45112, limit=40427
[   44.146532][   T23] audit: type=1400 audit(1719796640.620:246): avc:  denied  { getopt } for  pid=1078 comm="syz.0.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   44.171709][   T23] audit: type=1400 audit(1719796640.620:247): avc:  denied  { ioctl } for  pid=1078 comm="syz.0.185" path="socket:[16734]" dev="sockfs" ino=16734 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   44.197877][   T23] audit: type=1400 audit(1719796640.620:248): avc:  denied  { write } for  pid=1078 comm="syz.0.185" name="loop-control" dev="devtmpfs" ino=9209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   44.223104][   T23] audit: type=1400 audit(1719796640.620:249): avc:  denied  { open } for  pid=1078 comm="syz.0.185" path="/dev/loop-control" dev="devtmpfs" ino=9209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   44.397206][  T680] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   44.637231][  T680] usb 1-1: Invalid ep0 maxpacket: 512
[   44.787205][  T680] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[   45.027174][  T680] usb 1-1: Invalid ep0 maxpacket: 512
[   45.032451][  T680] usb usb1-port1: attempt power cycle
[   45.447267][  T680] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[   45.537241][  T680] usb 1-1: Invalid ep0 maxpacket: 512
[   45.687195][  T680] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[   45.777291][  T680] usb 1-1: Invalid ep0 maxpacket: 512
[   45.782646][  T680] usb usb1-port1: unable to enumerate USB device
[   48.300123][ T1091] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   48.357666][   T23] audit: type=1400 audit(1719796644.740:250): avc:  denied  { ioctl } for  pid=1089 comm="syz.1.188" path="socket:[16001]" dev="sockfs" ino=16001 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   48.641996][ T1091] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[   48.697750][ T1091] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,grpquota,i_version,user_xattr,nomblk_io_submit,,errors=continue
[   48.732329][   T23] audit: type=1400 audit(1719796645.230:251): avc:  denied  { read append } for  pid=1088 comm="syz.0.187" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   48.756423][ T1091] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.762341][   T23] audit: type=1400 audit(1719796645.230:252): avc:  denied  { open } for  pid=1088 comm="syz.0.187" path="/root/syzkaller.SDPh01/34/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   48.769735][ T1091] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.791093][   T23] audit: type=1400 audit(1719796645.250:253): avc:  denied  { write } for  pid=1088 comm="syz.0.187" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   48.797572][ T1091] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.827432][ T1091] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.838058][ T1091] EXT4-fs error (device loop0) in ext4_setattr:5881: error 27
[   48.846356][ T1111] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.854605][ T1111] EXT4-fs error (device loop0) in ext4_do_update_inode:5534: error 27
[   48.863046][ T1111] EXT4-fs error (device loop0) in ext4_setattr:5881: error 27
[   48.872847][ T1099] F2FS-fs (loop1): Invalid segment count (0)
[   48.885670][ T1099] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   48.919347][ T1099] F2FS-fs (loop1): invalid crc value
[   48.928274][ T1099] F2FS-fs (loop1): Found nat_bits in checkpoint
[   48.978160][ T1099] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   48.985109][ T1099] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   49.170505][   T23] audit: type=1400 audit(1719796645.670:254): avc:  denied  { mounton } for  pid=1098 comm="syz.1.192" path="/root/syzkaller.7HkAlr/36/file2/bus" dev="loop1" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.211890][  T351] attempt to access beyond end of device
[   49.211890][  T351] loop1: rw=524288, want=45072, limit=40427
[   49.214906][   T23] audit: type=1400 audit(1719796645.670:255): avc:  denied  { write } for  pid=1098 comm="syz.1.192" name="bus" dev="loop1" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.244646][ T1118] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   49.244695][   T23] audit: type=1400 audit(1719796645.670:256): avc:  denied  { add_name } for  pid=1098 comm="syz.1.192" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.252347][ T1118] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   49.273587][   T23] audit: type=1400 audit(1719796645.670:257): avc:  denied  { setattr } for  pid=1098 comm="syz.1.192" name="work" dev="loop1" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.307203][  T351] attempt to access beyond end of device
[   49.307203][  T351] loop1: rw=0, want=45072, limit=40427
[   49.307835][ T1118] F2FS-fs (loop0): Unrecognized mount option "��0xffffffffffffffff" or missing value
[   49.381768][  T258] attempt to access beyond end of device
[   49.381768][  T258] loop1: rw=2049, want=40992, limit=40427
[   49.402766][ T1127] netlink: 44218 bytes leftover after parsing attributes in process `syz.3.199'.
[   49.412736][ T1127] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   49.570268][ T1129] 9pnet: Insufficient options for proto=fd
[   49.877421][ T1134] F2FS-fs (loop3): invalid crc value
[   49.894155][ T1134] F2FS-fs (loop3): Found nat_bits in checkpoint
[   49.909649][ T1141] erofs: (device loop4): mounted with opts: , root inode @ nid 36.
[   50.061852][ T1134] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   50.179942][   T23] audit: type=1400 audit(1719796646.680:258): avc:  denied  { read } for  pid=1147 comm="syz.4.203" dev="nsfs" ino=4026533017 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   50.201752][ T1042] attempt to access beyond end of device
[   50.201752][ T1042] loop3: rw=2049, want=45104, limit=40427
[   50.257273][   T23] audit: type=1400 audit(1719796646.700:259): avc:  denied  { open } for  pid=1147 comm="syz.4.203" path="net:[4026533017]" dev="nsfs" ino=4026533017 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   50.519232][  T258] device bridge_slave_1 left promiscuous mode
[   50.525303][  T258] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.533072][  T258] device bridge_slave_0 left promiscuous mode
[   50.539362][  T258] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.748517][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.757218][ T1158] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.764484][ T1129] F2FS-fs (loop0): invalid crc value
[   50.773227][ T1158] device bridge_slave_0 entered promiscuous mode
[   50.778644][ T1129] F2FS-fs (loop0): Found nat_bits in checkpoint
[   50.786571][ T1158] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.794492][ T1158] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.802021][ T1158] device bridge_slave_1 entered promiscuous mode
[   50.863048][ T1171] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   50.873588][ T1171] EXT4-fs (loop2): Unsupported blocksize for fs encryption
[   50.914053][ T1129] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   50.990924][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   50.998829][  T682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.013999][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   51.022374][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.032575][  T680] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.039430][  T680] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.049022][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   51.058673][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.066948][  T680] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.073798][  T680] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.084288][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   51.097873][  T556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.108445][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.138877][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.153051][  T556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.180440][  T556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.194518][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.206756][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.340651][ T1191] kvm: emulating exchange as write
[   51.691144][ T1206] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables
[   52.023736][ T1215] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   52.032792][ T1215] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   52.042588][ T1215] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[   52.051361][ T1215] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a002c01c, mo2=0002]
[   52.059219][ T1215] System zones: 0-2, 18-18, 34-34
[   52.064577][ T1215] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:864: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   52.079079][ T1215] EXT4-fs (loop2): 1 truncate cleaned up
[   52.084599][ T1215] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   52.175102][  T373] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[   52.237311][ T1221] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables
[   52.257526][ T1221] EXT4-fs error (device loop2): ext4_find_dest_de:2063: inode #2: block 3: comm syz.2.222: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[   52.289281][ T1223] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue
[   52.304263][ T1223] ext4 filesystem being mounted at /root/syzkaller.SDPh01/38/file1 supports timestamps until 2038 (0x7fffffff)
[   52.677549][  T373] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[   52.999472][  T373] usb 4-1: New USB device found, idVendor=056c, idProduct=8100, bcdDevice= 5.00
[   53.008374][  T373] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.016156][  T373] usb 4-1: Product: syz
[   53.020330][  T373] usb 4-1: Manufacturer: syz
[   53.024753][  T373] usb 4-1: SerialNumber: syz
[   53.076517][  T373] usb 4-1: config 0 descriptor??
[   53.118008][  T373] cdc_subset: probe of 4-1:0.0 failed with error -22
[   53.161707][ T1254] xt_TCPMSS: Only works on TCP SYN packets
[   53.168196][ T1254] syz.2.229[1254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.168301][ T1254] syz.2.229[1254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.322836][    T5] usb 4-1: USB disconnect, device number 4
[   53.377160][  T680] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   53.737263][  T680] usb 1-1: config 1 has an invalid descriptor of length 129, skipping remainder of the config
[   53.747435][  T680] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   53.756030][  T680] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   53.927281][  T680] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   53.944495][  T680] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.960668][  T680] usb 1-1: Product: syz
[   53.968861][  T680] usb 1-1: Manufacturer: syz
[   53.978451][  T680] usb 1-1: SerialNumber: syz
[   54.027966][  T680] cdc_ncm 1-1:1.0: bind() failure
[   54.054620][ T1265] F2FS-fs (loop3): invalid crc value
[   54.067312][ T1265] F2FS-fs (loop3): Found nat_bits in checkpoint
[   54.172632][ T1265] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   54.185828][ T1265] attempt to access beyond end of device
[   54.185828][ T1265] loop3: rw=2049, want=77944, limit=40427
[   54.198738][   T23] kauditd_printk_skb: 13 callbacks suppressed
[   54.198748][   T23] audit: type=1400 audit(1719796650.700:273): avc:  denied  { create } for  pid=1264 comm="syz.3.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   54.232669][ T1277] process 'syz.2.237' launched './file0' with NULL argv: empty string added
[   54.261224][ T1277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.237'.
[   54.358737][   T23] audit: type=1400 audit(1719796650.700:274): avc:  denied  { setopt } for  pid=1264 comm="syz.3.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   54.439776][ T1042] attempt to access beyond end of device
[   54.439776][ T1042] loop3: rw=2049, want=45104, limit=40427
[   54.443594][   T23] audit: type=1400 audit(1719796650.750:275): avc:  denied  { setopt } for  pid=1274 comm="syz.2.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.572944][ T1288] xt_TCPMSS: Only works on TCP SYN packets
[   54.579496][ T1288] syz.4.242[1288] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.579602][ T1288] syz.4.242[1288] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.983453][ T1300] EXT4-fs (loop1): Mount option "noacl" will be removed by 3.5
[   54.983453][ T1300] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   54.983453][ T1300] 
[   55.017459][ T1300] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.087670][ T1300] EXT4-fs (loop1): Unsupported blocksize for fs encryption
[   55.239950][ T1300] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 524288 (only 8 groups)
[   55.449434][ T1310] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   55.474136][  T373] usb 1-1: USB disconnect, device number 8
[   55.616337][    T5] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   55.745191][   T23] audit: type=1400 audit(1719796652.240:276): avc:  denied  { ioctl } for  pid=1322 comm="syz.0.249" path="socket:[18734]" dev="sockfs" ino=18734 ioctlcmd=0xaa04 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   55.808465][ T1324] FAT-fs (loop0): Directory bread(block 64) failed
[   55.814914][ T1324] FAT-fs (loop0): Directory bread(block 65) failed
[   55.823109][ T1324] FAT-fs (loop0): Directory bread(block 66) failed
[   55.829612][ T1324] FAT-fs (loop0): Directory bread(block 67) failed
[   55.835911][ T1324] FAT-fs (loop0): Directory bread(block 68) failed
[   55.842610][ T1324] FAT-fs (loop0): Directory bread(block 69) failed
[   55.849290][ T1324] FAT-fs (loop0): Directory bread(block 70) failed
[   55.855655][ T1324] FAT-fs (loop0): Directory bread(block 71) failed
[   55.862100][ T1324] FAT-fs (loop0): Directory bread(block 72) failed
[   55.918659][    T5] usb 2-1: Using ep0 maxpacket: 8
[   55.923631][ T1324] FAT-fs (loop0): Directory bread(block 73) failed
[   56.037386][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[   56.048333][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   56.057905][    T5] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   56.067359][    T5] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[   56.078310][    T5] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[   56.088126][    T5] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   56.096907][    T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.105795][    T5] usb 2-1: config 0 descriptor??
[   56.127247][ T1309] raw-gadget gadget: fail, usb_ep_enable returned -22
[   56.247151][  T380] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   56.254464][  T680] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   56.437713][ T1300] EXT4-fs (loop1): Unrecognized mount option "hash" or missing value
[   56.681212][   T23] audit: type=1400 audit(1719796653.180:277): avc:  denied  { name_bind } for  pid=1342 comm="syz.4.255" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   56.964053][  T380] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.974797][  T680] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   56.989657][  T680] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[   56.998380][  T380] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.007970][  T680] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   57.008035][ T1347] EXT4-fs (loop4): Unrecognized mount option "smackfsfloor=" or missing value
[   57.020915][  T380] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   57.038739][  T380] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.048120][  T380] usb 1-1: config 0 descriptor??
[   57.053013][ T1300] F2FS-fs (loop1): invalid crc value
[   57.059784][ T1300] F2FS-fs (loop1): Found nat_bits in checkpoint
[   57.094078][ T1300] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   57.197281][  T680] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   57.208615][  T680] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.216515][  T680] usb 3-1: Product: syz
[   57.220750][  T680] usb 3-1: Manufacturer: syz
[   57.225186][  T680] usb 3-1: SerialNumber: syz
[   57.255179][   T23] audit: type=1400 audit(1719796653.750:278): avc:  denied  { create } for  pid=1353 comm="syz.4.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   57.275810][   T23] audit: type=1400 audit(1719796653.750:279): avc:  denied  { connect } for  pid=1353 comm="syz.4.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   57.297869][  T680] usb 3-1: selecting invalid altsetting 1
[   57.428708][ T1356] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   57.437988][ T1356] ext4 filesystem being mounted at /root/syzkaller.oLLzVe/30/file0 supports timestamps until 2038 (0x7fffffff)
[   57.471921][ T1356] EXT4-fs error (device loop4): ext4_map_blocks:617: inode #2: block 3: comm syz.4.258: lblock 8 mapped to illegal pblock 3 (length 26)
[   57.737217][  T680] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[   57.743394][  T680] cdc_ncm 3-1:1.0: bind() failure
[   57.749426][  T680] usb 3-1: USB disconnect, device number 3
[   57.997220][  T380] usbhid 1-1:0.0: can't add hid device: -71
[   58.003012][  T380] usbhid: probe of 1-1:0.0 failed with error -71
[   58.010375][  T380] usb 1-1: USB disconnect, device number 9
[   58.171728][ T1376] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.179054][ T1376] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.186349][ T1376] device bridge_slave_0 entered promiscuous mode
[   58.194901][ T1376] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.201816][ T1376] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.209197][ T1376] device bridge_slave_1 entered promiscuous mode
[   58.293611][ T1376] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.300571][ T1376] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.307651][ T1376] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.314476][ T1376] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.358839][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.366501][  T680] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.373649][  T680] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.384184][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.392742][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.399594][  T373] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.420714][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.431826][  T380] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.438715][  T380] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.515862][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.529922][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.557357][   T24] usb 2-1: USB disconnect, device number 5
[   58.594804][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.621883][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.632327][ T1158] attempt to access beyond end of device
[   58.632327][ T1158] loop1: rw=2049, want=45104, limit=40427
[   58.656297][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.713040][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.725323][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.768046][  T258] device bridge_slave_1 left promiscuous mode
[   58.774046][  T258] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.781969][  T258] device bridge_slave_0 left promiscuous mode
[   58.788082][  T258] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.935915][ T1405] netlink: 16 bytes leftover after parsing attributes in process `syz.0.271'.
[   58.962657][   T23] audit: type=1400 audit(1719796655.460:280): avc:  denied  { getopt } for  pid=1406 comm="syz.1.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   59.038930][ T1407] erofs: (device loop1): erofs_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[   59.148616][   T23] audit: type=1400 audit(1719796655.650:281): avc:  denied  { write } for  pid=1406 comm="syz.1.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.327247][  T380] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   59.613143][ T1429] F2FS-fs (loop4): invalid crc value
[   59.620543][ T1429] F2FS-fs (loop4): Found nat_bits in checkpoint
[   59.652952][ T1429] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   59.664946][   T23] audit: type=1400 audit(1719796656.160:282): avc:  denied  { create } for  pid=1428 comm="syz.4.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   59.697242][  T380] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   59.708362][  T680] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   59.716114][  T380] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   59.724876][   T23] audit: type=1400 audit(1719796656.210:283): avc:  denied  { setattr } for  pid=1428 comm="syz.4.277" name="file0" dev="loop4" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   59.746784][  T380] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   59.795909][   T23] audit: type=1326 audit(1719796656.290:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.4.277" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22787deb99 code=0x0
[   59.937222][  T380] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   59.946260][  T380] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.954234][  T380] usb 1-1: Product: syz
[   59.958394][  T380] usb 1-1: Manufacturer: syz
[   59.962813][  T380] usb 1-1: SerialNumber: syz
[   60.008018][  T380] usb 1-1: selecting invalid altsetting 1
[   60.077229][  T680] usb 4-1: config index 0 descriptor too short (expected 59940, got 36)
[   60.085440][  T680] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   60.095621][  T680] usb 4-1: config 1 has no interfaces?
[   60.101180][  T680] usb 4-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[   60.110119][  T680] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.274891][  T774] attempt to access beyond end of device
[   60.274891][  T774] loop4: rw=2049, want=45104, limit=40427
[   60.317189][  T124] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   60.447331][  T380] cdc_ncm 1-1:1.0: failed GET_NTB_PARAMETERS
[   60.453136][  T380] cdc_ncm 1-1:1.0: bind() failure
[   60.459499][  T380] usb 1-1: USB disconnect, device number 10
[   60.477268][  T680] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   60.484943][ T1450] tmpfs: Unknown parameter 'Nug'
[   60.557213][  T124] usb 3-1: Using ep0 maxpacket: 16
[   60.651665][ T1452] syz.4.284[1452] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.651923][ T1452] syz.4.284[1452] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.877257][  T124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.898988][  T680] usb 2-1: Using ep0 maxpacket: 16
[   60.904087][  T124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.913680][  T124] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   60.926299][  T124] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   60.935069][  T124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.943847][  T124] usb 3-1: config 0 descriptor??
[   61.017245][  T680] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   61.028062][  T680] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   61.037648][  T680] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   61.046513][  T680] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.055692][  T680] usb 2-1: config 0 descriptor??
[   61.395869][   T23] audit: type=1400 audit(1719796657.890:285): avc:  denied  { create } for  pid=1462 comm="syz.4.288" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[   61.416584][   T23] audit: type=1400 audit(1719796657.890:286): avc:  denied  { write } for  pid=1462 comm="syz.4.288" name="file0" dev="sda1" ino=1987 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[   61.428952][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.441617][   T23] audit: type=1400 audit(1719796657.900:287): avc:  denied  { open } for  pid=1462 comm="syz.4.288" path="/root/syzkaller.oLLzVe/36/file0" dev="sda1" ino=1987 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[   61.452078][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.496831][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.506924][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.514013][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.521117][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.521285][ T1448] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   61.528239][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.542571][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.550513][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.557623][  T124] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[   61.565067][  T124] HID 045e:07da: Invalid code 65791 type 1
[   61.574670][  T124] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0004/input/input11
[   61.587318][   T23] audit: type=1400 audit(1719796658.090:288): avc:  denied  { read } for  pid=147 comm="acpid" name="event3" dev="devtmpfs" ino=18388 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.609824][   T23] audit: type=1400 audit(1719796658.090:289): avc:  denied  { open } for  pid=147 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=18388 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.610074][  T124] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[   61.646455][  T124] usb 3-1: USB disconnect, device number 4
[   61.658106][   T23] audit: type=1400 audit(1719796658.160:290): avc:  denied  { ioctl } for  pid=147 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=18388 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   61.827219][  T680] usbhid 2-1:0.0: can't add hid device: -71
[   61.833129][  T680] usbhid: probe of 2-1:0.0 failed with error -71
[   61.843691][  T680] usb 2-1: USB disconnect, device number 6
[   62.108999][   T23] audit: type=1400 audit(1719796658.610:291): avc:  denied  { mounton } for  pid=1462 comm="syz.4.288" path="/root/syzkaller.oLLzVe/36/file0" dev="sda1" ino=1987 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[   62.110136][ T1463] F2FS-fs (loop4): invalid crc value
[   62.138956][ T1463] F2FS-fs (loop4): invalid crc value
[   62.144225][ T1463] F2FS-fs (loop4): Failed to get valid F2FS checkpoint
[   62.437470][  T373] usb 4-1: USB disconnect, device number 5
[   62.837153][  T680] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   62.967189][  T373] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   63.214857][ T1503] netlink: 'syz.2.303': attribute type 1 has an invalid length.
[   63.257335][  T680] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   63.272418][  T680] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   63.291369][  T680] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   63.394211][  T373] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   63.562324][  T373] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   63.571534][  T373] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   63.581253][  T373] usb 4-1: SerialNumber: syz
[   63.639860][  T680] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   63.648791][  T680] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.656542][  T680] usb 5-1: Product: syz
[   63.660548][  T680] usb 5-1: Manufacturer: syz
[   63.664951][  T680] usb 5-1: SerialNumber: syz
[   63.708240][  T680] usb 5-1: selecting invalid altsetting 1
[   64.147264][  T680] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[   64.153136][  T680] cdc_ncm 5-1:1.0: bind() failure
[   64.160314][  T680] usb 5-1: USB disconnect, device number 6
[   64.937176][  T682] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   65.235621][   T23] kauditd_printk_skb: 8 callbacks suppressed
[   65.235629][   T23] audit: type=1401 audit(1719796661.730:300): op=setxattr invalid_context="system_u:"
[   65.279539][ T1553] xt_l2tp: missing protocol rule (udp|l2tpip)
[   65.297280][  T682] usb 5-1: config 0 has an invalid interface number: 204 but max is 0
[   65.305266][  T682] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[   65.353235][  T682] usb 5-1: config 0 descriptor has 1 excess byte, ignoring
[   65.363442][  T682] usb 5-1: config 0 has no interface number 0
[   65.369563][  T682] usb 5-1: config 0 interface 204 altsetting 2 endpoint 0x6 has invalid maxpacket 41851, setting to 64
[   65.380584][  T682] usb 5-1: config 0 interface 204 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[   65.390393][  T682] usb 5-1: config 0 interface 204 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0
[   65.400289][  T682] usb 5-1: config 0 interface 204 altsetting 2 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[   65.411245][  T682] usb 5-1: config 0 interface 204 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   65.422293][  T682] usb 5-1: config 0 interface 204 altsetting 2 has an invalid endpoint with address 0x0, skipping
[   65.434372][  T682] usb 5-1: config 0 interface 204 altsetting 2 endpoint 0xC has an invalid bInterval 0, changing to 7
[   65.445279][  T682] usb 5-1: config 0 interface 204 altsetting 2 has a duplicate endpoint with address 0xC, skipping
[   65.455812][  T682] usb 5-1: config 0 interface 204 altsetting 2 has an invalid endpoint with address 0x7C, skipping
[   65.466309][  T682] usb 5-1: config 0 interface 204 altsetting 2 has 13 endpoint descriptors, different from the interface descriptor's value: 15
[   65.479451][  T682] usb 5-1: config 0 interface 204 has no altsetting 0
[   65.635996][  T556] usb 4-1: USB disconnect, device number 6
[   65.727146][  T682] usb 5-1: New USB device found, idVendor=045e, idProduct=046e, bcdDevice=83.d9
[   65.736165][  T682] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.745390][  T682] usb 5-1: config 0 descriptor??
[   65.759049][ T1560] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   65.768159][ T1560] ext4 filesystem being mounted at /root/syzkaller.SPsZtm/19/file0 supports timestamps until 2038 (0x7fffffff)
[   66.217165][  T556] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   66.347501][   T13] cfg80211: failed to load regulatory.db
[   66.461331][ T1583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.327'.
[   66.528592][ T1587] EXT4-fs (loop2): Ignoring removed nobh option
[   66.541582][ T1587] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[   66.587233][  T556] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.597225][  T556] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[   66.605925][  T556] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   66.777224][  T556] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   66.786120][  T556] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.794070][  T556] usb 4-1: Product: syz
[   66.798518][  T556] usb 4-1: Manufacturer: syz
[   66.802943][  T556] usb 4-1: SerialNumber: syz
[   66.827371][  T802] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   66.847809][  T556] usb 4-1: selecting invalid altsetting 1
[   66.939990][ T1592] xt_TCPMSS: Only works on TCP SYN packets
[   66.946129][ T1592] syz.1.330[1592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.946200][ T1592] syz.1.330[1592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.157786][  T802] usb 3-1: Using ep0 maxpacket: 16
[   67.675210][  T682] usb 5-1: USB disconnect, device number 7
[   67.677314][  T556] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS
[   67.688087][  T802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[   67.699084][  T556] cdc_ncm 4-1:1.0: bind() failure
[   67.705395][  T556] usb 4-1: USB disconnect, device number 7
[   67.711504][  T802] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   67.721018][  T802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.731419][  T802] usb 3-1: config 0 descriptor??
[   68.153356][   T23] audit: type=1400 audit(1719796664.650:301): avc:  denied  { mounton } for  pid=1586 comm="syz.2.329" path="/root/syzkaller.LjS95d/52/bus/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   68.175908][  T556] hid (null): invalid report_count 51355
[   68.179429][   T23] audit: type=1400 audit(1719796664.650:302): avc:  denied  { mount } for  pid=1586 comm="syz.2.329" name="/" dev="ramfs" ino=20687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   68.206211][   T23] audit: type=1400 audit(1719796664.670:303): avc:  denied  { read write } for  pid=1611 comm="syz.1.336" name="uhid" dev="devtmpfs" ino=9309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   68.214489][  T556] hid (null): report_id 0 is invalid
[   68.237600][   T23] audit: type=1400 audit(1719796664.670:304): avc:  denied  { open } for  pid=1611 comm="syz.1.336" path="/dev/uhid" dev="devtmpfs" ino=9309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   68.244535][  T556] hid (null): unknown global tag 0xc
[   68.266001][  T556] hid (null): unknown global tag 0xc
[   68.271999][  T556] hid (null): unknown global tag 0xe
[   68.277451][  T556] hid (null): report_id 1873931494 is invalid
[   68.289395][  T556] hid (null): report_id 4096067102 is invalid
[   68.297420][  T802] usbhid 3-1:0.0: can't add hid device: -71
[   68.303787][  T802] usbhid: probe of 3-1:0.0 failed with error -71
[   68.310623][  T556] hid-generic 0040:01FF:0687.0005: unexpected long global item
[   68.319151][  T802] usb 3-1: USB disconnect, device number 5
[   68.325231][  T556] hid-generic: probe of 0040:01FF:0687.0005 failed with error -22
[   68.402712][ T1621] EXT4-fs (loop1): Unrecognized mount option "ro" or missing value
[   68.539586][ T1627] xt_TCPMSS: Only works on TCP SYN packets
[   68.552844][ T1627] syz.3.341[1627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.552923][ T1627] syz.3.341[1627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.767484][   T23] audit: type=1400 audit(1719796665.260:305): avc:  denied  { unlink } for  pid=767 comm="syz-executor" name="file.cold" dev="loop2" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   68.801214][   T23] audit: type=1400 audit(1719796665.270:306): avc:  denied  { rmdir } for  pid=767 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   69.137502][   T23] audit: type=1400 audit(1719796665.270:307): avc:  denied  { unmount } for  pid=767 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   69.333762][   T18] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   69.453536][ T1649] EXT4-fs (loop2): orphan cleanup on readonly fs
[   69.460479][ T1649] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated!
[   69.469282][ T1649] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[   69.479101][ T1649] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz.2.346: bg 0: block 64: padding at end of block bitmap is not set
[   69.507196][ T1649] EXT4-fs error (device loop2) in ext4_free_blocks:5019: Corrupt filesystem
[   69.516198][ T1649] EXT4-fs (loop2): 1 orphan inode deleted
[   69.524986][ T1649] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   69.641021][ T1655] syz.2.348[1655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.641126][ T1655] syz.2.348[1655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.707352][   T18] usb 2-1: config index 0 descriptor too short (expected 32820, got 52)
[   69.736230][   T18] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   69.750724][   T18] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[   69.764157][   T18] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xE2, skipping
[   69.775401][   T18] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   70.047671][   T18] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0035, bcdDevice= a.97
[   70.057038][   T18] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.066454][   T18] usb 2-1: Product: syz
[   70.071437][   T18] usb 2-1: Manufacturer: syz
[   70.075986][   T18] usb 2-1: SerialNumber: syz
[   70.122633][ T1660] F2FS-fs (loop2): invalid crc value
[   70.134263][   T18] usb 2-1: config 0 descriptor??
[   70.142412][ T1660] F2FS-fs (loop2): Found nat_bits in checkpoint
[   70.175335][ T1660] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[   70.181641][  T682] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   70.189064][   T18] snd-usb-audio: probe of 2-1:0.0 failed with error -2
[   70.189530][ T1660] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   70.255108][  T767] attempt to access beyond end of device
[   70.255108][  T767] loop2: rw=2049, want=45104, limit=40427
[   70.447154][  T682] usb 4-1: Using ep0 maxpacket: 8
[   70.587403][  T682] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   70.599316][  T682] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.609231][  T682] usb 4-1: config 0 descriptor??
[   70.698820][ T1686] EXT4-fs (loop4): Ignoring removed bh option
[   70.704910][ T1683] erofs: (device loop2): mounted with opts: , root inode @ nid 36.
[   70.708894][ T1686] EXT4-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value
[   70.904622][ T1689] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=86
[   71.072159][   T23] kauditd_printk_skb: 4 callbacks suppressed
[   71.072170][   T23] audit: type=1400 audit(1719796667.570:308): avc:  denied  { bind } for  pid=1684 comm="syz.4.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   71.610144][   T23] audit: type=1400 audit(1719796668.110:309): avc:  denied  { accept } for  pid=1699 comm="syz.2.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   71.722793][  T802] usb 2-1: USB disconnect, device number 7
[   71.777574][ T1711] fuse: Bad value for 'fd'
[   71.788595][   T23] audit: type=1400 audit(1719796668.290:310): avc:  denied  { read } for  pid=1710 comm="syz.1.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   71.811790][ T1711] fuse: Bad value for 'fd'
[   72.111885][ T1723] EXT4-fs (loop0): orphan cleanup on readonly fs
[   72.119250][ T1723] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated!
[   72.128225][ T1723] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   72.137899][ T1723] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated!
[   72.146706][ T1723] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   72.156552][ T1723] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz.0.368: bg 0: block 64: padding at end of block bitmap is not set
[   72.170757][ T1723] EXT4-fs error (device loop0) in ext4_free_blocks:5019: Corrupt filesystem
[   72.179549][ T1723] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated!
[   72.188403][ T1723] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   72.197939][ T1723] EXT4-fs (loop0): 1 orphan inode deleted
[   72.206080][ T1723] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   72.319007][ T1731] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   72.327855][ T1731] ext4 filesystem being mounted at /root/syzkaller.pOEKYj/34/file0 supports timestamps until 2038 (0x7fffffff)
[   72.393402][ T1742] capability: warning: `syz.0.372' uses deprecated v2 capabilities in a way that may be insecure
[   72.637223][  T682] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   72.647309][  T682] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[   72.658231][  T682] asix: probe of 4-1:0.0 failed with error -71
[   72.665092][  T682] usb 4-1: USB disconnect, device number 8
[   72.677182][  T802] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   72.723665][ T1746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.374'.
[   72.733343][ T1748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.374'.
[   72.877251][  T680] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   72.957169][  T802] usb 1-1: device descriptor read/64, error 18
[   73.357174][  T802] usb 1-1: device descriptor read/64, error 18
[   73.417227][  T680] usb 3-1: config 0 has no interfaces?
[   73.637455][  T802] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   73.767247][  T680] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   73.777345][  T680] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.787695][  T680] usb 3-1: Product: syz
[   73.791966][  T680] usb 3-1: Manufacturer: syz
[   73.796643][  T680] usb 3-1: SerialNumber: syz
[   73.802550][  T680] usb 3-1: config 0 descriptor??
[   73.937509][  T802] usb 1-1: device descriptor read/64, error 18
[   74.087156][  T373] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   74.327476][  T373] usb 2-1: Using ep0 maxpacket: 32
[   74.337152][  T802] usb 1-1: device descriptor read/64, error 18
[   74.376005][ T1789] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[   74.396833][ T1789] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e118, mo2=0000]
[   74.404937][ T1789] System zones: 0-1, 3-12
[   74.411232][ T1789] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:455: comm syz.3.386: Invalid block bitmap block 0 in block_group 0
[   74.424591][ T1789] Quota error (device loop3): write_blk: dquota write failed
[   74.432063][ T1789] EXT4-fs error (device loop3): ext4_free_blocks:4799: comm syz.3.386: Freeing blocks not in datazone - block = 0, count = 4096
[   74.445385][ T1789] EXT4-fs error (device loop3): ext4_read_inode_bitmap:134: comm syz.3.386: Invalid inode bitmap blk 0 in block_group 0
[   74.457246][  T802] usb usb1-port1: attempt power cycle
[   74.463370][ T1789] EXT4-fs error (device loop3) in ext4_free_inode:352: Corrupt filesystem
[   74.467422][  T373] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   74.481914][ T1789] EXT4-fs (loop3): 1 orphan inode deleted
[   74.487484][ T1789] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; sysvgroups,debug,auto_da_alloc,jqfmt=vfsv0,journal_dev=0x0000000000000004,norecovery,max_dir_size_kb=0x0000000000000000,max_dir_size_kb=0x0000000000000009,,errors=continue
[   74.487811][  T373] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   74.539085][ T1789] EXT4-fs error (device loop3): ext4_lookup:1814: inode #15: comm syz.3.386: iget: bad extra_isize 65535 (inode size 256)
[   74.559687][  T373] usb 2-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[   74.575908][  T373] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.589685][  T556] usb 3-1: USB disconnect, device number 6
[   74.601109][  T373] usb 2-1: config 0 descriptor??
[   74.648352][  T373] usb 2-1: bad CDC descriptors
[   74.655381][  T373] cdc_acm 2-1:0.0: Zero length descriptor references
[   74.668323][  T373] cdc_acm: probe of 2-1:0.0 failed with error -22
[   74.887259][  T802] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[   74.903231][  T682] usb 2-1: USB disconnect, device number 8
[   74.910560][ T1800] overlayfs: unrecognized mount option "euid>00000000000000000000" or missing value
[   74.987213][  T802] usb 1-1: Invalid ep0 maxpacket: 124
[   75.137165][  T802] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   75.217152][   T13] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   75.227327][  T802] usb 1-1: Invalid ep0 maxpacket: 124
[   75.232664][  T802] usb usb1-port1: unable to enumerate USB device
[   75.814552][ T1823] netlink: 104 bytes leftover after parsing attributes in process `syz.3.396'.
[   75.914694][   T13] usb 5-1: config 127 has an invalid interface number: 229 but max is 0
[   75.929197][   T13] usb 5-1: config 127 contains an unexpected descriptor of type 0x1, skipping
[   75.946208][   T13] usb 5-1: config 127 has no interface number 0
[   75.951121][ T1839] syz.2.398[1839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.951230][ T1839] syz.2.398[1839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.952674][   T13] usb 5-1: config 127 interface 229 altsetting 0 endpoint 0x6 has an invalid bInterval 135, changing to 7
[   75.987914][   T13] usb 5-1: config 127 interface 229 altsetting 0 has an invalid endpoint with address 0x80, skipping
[   75.999110][   T13] usb 5-1: config 127 interface 229 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[   76.068314][ T1845] syz.3.401[1845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.068382][ T1845] syz.3.401[1845] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.187264][   T13] usb 5-1: New USB device found, idVendor=0458, idProduct=7029, bcdDevice=2e.05
[   76.207190][   T13] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.465273][   T13] usb 5-1: Product: ⑶걼凜艃溼㺞啥뢘缽耘畓쏫ꀅ蒂➩ệꮍ쭨ꓰ䁅喂㇮凝呆辳Ά劆乣됢萸嚼뗒㌲ᆕ溮俫줶齓Ữ๪紃䖟≜ç釪︽ᠧ铴籵齊树۱벺厥⏃꿠땈깂㊛昰쀇讷߿鸤ﳇ콎덠ᶍ꺫䆄㑞
[   76.488739][   T13] usb 5-1: Manufacturer: 㘧䏑폛뼋二᝷붦ᥩ䈻졨䵜榝굑㜉뮈ﵝ┨㇈䤎旝ਰ彉⣉羵⌎䣌蝯멒૖ڙ뙋蝳鶄抔贛왳薭늩鳼ⷺ๵윴塮㣕彭繬벭ﵽ장悐衁筋셇倲㬫ু햝篠锏⢴滤臊ሊ箉䇮᷶ၼ㫶輊봑赆㿼릇ἃ피鮥ⵛ䩲픧撼ۿ㈹㯌簰爂板鴏㑘鹏⡚랬豙뮽슟쌋ᾓ끪⿍
[   76.520424][   T13] usb 5-1: SerialNumber: 屟᠀溵칳᳐⤅奨䋒ֵ㮏㹂䖊矑ꎶ䍔
[   76.579423][ T1848]  loop3: p1 < > p4
[   76.583947][ T1848] loop3: p4 size 8388608 extends beyond EOD, truncated
[   76.818849][ T1856] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   76.831166][ T1856] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,sysvgroups,norecovery,grpid,norecovery,,errors=continue
[   76.849317][   T13] usb 5-1: USB disconnect, device number 8
[   77.102033][   T23] kauditd_printk_skb: 3 callbacks suppressed
[   77.102044][   T23] audit: type=1400 audit(1719796673.600:312): avc:  denied  { create } for  pid=1867 comm="syz.0.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   77.137728][   T23] audit: type=1400 audit(1719796673.620:313): avc:  denied  { read } for  pid=1867 comm="syz.0.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   77.219377][ T1875] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=880ce118, mo2=0000]
[   77.231050][ T1875] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #3: block 69: comm syz.3.407: lblock 8 mapped to illegal pblock 69 (length 1)
[   77.245881][ T1875] Quota error (device loop3): write_blk: dquota write failed
[   77.266459][ T1875] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #3: block 68: comm syz.3.407: lblock 7 mapped to illegal pblock 68 (length 1)
[   77.280573][ T1875] Quota error (device loop3): write_blk: dquota write failed
[   77.288228][ T1875] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #3: block 67: comm syz.3.407: lblock 6 mapped to illegal pblock 67 (length 1)
[   77.302749][ T1875] Quota error (device loop3): write_blk: dquota write failed
[   77.310278][ T1875] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   77.318763][ T1880] syz.4.409[1880] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.318931][ T1880] syz.4.409[1880] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.320187][ T1875] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #3: block 48: comm syz.3.407: lblock 0 mapped to illegal pblock 48 (length 1)
[   77.398784][ T1875] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   77.407452][ T1875] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   77.407575][ T1875] EXT4-fs warning (device loop3): ext4_evict_inode:304: couldn't mark inode dirty (err -117)
[   77.407597][ T1875] EXT4-fs (loop3): 1 orphan inode deleted
[   77.407613][ T1875] EXT4-fs (loop3): mounted filesystem without journal. Opts: sysvgroups,quota,noblock_validity,nodiscard,journal_dev=0x0000000000004001,norecovery,bsddf,debug,,errors=continue
[   77.408473][    T7] EXT4-fs error (device loop3): ext4_map_blocks:617: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   77.463893][    T7] Quota error (device loop3): remove_tree: Can't read quota data block 1
[   77.463990][ T1875] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6099: Corrupt filesystem
[   77.639909][ T1885] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   77.649044][ T1885] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   77.716396][ T1885] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[   77.725304][ T1885] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a002c01c, mo2=0002]
[   77.733208][ T1885] System zones: 0-2, 18-18, 34-34
[   77.739017][ T1885] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:864: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   77.753594][ T1885] EXT4-fs (loop4): 1 truncate cleaned up
[   77.759092][ T1885] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   78.380960][ T1893] EXT4-fs (loop2): INFO: recovery required on readonly filesystem
[   78.396316][ T1893] EXT4-fs (loop2): write access will be enabled during recovery
[   78.414703][ T1893] EXT4-fs (loop2): barriers disabled
[   78.424819][ T1893] JBD2: no valid journal superblock found
[   78.441799][ T1893] EXT4-fs (loop2): error loading journal
[   78.596431][ T1912] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables
[   78.608811][   T23] audit: type=1400 audit(1719796675.110:314): avc:  denied  { name_bind } for  pid=1904 comm="syz.3.417" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   78.630037][ T1912] EXT4-fs error (device loop4): ext4_find_dest_de:2063: inode #2: block 3: comm syz.4.411: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[   78.773580][ T1918] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   78.846421][ T1921] syz.3.421[1921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.846528][ T1921] syz.3.421[1921] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.030121][   T23] audit: type=1400 audit(1719796675.530:315): avc:  denied  { listen } for  pid=1933 comm="syz.3.426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   81.307626][  T380] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   81.319487][ T1993] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue
[   81.329659][ T1993] ext4 filesystem being mounted at /root/syzkaller.Jq8NMN/42/file0 supports timestamps until 2038 (0x7fffffff)
[   81.348650][ T1993] EXT4-fs error (device loop1): ext4_get_first_dir_block:3593: inode #12: comm syz.1.444: Directory hole found for htree leaf block
[   81.362256][ T1994] EXT4-fs error (device loop1): ext4_get_first_dir_block:3593: inode #12: comm syz.1.444: Directory hole found for htree leaf block
[   81.667274][  T380] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.678478][  T380] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.695630][  T380] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[   81.705392][   T13] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   81.768361][ T2012] EXT4-fs (loop0): Unsupported blocksize for fs encryption
[   81.887326][  T380] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   81.896507][  T380] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.904368][  T380] usb 4-1: Product: syz
[   81.908507][  T380] usb 4-1: Manufacturer: syz
[   81.912936][  T380] usb 4-1: SerialNumber: syz
[   82.476877][ T1988] raw-gadget gadget: fail, usb_ep_enable returned -22
[   82.577276][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.588060][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.597557][   T13] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   82.606405][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.615120][   T13] usb 2-1: config 0 descriptor??
[   82.817247][  T124] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   82.830895][ T2039] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue
[   82.843435][ T2039] ext4 filesystem being mounted at /root/syzkaller.LjS95d/78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   83.077153][  T124] usb 5-1: Using ep0 maxpacket: 32
[   83.089212][   T13] wacom 0003:056A:0331.0006: unbalanced collection at end of report description
[   83.098487][   T13] wacom 0003:056A:0331.0006: parse failed
[   83.104113][   T13] wacom: probe of 0003:056A:0331.0006 failed with error -22
[   83.169692][ T1988] raw-gadget gadget: fail, usb_ep_enable returned -22
[   83.294473][ T2005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   83.352316][ T2005] EXT4-fs (loop1): bad geometry: block count 3098423767073024 exceeds size of device (256 blocks)
[   83.362962][  T124] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=4d.52
[   83.374638][  T124] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.382478][  T124] usb 5-1: Product: syz
[   83.386496][  T124] usb 5-1: Manufacturer: syz
[   83.391195][  T124] usb 5-1: SerialNumber: syz
[   83.396419][  T124] usb 5-1: config 0 descriptor??
[   83.407235][  T380] cdc_ncm 4-1:1.0: bind() failure
[   83.413297][  T380] cdc_ncm 4-1:1.1: bind() failure
[   83.455873][   T23] kauditd_printk_skb: 3 callbacks suppressed
[   83.455885][   T23] audit: type=1400 audit(1719796679.950:319): avc:  denied  { mount } for  pid=2004 comm="syz.1.447" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   83.468770][  T380] usb 2-1: USB disconnect, device number 9
[   83.484447][   T23] audit: type=1400 audit(1719796679.960:320): avc:  denied  { remount } for  pid=2004 comm="syz.1.447" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   83.608112][ T1988] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   83.638246][   T23] audit: type=1400 audit(1719796680.140:321): avc:  denied  { set_context_mgr } for  pid=2028 comm="syz.4.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   83.740884][ T1988] FAT-fs (loop3): Directory bread(block 64) failed
[   83.751705][   T24] usb 5-1: USB disconnect, device number 9
[   83.756603][ T1988] FAT-fs (loop3): Directory bread(block 65) failed
[   83.770997][ T1988] FAT-fs (loop3): Directory bread(block 66) failed
[   83.784612][ T1988] FAT-fs (loop3): Directory bread(block 67) failed
[   83.791088][ T1988] FAT-fs (loop3): Directory bread(block 68) failed
[   83.797470][ T1988] FAT-fs (loop3): Directory bread(block 69) failed
[   83.806416][ T1988] FAT-fs (loop3): Directory bread(block 70) failed
[   83.813624][ T1988] FAT-fs (loop3): Directory bread(block 71) failed
[   83.820595][ T1988] FAT-fs (loop3): Directory bread(block 72) failed
[   83.826892][ T2066] device vti0 entered promiscuous mode
[   83.836602][ T1988] FAT-fs (loop3): Directory bread(block 73) failed
[   83.863440][  T380] usb 4-1: USB disconnect, device number 9
[   84.011413][ T2005] syz.1.447 (2005) used greatest stack depth: 19064 bytes left
[   84.020711][   T23] audit: type=1400 audit(1719796680.520:322): avc:  denied  { unmount } for  pid=1158 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   84.130937][ T2076] device ip6gre1 entered promiscuous mode
[   84.178134][ T2070] F2FS-fs (loop2): Invalid segment count (0)
[   84.184309][ T2070] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   84.192822][ T2070] F2FS-fs (loop2): Unrecognized mount option "noinline_denTry" or missing value
[   84.213632][   T23] audit: type=1400 audit(1719796680.710:323): avc:  denied  { create } for  pid=2069 comm="syz.2.464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   84.648558][ T2093] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=2093 comm=syz.4.473
[   84.758174][ T2104] cgroup1: Invalid name
[   84.811459][   T23] audit: type=1400 audit(1719796681.310:324): avc:  denied  { watch watch_reads } for  pid=2108 comm="syz.0.479" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   84.861761][ T2122] netlink: 44 bytes leftover after parsing attributes in process `���'.
[   85.362002][   T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[   85.806654][ T2149] F2FS-fs (loop3): Wrong secs_per_zone / total_sections (67108865, 24)
[   85.828509][ T2149] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[   85.849466][ T2149] F2FS-fs (loop3): invalid crc value
[   85.957250][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.957265][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.957290][   T24] usb 1-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00
[   85.957302][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.958908][   T24] usb 1-1: config 0 descriptor??
[   85.959054][ T2149] F2FS-fs (loop3): Found nat_bits in checkpoint
[   86.024053][ T2149] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[   86.031299][ T2149] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   86.043968][   T23] audit: type=1400 audit(1719796682.540:325): avc:  denied  { unlink } for  pid=2148 comm="syz.3.489" name="bus" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   86.065750][ T2172] attempt to access beyond end of device
[   86.065750][ T2172] loop3: rw=2049, want=40976, limit=40427
[   86.507235][   T24] usbhid 1-1:0.0: can't add hid device: -71
[   86.513160][   T24] usbhid: probe of 1-1:0.0 failed with error -71
[   86.539198][   T24] usb 1-1: USB disconnect, device number 15
[   86.585033][ T2186] EXT4-fs (loop2): Unsupported blocksize for fs encryption
[   86.840192][   T23] audit: type=1400 audit(1719796683.340:326): avc:  denied  { read } for  pid=2198 comm="syz.2.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   86.890729][   T23] audit: type=1400 audit(1719796683.390:327): avc:  denied  { connect } for  pid=2198 comm="syz.2.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   86.911894][ T2199] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.918997][ T2199] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.926495][   T23] audit: type=1400 audit(1719796683.410:328): avc:  denied  { ioctl } for  pid=2198 comm="syz.2.503" path="socket:[23837]" dev="sockfs" ino=23837 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   87.027918][ T2209] overlayfs: unrecognized mount option "euid<00000000000000000000" or missing value
[   87.078428][ T2219] fuse: Unknown parameter ''
[   87.085537][ T2219] netlink: 8 bytes leftover after parsing attributes in process `syz.0.505'.
[   87.110594][ T2217] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   87.130820][ T2217] EXT4-fs (loop2): 1 truncate cleaned up
[   87.149128][ T2217] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,init_itable=0x0000000000000101,max_dir_size_kb=0x0000000000000003,,errors=continue
[   87.277246][  T124] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[   87.322535][ T2230] EXT4-fs error (device loop2): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   87.527148][  T124] usb 4-1: Using ep0 maxpacket: 8
[   87.542996][ T2238] netlink: 8 bytes leftover after parsing attributes in process `syz.4.514'.
[   87.912896][  T124] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   87.937325][  T124] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.946458][  T124] usb 4-1: config 0 descriptor??
[   88.108317][ T2243] F2FS-fs (loop4): Found nat_bits in checkpoint
[   88.193871][ T2243] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   88.329940][ T2251] F2FS-fs (loop2): Unrecognized mount option "background" or missing value
[   88.397195][ T2249] F2FS-fs (loop1): invalid crc value
[   88.422083][ T2249] F2FS-fs (loop1): Found nat_bits in checkpoint
[   88.464848][ T2249] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   88.787227][  T124] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[   88.888489][ T2249] attempt to access beyond end of device
[   88.888489][ T2249] loop1: rw=10241, want=45104, limit=40427
[   89.105762][  T774] attempt to access beyond end of device
[   89.105762][  T774] loop4: rw=2049, want=45104, limit=40427
[   89.337296][  T124] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   89.357168][  T124] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   89.373125][  T124] asix: probe of 4-1:0.0 failed with error -71
[   89.380074][  T124] usb 4-1: USB disconnect, device number 10
[   89.391576][ T1158] attempt to access beyond end of device
[   89.391576][ T1158] loop1: rw=2049, want=45112, limit=40427
[   89.577150][  T373] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   90.067585][  T373] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.079015][  T373] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.124794][ T2291] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[   90.132365][ T2291] EXT4-fs (loop3): quotafile must be on filesystem root
[   90.207339][  T373] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[   90.216468][  T373] usb 3-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0
[   90.224496][  T373] usb 3-1: Product: syz
[   90.229900][  T373] usb 3-1: config 0 descriptor??
[   90.660067][  T124] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   90.736814][   T23] audit: type=1400 audit(1719796687.230:329): avc:  denied  { getopt } for  pid=2304 comm="syz.0.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   90.758605][  T373] konepure 0003:1E7D:2DB4.0007: unknown global tag 0xc
[   90.772057][  T373] konepure 0003:1E7D:2DB4.0007: item 0 2 1 12 parsing failed
[   90.797957][  T373] konepure 0003:1E7D:2DB4.0007: parse failed
[   90.804529][  T373] konepure: probe of 0003:1E7D:2DB4.0007 failed with error -22
[   91.237323][  T373] usb 3-1: USB disconnect, device number 7
[   91.283572][   T23] audit: type=1400 audit(1719796687.780:330): avc:  denied  { mount } for  pid=2315 comm="syz.3.538" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   91.389198][  T124] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   91.403275][   T23] audit: type=1400 audit(1719796687.900:331): avc:  denied  { unmount } for  pid=1042 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   91.439162][  T124] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   91.448933][  T124] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   91.459726][  T124] usb 5-1: config 1 interface 1 has no altsetting 0
[   91.837457][  T124] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   91.863625][  T124] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.879790][  T124] usb 5-1: Product: syz
[   91.887998][  T124] usb 5-1: Manufacturer: syz
[   91.898697][  T124] usb 5-1: SerialNumber: syz
[   92.000857][ T2346] syz.2.548[2346] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.000960][ T2346] syz.2.548[2346] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.041539][   T23] audit: type=1400 audit(1719796688.540:332): avc:  denied  { getopt } for  pid=2350 comm="syz.2.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   92.075142][   T23] audit: type=1400 audit(1719796688.570:333): avc:  denied  { map } for  pid=2350 comm="syz.2.550" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   92.096390][ T2351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.550'.
[   92.104791][   T23] audit: type=1400 audit(1719796688.590:334): avc:  denied  { call } for  pid=2350 comm="syz.2.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   92.147167][   T23] audit: type=1400 audit(1719796688.590:335): avc:  denied  { transfer } for  pid=2350 comm="syz.2.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   92.237087][ T2355] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   92.246375][ T2355] ext4 filesystem being mounted at /root/syzkaller.LjS95d/102/bus supports timestamps until 2038 (0x7fffffff)
[   92.764621][   T23] audit: type=1400 audit(1719796689.250:336): avc:  denied  { remove_name } for  pid=2354 comm="syz.2.551" name="file0" dev="loop2" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   92.912178][   T23] audit: type=1400 audit(1719796689.250:337): avc:  denied  { rmdir } for  pid=2354 comm="syz.2.551" name="file0" dev="loop2" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.106132][ T2353] F2FS-fs (loop0): Found nat_bits in checkpoint
[   93.140398][   T23] audit: type=1400 audit(1719796689.640:338): avc:  denied  { mount } for  pid=2383 comm="syz.2.555" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   93.210669][ T2353] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   93.539770][ T2353] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   93.557613][ T2353] attempt to access beyond end of device
[   93.557613][ T2353] loop0: rw=2049, want=53792, limit=40427
[   93.571150][ T2353] attempt to access beyond end of device
[   93.571150][ T2353] loop0: rw=0, want=53792, limit=40427
[   93.703738][ T1376] attempt to access beyond end of device
[   93.703738][ T1376] loop0: rw=2049, want=45104, limit=40427
[   93.880302][  T124] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[   93.915991][  T124] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[   93.932275][  T124] usb 5-1: 2:1 : invalid channels 0
[   94.077045][  T124] usb 5-1: USB disconnect, device number 10
[   94.380941][ T2404] syz.1.563[2404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.381042][ T2404] syz.1.563[2404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.712325][ T2397] F2FS-fs (loop3): invalid crc value
[   94.713163][ T2424] netlink: 'syz.0.569': attribute type 25 has an invalid length.
[   94.737211][ T2424] netlink: 'syz.0.569': attribute type 7 has an invalid length.
[   94.779623][ T2397] F2FS-fs (loop3): Found nat_bits in checkpoint
[   94.821152][ T2393] F2FS-fs (loop2): Unrecognized mount option "0xffffffffffffffff" or missing value
[   94.834318][ T2424] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[   94.844706][ T2424] FAT-fs (loop0): Filesystem has been set read-only
[   94.879808][ T2397] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[   94.886585][ T2397] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   94.897387][    T7] attempt to access beyond end of device
[   94.897387][    T7] loop3: rw=2049, want=45104, limit=40427
[   95.421974][ T2397] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   95.471175][    T9] FAT-fs (loop1): Invalid FSINFO signature: 0x003ff31e, 0x0fc3fc3e (sector = 1)
[   95.650134][ T2450] syz.2.574[2450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.650206][ T2450] syz.2.574[2450] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.950453][ T2458] EXT4-fs (loop4): 1 orphan inode deleted
[   95.967023][ T2458] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   95.976772][ T2458] ext4 filesystem being mounted at /root/syzkaller.oLLzVe/74/file1 supports timestamps until 2038 (0x7fffffff)
[   96.104409][ T2477] erofs: (device loop3): erofs_read_superblock: blkszbits 9 isn't supported on this platform
[   96.369485][ T2474] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   96.378530][ T2474] ext4 filesystem being mounted at /root/syzkaller.LjS95d/109/file0 supports timestamps until 2038 (0x7fffffff)
[   96.399162][ T2489] syz.1.586[2489] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.399265][ T2489] syz.1.586[2489] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.410857][   T23] kauditd_printk_skb: 7 callbacks suppressed
[   96.410870][   T23] audit: type=1400 audit(1719796692.910:346): avc:  denied  { ioctl } for  pid=2470 comm="syz.2.582" path="/root/syzkaller.LjS95d/109/file0/file0/file0" dev="loop2" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   96.960969][   T23] audit: type=1400 audit(1719796693.430:347): avc:  denied  { bind } for  pid=2494 comm="syz.3.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   97.072817][   T23] audit: type=1400 audit(1719796693.560:348): avc:  denied  { map } for  pid=2523 comm="syz.0.594" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=813 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   97.096867][   T23] audit: type=1400 audit(1719796693.570:349): avc:  denied  { shutdown } for  pid=2525 comm="syz.4.595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   97.116137][ T2528] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   97.207166][  T680] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   97.779441][  T680] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.791384][  T680] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[   97.898428][ T2569] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[   97.916900][   T23] audit: type=1400 audit(1719796694.410:350): avc:  denied  { rename } for  pid=2566 comm="syz.1.610" name="#2" dev="sda1" ino=2008 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   97.967195][  T373] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   97.977225][  T680] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   97.986185][  T680] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.994056][  T680] usb 3-1: Product: syz
[   97.998085][  T680] usb 3-1: Manufacturer: syz
[   98.002418][  T680] usb 3-1: SerialNumber: syz
[   98.087026][   T23] audit: type=1400 audit(1719796694.580:351): avc:  denied  { unlink } for  pid=1158 comm="syz-executor" name="file0" dev="sda1" ino=2008 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   98.237198][  T373] usb 4-1: device descriptor read/64, error 18
[   98.252204][   T23] audit: type=1400 audit(1719796694.750:352): avc:  denied  { write } for  pid=2503 comm="syz.2.591" name="ppp" dev="devtmpfs" ino=9280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   98.297296][ T2579] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   98.428914][ T2504] raw-gadget gadget: fail, usb_ep_enable returned -22
[   98.857147][  T373] usb 4-1: device descriptor read/64, error 18
[   98.987483][  T124] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   99.137175][  T373] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   99.220468][   T23] audit: type=1400 audit(1719796695.720:353): avc:  denied  { write } for  pid=2600 comm="syz.0.619" path="socket:[26518]" dev="sockfs" ino=26518 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   99.301342][ T2504] raw-gadget gadget: fail, usb_ep_enable returned -22
[   99.302423][ T2601] EXT4-fs (loop0): Unrecognized mount option "fsmagic=0x0000000000000006" or missing value
[   99.427146][  T373] usb 4-1: device descriptor read/64, error 18
[   99.463343][ T2601] netlink: 64 bytes leftover after parsing attributes in process `syz.0.619'.
[   99.497285][  T124] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 189, changing to 11
[   99.508389][  T124] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58801, setting to 1024
[   99.519449][  T124] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   99.532341][  T124] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   99.541202][  T680] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[   99.547421][  T124] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.555517][  T680] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[   99.562755][  T680] cdc_ncm 3-1:1.0: setting rx_max = 2048
[   99.568508][  T124] usb 5-1: config 0 descriptor??
[   99.587247][ T2575] raw-gadget gadget: fail, usb_ep_enable returned -22
[   99.747215][  T680] cdc_ncm 3-1:1.0: setting tx_max = 184
[   99.754667][  T680] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM, 42:42:42:42:42:42
[   99.770746][  T680] usb 3-1: USB disconnect, device number 8
[   99.776203][   T23] audit: type=1400 audit(1719796696.270:354): avc:  denied  { read } for  pid=200 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   99.776593][  T680] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM
[   99.807617][   T23] audit: type=1400 audit(1719796696.300:355): avc:  denied  { search } for  pid=200 comm="dhcpcd" name="/" dev="tmpfs" ino=9421 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   99.837152][  T373] usb 4-1: device descriptor read/64, error 18
[   99.967222][  T373] usb usb4-port1: attempt power cycle
[  100.108635][  T124] plantronics 0003:047F:FFFF.0008: unknown main item tag 0xd
[  100.117731][  T124] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  100.133219][  T124] plantronics 0003:047F:FFFF.0008: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  100.377508][  T373] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  100.392950][ T2575] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  100.407209][ T2649] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=880ce118, mo2=0000]
[  100.416746][ T2649] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #3: block 69: comm syz.1.624: lblock 8 mapped to illegal pblock 69 (length 1)
[  100.426703][  T124] usb 5-1: USB disconnect, device number 11
[  100.431068][ T2649] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #3: block 68: comm syz.1.624: lblock 7 mapped to illegal pblock 68 (length 1)
[  100.450420][ T2649] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #3: block 67: comm syz.1.624: lblock 6 mapped to illegal pblock 67 (length 1)
[  100.465746][ T2649] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #3: block 48: comm syz.1.624: lblock 0 mapped to illegal pblock 48 (length 1)
[  100.481590][ T2649] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem
[  100.491790][ T2649] EXT4-fs warning (device loop1): ext4_evict_inode:304: couldn't mark inode dirty (err -117)
[  100.506280][ T2649] EXT4-fs (loop1): 1 orphan inode deleted
[  100.512005][ T2649] EXT4-fs (loop1): mounted filesystem without journal. Opts: sysvgroups,quota,noblock_validity,nodiscard,journal_dev=0x0000000000000004,norecovery,bsddf,debug,,errors=continue
[  100.529386][    T9] EXT4-fs error (device loop1): ext4_map_blocks:617: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  100.548110][ T2649] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6099: Corrupt filesystem
[  100.627186][  T373] usb 4-1: device descriptor read/8, error -61
[  100.847115][    C1] raw-gadget gadget: ignoring, device is not running
[  100.907317][  T373] usb 4-1: device descriptor read/8, error -71
[  101.558664][ T2663] FAT-fs (loop1): Unrecognized mount option "" or missing value
[  101.976313][   T23] kauditd_printk_skb: 29 callbacks suppressed
[  101.976324][   T23] audit: type=1400 audit(1719796698.470:379): avc:  denied  { setopt } for  pid=2690 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  102.328713][   T23] audit: type=1400 audit(1719796698.770:380): avc:  denied  { mounton } for  pid=2693 comm="syz.1.637" path="/root/syzkaller.Jq8NMN/86/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  102.456859][ T2701] fuse: Bad value for 'user_id'
[  102.562166][ T2363] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  103.844441][ T2724] 9pnet: p9_fd_create_tcp (2724): problem connecting socket to 127.0.0.1
[  103.917239][ T2363] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.941944][ T2363] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  104.208709][ T2736] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,nolazytime,min_batch_time=0x0000000000000005,delalloc,user_xattr,errors=remount-ro,
[  104.232945][ T2363] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  104.242189][ T2363] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.250125][ T2363] usb 1-1: Product: syz
[  104.254269][ T2363] usb 1-1: Manufacturer: syz
[  104.258822][ T2363] usb 1-1: SerialNumber: syz
[  104.267432][ T2736] EXT4-fs error (device loop3): ext4_xattr_ibody_get:601: inode #18: comm syz.3.649: corrupted in-inode xattr
[  104.297426][ T2736] EXT4-fs (loop3): Remounting filesystem read-only
[  104.308376][ T2736] EXT4-fs error (device loop3): get_max_inline_xattr_value_size:68: inode #18: comm syz.3.649: corrupt xattr in inline inode
[  104.552499][ T2692] raw-gadget gadget: fail, usb_ep_enable returned -22
[  104.597188][  T802] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  104.762073][ T2777] erofs: (device loop1): mounted with opts: , root inode @ nid 36.
[  104.788296][ T2777] attempt to access beyond end of device
[  104.788296][ T2777] loop1: rw=0, want=48, limit=16
[  104.928245][  T802] usb 4-1: Using ep0 maxpacket: 32
[  105.267567][  T802] usb 4-1: unable to get BOS descriptor or descriptor too short
[  105.342672][  T767] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  105.350170][  T767] FAT-fs (loop2): Filesystem has been set read-only
[  105.356709][  T767] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  105.377306][  T802] usb 4-1: unable to read config index 0 descriptor/start: -71
[  105.384688][  T802] usb 4-1: can't read configurations, error -71
[  105.418152][ T2692] raw-gadget gadget: fail, usb_ep_enable returned -22
[  105.533415][ T2792] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.540500][ T2792] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.548117][ T2792] device bridge_slave_0 entered promiscuous mode
[  105.554963][ T2792] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.561839][ T2792] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.569185][ T2792] device bridge_slave_1 entered promiscuous mode
[  105.632596][ T2792] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.639465][ T2792] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.646577][ T2792] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.653352][ T2792] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.688773][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.701071][  T124] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.708971][  T124] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.731283][ T1042] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /root/syzkaller.SPsZtm/79/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  105.750024][ T2363] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  105.773279][ T2363] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  105.782635][ T2363] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  105.784867][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.800432][  T124] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.807442][  T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.816618][  T830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  105.829623][  T830] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.836457][  T830] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.861613][  T830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  105.908725][  T830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  105.922889][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  105.949279][   T23] audit: type=1400 audit(1719796702.450:381): avc:  denied  { mount } for  pid=2818 comm="syz.1.670" name="/" dev="ramfs" ino=28206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  105.950698][  T556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  105.978970][ T2363] cdc_ncm 1-1:1.0: setting tx_max = 184
[  106.012664][ T2363] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM, 42:42:42:42:42:42
[  106.115984][ T2824] overlayfs: missing 'lowerdir'
[  106.338099][ T2363] usb 1-1: USB disconnect, device number 16
[  106.344050][ T2363] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM
[  106.375275][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.406735][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.415861][  T373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.445849][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.457348][  T680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.494783][    T9] device bridge_slave_1 left promiscuous mode
[  106.501112][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.513834][    T9] device bridge_slave_0 left promiscuous mode
[  106.520470][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.790694][   T23] audit: type=1400 audit(1719796703.290:382): avc:  denied  { unmount } for  pid=1158 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  106.853700][   T23] audit: type=1400 audit(1719796703.330:383): avc:  denied  { create } for  pid=2830 comm="syz.1.674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  106.886360][ T2823] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.893713][ T2823] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.902282][ T2823] device bridge_slave_0 entered promiscuous mode
[  106.910407][ T2823] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.920834][ T2823] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.950152][ T2823] device bridge_slave_1 entered promiscuous mode
[  107.328234][ T2823] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.335118][ T2823] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.342259][ T2823] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.349106][ T2823] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.401512][  T680] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.419321][  T680] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.466776][    T9] ==================================================================
[  107.474671][    T9] BUG: KASAN: null-ptr-deref in tcf_idrinfo_destroy+0xe2/0x280
[  107.482045][    T9] Read of size 4 at addr 0000000000000010 by task kworker/u4:1/9
[  107.489583][    T9] 
[  107.491760][    T9] CPU: 0 PID: 9 Comm: kworker/u4:1 Not tainted 5.4.276-syzkaller-00020-g4275fce9fe94 #0
[  107.501303][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  107.511205][    T9] Workqueue: netns cleanup_net
[  107.515797][    T9] Call Trace:
[  107.518942][    T9]  dump_stack+0x1d8/0x241
[  107.523105][    T9]  ? panic+0x89d/0x89d
[  107.527001][    T9]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  107.532685][    T9]  ? idr_get_next_ul+0x32a/0x3f0
[  107.537421][    T9]  ? wake_up_q+0xa8/0xf0
[  107.541496][    T9]  ? tcf_idrinfo_destroy+0xe2/0x280
[  107.546527][    T9]  __kasan_report+0xe9/0x120
[  107.550960][    T9]  ? tcf_idrinfo_destroy+0xe2/0x280
[  107.555989][    T9]  kasan_report+0x30/0x60
[  107.560155][    T9]  check_memory_region+0x272/0x280
[  107.565101][    T9]  tcf_idrinfo_destroy+0xe2/0x280
[  107.569965][    T9]  ? tcf_idr_check_alloc+0x370/0x370
[  107.575084][    T9]  ? netdev_refcnt_read+0x1c0/0x1c0
[  107.580120][    T9]  ? mirred_exit_net+0xef/0x140
[  107.584801][    T9]  gact_exit_net+0xd7/0x140
[  107.589146][    T9]  ? gact_init_net+0x1c0/0x1c0
[  107.593744][    T9]  cleanup_net+0x6e2/0xc90
[  107.598004][    T9]  ? ops_init+0x4a0/0x4a0
[  107.602164][    T9]  ? read_word_at_a_time+0xe/0x20
[  107.607022][    T9]  ? strscpy+0x89/0x220
[  107.611018][    T9]  process_one_work+0x765/0xd20
[  107.615709][    T9]  worker_thread+0xaef/0x1470
[  107.620225][    T9]  kthread+0x2da/0x360
[  107.624120][    T9]  ? worker_clr_flags+0x170/0x170
[  107.628978][    T9]  ? kthread_blkcg+0xd0/0xd0
[  107.633407][    T9]  ret_from_fork+0x1f/0x30
[  107.637660][    T9] ==================================================================
[  107.645550][    T9] Disabling lock debugging due to kernel taint
[  107.716522][    T9] kasan: CONFIG_KASAN_INLINE enabled
[  107.722210][    T9] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  107.730427][    T9] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  107.737178][    T9] CPU: 0 PID: 9 Comm: kworker/u4:1 Tainted: G    B             5.4.276-syzkaller-00020-g4275fce9fe94 #0
[  107.748095][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  107.758003][    T9] Workqueue: netns cleanup_net
[  107.762596][    T9] RIP: 0010:tcf_idrinfo_destroy+0xe9/0x280
[  107.768239][    T9] Code: ee e8 9b 9b b6 00 48 85 c0 0f 84 54 01 00 00 49 89 c6 48 8d 58 20 48 89 df be 04 00 00 00 e8 6e 55 00 fe 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 f5 00 00 00 8b 1b 31 ff 89 de e8 bf 9f
[  107.787678][    T9] RSP: 0018:ffff8881f5dd7b60 EFLAGS: 00010202
[  107.793575][    T9] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffff8881f5dcbf00
[  107.801386][    T9] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff
[  107.809201][    T9] RBP: ffff8881f5dd7c30 R08: ffffffff813ae585 R09: 0000000000000003
[  107.817017][    T9] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103ebbaf78
[  107.824826][    T9] R13: ffff8881f5dd7bc0 R14: fffffffffffffff0 R15: dffffc0000000000
[  107.832641][    T9] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  107.841398][    T9] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  107.847823][    T9] CR2: 0000001b2c514ff8 CR3: 00000001ed4ee000 CR4: 00000000003406b0
[  107.855635][    T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  107.863443][    T9] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  107.871252][    T9] Call Trace:
[  107.874388][    T9]  ? __die+0xb4/0x100
[  107.878203][    T9]  ? die+0x26/0x50
[  107.881761][    T9]  ? do_general_protection+0x266/0x3c0
[  107.887064][    T9]  ? ___preempt_schedule+0x16/0x20
[  107.892008][    T9]  ? do_trap+0x340/0x340
[  107.896082][    T9]  ? check_panic_on_warn+0x5e/0xa0
[  107.901029][    T9]  ? tcf_idrinfo_destroy+0xe2/0x280
[  107.906068][    T9]  ? general_protection+0x28/0x30
[  107.910931][    T9]  ? check_panic_on_warn+0x55/0xa0
[  107.915870][    T9]  ? tcf_idrinfo_destroy+0xe9/0x280
[  107.920908][    T9]  ? tcf_idr_check_alloc+0x370/0x370
[  107.926028][    T9]  ? netdev_refcnt_read+0x1c0/0x1c0
[  107.931060][    T9]  ? mirred_exit_net+0xef/0x140
[  107.935751][    T9]  gact_exit_net+0xd7/0x140
[  107.940090][    T9]  ? gact_init_net+0x1c0/0x1c0
[  107.944689][    T9]  cleanup_net+0x6e2/0xc90
[  107.948940][    T9]  ? ops_init+0x4a0/0x4a0
[  107.953105][    T9]  ? read_word_at_a_time+0xe/0x20
[  107.957964][    T9]  ? strscpy+0x89/0x220
[  107.961955][    T9]  process_one_work+0x765/0xd20
[  107.966639][    T9]  worker_thread+0xaef/0x1470
[  107.971154][    T9]  kthread+0x2da/0x360
[  107.975056][    T9]  ? worker_clr_flags+0x170/0x170
[  107.979916][    T9]  ? kthread_blkcg+0xd0/0xd0
[  107.984342][    T9]  ret_from_fork+0x1f/0x30
[  107.988591][    T9] Modules linked in:
[  107.993255][    T9] ---[ end trace 5b1042560ab606cf ]---
[  107.999921][    T9] RIP: 0010:tcf_idrinfo_destroy+0xe9/0x280
[  108.005571][    T9] Code: ee e8 9b 9b b6 00 48 85 c0 0f 84 54 01 00 00 49 89 c6 48 8d 58 20 48 89 df be 04 00 00 00 e8 6e 55 00 fe 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 f5 00 00 00 8b 1b 31 ff 89 de e8 bf 9f
[  108.025304][    T9] RSP: 0018:ffff8881f5dd7b60 EFLAGS: 00010202
[  108.031215][    T9] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffff8881f5dcbf00
[  108.039019][    T9] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff
[  108.046798][    T9] RBP: ffff8881f5dd7c30 R08: ffffffff813ae585 R09: 0000000000000003
[  108.054638][    T9] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103ebbaf78
[  108.062434][    T9] R13: ffff8881f5dd7bc0 R14: fffffffffffffff0 R15: dffffc0000000000
[  108.070442][    T9] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  108.079195][    T9] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  108.085587][    T9] CR2: 0000001b2c514ff8 CR3: 00000001ee1a8000 CR4: 00000000003406b0
[  108.093481][    T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  108.101243][    T9] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  108.109041][    T9] Kernel panic - not syncing: Fatal exception
[  108.115190][    T9] Kernel Offset: disabled
[  108.119318][    T9] Rebooting in 86400 seconds..