last executing test programs:

12.446388006s ago: executing program 0 (id=781):
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800400, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
ptrace$setregset(0x4205, r0, 0x201, &(0x7f0000000040)={&(0x7f0000000b40)="f1c9f34786f4c9ed40df6e851d10c74a2ca7208960282512cb99b146c261d35686979ca3aa2151a24e5c5480e16f019312e1dfa56adae1466882ac3d1a25a767b773651528bc1442cf5159887550fe8e0552eb7d45530341c10f47eb3c6df9d00372bf5bb7d474ea4c81d40de5dddf187d78b54da7af185b2457b5ba59f395b63ab17bce22a062997e68175e09fc86e29e6ab770ce3ae5134f46fb22b6f6b66ac5ce2be63aab6fa97b", 0xa9})
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x101040)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083, 0x715cb}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)

8.749986062s ago: executing program 0 (id=784):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x2d41, 0x0)
flock(r0, 0x5)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
flock(r1, 0x1)
flock(r1, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

8.481657504s ago: executing program 3 (id=787):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r4, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), 0x0}, 0x20)
recvmsg$unix(r2, &(0x7f00000004c0)={&(0x7f0000000180), 0x6e, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000280)='>', 0x1}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000140)=r0, 0x1)

8.389052784s ago: executing program 0 (id=790):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x282, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000600"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsmount(r4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x1b, 0x0, 0xa)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000640)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYRES32=r4], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)

8.153458135s ago: executing program 3 (id=792):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffece)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
sched_rr_get_interval(0x0, &(0x7f0000000080))
syz_emit_ethernet(0x126, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaa2aaaa0086dd6000000000f03a00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0x0)

6.114181473s ago: executing program 3 (id=799):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x4001, 0x4)

6.068496364s ago: executing program 0 (id=801):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000d00)={0x84, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f00000004c0)={0x0, 0x16, 0x6, "ca7e68b24ec2"}, 0x0, 0x0})

5.827127855s ago: executing program 3 (id=804):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
personality(0x400000b)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000480)=""/74, 0x49)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x448, &(0x7f0000000cc0)=ANY=[])

4.885978719s ago: executing program 4 (id=806):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = io_uring_setup(0x41b9, &(0x7f0000000340)={0x0, 0x838c, 0x80, 0x2, 0x232})
ftruncate(r0, 0x0)
io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000480), 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)

3.665589104s ago: executing program 4 (id=813):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x1, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'geneve0\x00', 0x8000})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})

2.973550357s ago: executing program 4 (id=817):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})

2.19364982s ago: executing program 0 (id=819):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20000, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004081}, 0x4000080)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
futex(&(0x7f0000002500)=0x1, 0x6, 0x0, &(0x7f0000002540)={0x0, 0x989680}, 0x0, 0x0)
read$FUSE(r0, &(0x7f000000e400)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0xa68d7c519ec00fe1, 0x0, 0x0, 0x1d45}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
close(r0)

1.883619732s ago: executing program 4 (id=820):
socket$pptp(0x18, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
getpid()
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x8001000000000000, &(0x7f0000000540)=ANY=[], 0x48)
sendmsg$IPSET_CMD_LIST(r0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000d80)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x0, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8, 0x15f}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x4, 0x1, 0x4}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x33}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0xffffff00, 0xe, 0x4, {@empty, {[0x0, 0x0, 0x0, 0xff, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x3, 0xf, 0x8000, 0x0, 0x0, 0x40, 'vlan0\x00', 'vcan0\x00', {}, {0xff}, 0x0, 0x87}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@multicast, @remote, @local, 0x8, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @local, @dev={0xac, 0x14, 0x14, 0x10}, 0x8, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

1.593738223s ago: executing program 3 (id=823):
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
close(r0)
socket$inet(0x2, 0x2, 0x1)
recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}, 0xb93a}], 0x1, 0x1, 0x0)

1.590736753s ago: executing program 0 (id=825):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000040341a020800000000000109022400010000000009040000020300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)

1.331868034s ago: executing program 3 (id=826):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, ')'}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\r'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="200119"], 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000800)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x20, 0x1, 0x5, "6112a7a989"}, 0x0})

935.429006ms ago: executing program 4 (id=827):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c40)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

857.687406ms ago: executing program 4 (id=828):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0)

782.454436ms ago: executing program 2 (id=829):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x90, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000006300)="c4acef607b9ddcfd235a03c6db2c1419c3332fd94e60bb741ab4a8750cdb46d41965ca8c176409eae88e4d142adc35d20aeb6cee87b470c46a623ffd2c7b92b7b2026c8a2d3a08f7c376bba66ea2fd6bd26a5903aab1fd5f08c5c80a017bd0a1f16e11ed288e1f71fd8f904cd60c2bad8ba59003a9216f171640535484f6706eda84c4a11c63565004ac33cb6040901b5f14b2406a1ddc7ca78fa91f3d575ec92c1c73d56c7d02de887a84a9b88c9b70f0bf2141e1f624e8222a9a63ba199362c8bff33780e6c79435460ada699e037ee7894aeecf7d3b089fa428a18edfe239134a244f69ecda10834e06e1466d95effc76211b61514522c429e80691780744f5e470e417559879fd7c7cdbde84361bb2491dc53a481b3bb5c071926f0c57af8745b52e6b07b053daad9e52a29869f3bee8c9ff43b2e9c20a26035ac89169b7058ee967b44365648f510555c701188079c745776f55748c32867df6e4e78890a32f126197f55113ce4e8c5397224ab6fb9124bdb0050fdb92a42237292668a7aa615216e39f78210b2774f0849a79fd446bdf2ec38d7c61e5384ca5ca6c040522d42102515d86c7743a8f384bf18efffb69d0ad0abb7c48fc8f770152226d05363ea26a7aabb3450905bf28dbc5fadbebe2ea45a4d82e2bcc574bcfd3e3164ee9ce2eb86cf356bd2822699a21dde91d2117e3647d926db9c7bece2484bd81a972c293226a1cbe15f233822fdfd042d6b6515b49f9f1d585b1f0fb596e50eea60ea3f4cc8808b576a1de2c7111df3cef7b090e5b5db7f616d5bc83428b4f55f97e87e43b3360c5099455193584fd94568890e87224bfc9b117d0172d85a176dd2c6828c0144b5398e7354d5923f8014bc3d30860c153696cc776c3982fdef7641bc61d3b21baf0f76adfb94d135ff87393174fd9ca5363e2834a24a06c16522bffb0f60d69cc8440d8a0dfbb47c7d8d6707cd7cbb34fbc8f8d3c4490b31b92806e0d56f83b2a2c7ad88ddb4d0e7dcff8aac6414b8be9c2c9855d5a441f4b34d55fb08306a8fa2832d70023ab0f63ff75629c0e98d64870fd4cd242a6f27fa6163994ec50e18071f5344c6786b01f2d7268930375188e04e0408c973d4872330b96aa88db2fc1860accbccb65f771ced5305891c44ac410541ac980ba50f419503aa058774737c77965db9ec9af213e516fa0a2468d788289337c5babad8c418a3af875ffc8bc39c62e94acf6b1bcbd28274a2e62092f87095958c8bc657ba788907902746872a6441966c9663198d1b54ce5c660ed0b7cfa1d6d3a81de7d16fd017d7f041c30b7f334889feca18596cbf344286563dd59b7c65697c4a3cf587c0682de6fc105628bdd1990dcb3fed18e1192ca07fe4a05be1efbc4057476257a59fcdd24eb040acef0f94ededf984978413ede4793255c0e6b24a5ee1713692149849e60f65c10e437db0a8e97807ea27f0a42f60b5ec86e85ab4eb9a81e2463b00afe7d20cbd30ee600b57202434e1fed80ef2cb45eec5362178b9e490dc0b8a45e10feb8a08138778364a2983a113b671e04d60ab4f18f383300228631cab01302c20c624c8e74bdb6ac3a7cf062f8db96416ff19e42ebb72aed1b46a063cbcb1b16b76abfa628e885cad99ca26b23929ed4602b5e897b019da855b58691503d3021f9c1b314105037a2be7e73d49f8ee9f0a3c3e6e2cec44cb6258d1862c3341b053db1b67640ec14afbbbca41b1b500ee3a0c22a712a02a1b2bfbaaa62ed542fceecc1ee426f9ed748d8656ceab891a9d5a8784ee78e18159abaf531c44829374b4814176534af4adfedb5efead99e214f52b0b2eb9e217c6bbda92a01edb0d5037e2038d8a0fb61f95c377817cf2af1568a66e395596c4045d4be3619adcf70879827dd90c45386c39b0248832254b2f7e646289ecd0aba2a56213e504bcf536ee6567baa25db9fbab142b4a333441778db9b672ccf0154f3f5adaffbf9a36472713077a90fa7828fe58c157593235de0617b7a13c0f269401bceb6f3a5c3eb151c97f3d8ef579f665777f4d801f0df77ae72433c488dabe2504ac0fd0e9703e9b960fcac1063704268e24a40890d627e0f6c38c0cf99b4d11436642dab9452834b13686e8b90cc07e4588c60aed21b90bcf73de85fddd85926557c6aec3510adf2d82f411b16b8013c408cfcb88d519daf256dce2c8a460e82bd0e6bf05c7d901157123dc9b8b1581fbb7bb8127f7adc01c926f6f79bbf666dd35df271cb0816418e71b18653bb1f246d07af5becaeb81abd83ebfce8f874daaf6b6acca7f313ed43570dd6a81548c2d7a0e1cf56124a7a441fe92fd12a5963cf6718543d429499a76f7613cfb7c7f638fbcee879929126cf1cca0c263320d8f34dcd1af2345b9801fcb38b44570bd855dff15ac3c7c11fd18982102258c1ec8941a4eb04b2ecdafa01b8f9fe39e65e40adb8d9a5d972da57a3e7643a518b890845160ca42419e8ce1261a855638e6db7a188c04a68b2afaa9de470283922bd6beadc9ddff314516f0c4e39977f97d79a291bf9d626b471d8bbfe0668cdde8f54a24f31d3928e4e659caebb403902cb27d829bbff401e533bc93d406b6a7113c91d680d424d679df00b9694cfe497cbdabd16841aa1b08e9076ffca9bed761455324fd89338f6cc3223b79a46c8e52aca9a4408edf745c3a02ff52e5314d2f2ecd88d91a45a906bb21dbfe490ca8691dce636424694cdfb7c3cc9e354148b852c52a99d59012bb80360e11d92e9ce2220776f21cce91ba2c1a0c9bd456fad2c17a62bc1ae32ae189b7baf5eafdd0903a02d74e8027c8e884127d0b94ef12e940e3ca65b3d174ba25201b28fe6ca36189e7ed93a6985859463e2d35411957e5c24aa474bac60844aa2828c3c0f8e9199b143ebcd7d56a28794ab54dce479cfe2989838b3fcbfdf146e85cc6176ab35c0da942b5d9351a2fb87266b4870124e38305583bd0e838b31bcaa54ce0c724fc99f2acc3b28d2095fdbd96b736d290bed4745a94b94c89489bed29116839d2ab6a152eadd2a30e71c3a014f41e1554ba238358ba1867e089dd6def8aee0ac338e6da5eb0d0c815c5991a9155ba3f73859eecf57024b5dd65c6d2ec31c9e7339f98ddbad954b121be83cef5cca1606c47e8e8a431615e0d75eface7772d28e3185cdf87581d3f8adf33784aa80880940d86ab881b22b971535f7b83a9f7015e86790dc2520eecf3d1abf1c0dd8c207a22a656b98cb6ec51d8791166d18ab1d6ed43c16050b136d7f55d42492af94d07b1adb562ef07f6a309d884ca55316cbd810905171dd8c6f9a36b855e907b302343d06f0a0d081ad3a710ee9cfc1abfe8005dab815cd26c13236cfa01a7c072e30bab37cc7ab2f3d23796c2a1202f30500a516633e8072483a6d44bdd8fae4622c7e58f083bd70b97f4db8e9bd907be321737b61f18ae1a4d14366131e641851bffdabd5b22e5b731f4c65283ee5403bc31317045372a4fbec67d26df95e0a14888f2bdcb440cd42de4e0bf389a393fc318e18d393310d5aa3778df0fdca87a5801e5e5b891adb64646011f7693b4b0e9b1cbfa1fbc847f9939271c19b8fb4fc9b15b9397a7e221987417ba13a9fc2902ac3a1d58d65b58968df285ad3b3875949857a67d7b33dc1861bd18383428c9ed41c474f3f316c0df272c55806f4454460e64c37adaff5d712ec376ae5d0d1e91bd3bbdf2a0a5507429d53e13de0562a5ba4b02103c12dab0bd4b85bdd290b98c7e1fd9f494501d2c4b824c007f67bc2e8993d4f163b40515da8f2111f4fa519230713844d170f12b4077324312da2ca1c51c8fe1fff0d6dd68eeebae22ad6681a5f277711db0064d3fa25d09cac0e4b280b58c150e73b3885ab3964837cfc34cb29e215bade71b45e19505b356bf8de9f69c4a3741ab016f77a55869edd76bb33edc34a68959c37bdf60926530d3284688aeb17a347251d5501c034dd3902eef528f167cfc5913d02c430d76b50a6860eb84ee5eca2458ce862ad9fcda642b8df177defe8abacebb4bda07c040b4ccd773fd5c9026ac98243ea2a00f8760a2dacf1c371589b7e32f2d2094543a7d87414813f54ab98cf738ed3b3c1f9e9fdc4fe97bab52d172fad00dff94b0b72fa87b2a3372c8fc9af326f4d05ca131dc254d378eaaf2da3aada8815fedc18d252d95629f7b455cfc54983c2f042e5dd2c22d0f70addcc45c03fa3a52e0937e9590722cedcef23401824dd3f2537d28fb10ff13f6e9641c23075a5ca68125e67df28b3231a65d32a97f00117020debb14e19511acbb52e56be81595d8e74eab72e36b8dfc37678c309bb84221e480c9348f6977f8e3f8a47421184276eba93e84e8b7e2105a5a89c08708c0eb8ba7bfe4dd715278be217fafde8047652ab69544bc2d63d72060ac40f104bc5b509b7501ae7ea36e0d19149645d15b5abc68fad73a542662b3df07ab506746d7343e405370238b657cdb960223752b62e86758143474a78ff92696ad8b5c9d2637c8d9810cfa4faf2765efcd7a1a435a60bbf5962223b1fb0975e227abdc7bf80e3adeabc6ead120922beabd707e6d7a42e233c0788c680190e9ffaf0cc145c010c33438121e8206e25342413dddd02ff2c2e4e5299a82e8e85d181148e1e98db886103810230c6a8687de33c4cf7753c333b8d7b6b6b1a18eab53cc395104818709fc11f4995e057d4517828dcb5a9f3baf41ade7101ef40df27c680c8bcbe8bf2368f1d19b46036bf8419516789dc69ee2573ddec41d9ca00fcc710f5635afcf088e0107fb09a87db9ca6fccd0655ec0816ead48371d64e8318b767b95ed6ea89ff919c68cd33cdfa0381b8b7caa545de948b8c46bb879c4470feed0a990056fb2db739225fc768e83d15568d73694e6888da65870e79c4f5e1287f1a8cce359f82c9860e13ff900833dc556d8fd005c38a855ed1efec66b4ba8d1e65db9a999e172101062081354625cea8f1ac0da70d7f2dca34c4204dfdefe456822ae2cd1349f1a2251292ddbb287c5b9ca41c75f45bb4ddd82c277afd37422cc00fe8b7221168b04b6275f8e530757c673b3f515059f8c8421872d07a156a9d061bdbe0c549a52acfb0708682a2573c259225d0e95a16b8d13dcec60ae91c09537e8bea549f748d2e060d8ef856bb496a53f1cee7a7b716c95e7310ff9fa56180f0259df99b5fe06c030015d9cb5bc9ece0cd907d724e1d1a89d3d875970bf144c58260c0dde163a26d4769b33f6de7f181ecabc050797a105fd1ce73ac4d26a153297305b8a3c150beee4b563f468694cf3895c44df56fc8753e3c8182e8e3c9da0314eac9c288978847b92015ddc5711c09210e1f5a684b7f1f149fb0fe8471c30f8a35a58ffc6e2fb797acf9c686fbb8d1ee8d6dac14de44c22a3cdda239235c24ff23de17228aeb354939a80e4a1397b316da5e18f077cc7b8497df214290c33c4b8593db1ab1638698059f29477a091b070f139b3fd2fe3ff55803b6e65abe6dae32eddb18e898e63743ed256801c8bbbf26e21bdff9491ef743341a5159b36b616ea9c700aca9b6486278c7811729e3df91147ad0e25c44e03c9f4b2385aa6cbfc70d8f68d17ac0925d8fe8737b212f708633bacda57b3848667a4f624a4c7edd33a060f82aabe6ac6a19a81a2cf6403189f08d2632260d72630da6ffe46ab9c19456e95e3cfc423940023ba0ad6f1fe2a8755509441e248b291e02e85f7173054ec6597cc712e80751b4078bf8db1177130f0b170be8f3ac79d579e012caed707156f3ba28ddd5ca5d18320fc9f361e88aa93de9127752ea04c7c77425ad30522dfb5f1f10f802c1a9668812ee9e6b4acab25e10dfd2b18387e9f6ac725cd72f5100b6c15265dcfa1dd45f538b76346209e6cab4441013e36e861ae677e980ddd08e9366426f410428b9b0828c9805bcbb667209191e79305ecc15ce9cf30aa829373e4a8152e2c68294dc71b6ab7b551addc661a5a040ca7b79993cf1060c8410fac1e9d3b209319f22c4bab53b1a6585ebb72a579dbce64b107b280b529439cde9d1fa29333ce63dbfd693e0b2fb3633e37304e70fd5b8d04bf47f6630cfdfbf8ad9f7778c88d7ca9705f4694b1d3355c8406adc99e15bb39fdaa8df214e1730b6d05bd5f93349ecbf5b0db04a5fb1bd66c5bc30671a564d46fbfceacc074bb14c31d471593172ffe28c39912ece3f718864ab9e300ca172a7ebfad6fe28a0ef5aafcd3f966a5d7d4d6ff164434b649cfe149505159018d8c00e82afaf7657402109549f7a5a4c8c7dd02d7d2b005a3be97f0a32bdf3d8e449fb4146c9e38a509781246d9fb67ed087148fd8b8fa1abcc5771148c0483aca397b36302459ae43f6f5aff98bd784b8a1e19a05acc632672bdabb32f2aa4d66ba731d6e219d880f4ceb63d30ee61e5e13919352ee32254d48bab3566e13788689e35c3e4c71c244c34b457fa8a23248b9be6fa195a055137a587e73afd4ee521af95040e72851d3b6c06a15c3464c755cba079f1f53d807bedd0382e36c975793bf3f78690cf408a7c502b872a05a5988e6a96b0aaeb0c0075576f295e55a9002caecab04331d06cb042cbe87375e557933e3d5e8763baffb71bab63343e432f62e82bc51b4bcbb8fb93c72dbe0ee310bd0d776109700007d0a1bcbf1655e1354f2f5dbae7d2d569b099003347f9c3f6c5ceadfb113ae3daea860f61e233e68c63386ecafe74c1a7386c97725bb650f298c06ad648662940daa3abf0c6f460bd2875984858a97c1fa921d2a73f6d207163cffb573dd59ef815605824d3e44eb74e22e865c975b5d8b923b063934960d62fa9907baa28c9f0a24f1e5bf731eabe1f6b076ae19b150d5632b307de0741116d5af8c5b4dae3c8ae01808d1a9925cf185c55a335820c1d8b80736bec9a9562d269ff273a040d77babad128d2b71a64d084dd93be96e3b99ffcc037a6db0f296f63438c83789e54635e0c69fe3ebfd3022130523ffa6f2805747b4e97c2fa38e04decd1b037123814be9a38d322d342d07baa37d5b484c32517b74fc636441a08d8424aaeeefb6bb47a8c010d6f1442a6632e808520308ec7ce7f7607ba18cd8b897ca3814834b2f088cde073d93261dac3bb624bcc6839d6249b51a58fcc4db00058484e0c5814004c5da1d4cda1c025883c999fd2ef171a5c3a438cc0fccff03bae681775421d49ddbfb4f74ffcf88992abd6168e58295b91e7cbd442bbf8d7cfb5d3ce080dc2b90961edbca462e843343d129e45cfa28eeb426eeef08a5ee84d7b48c59a6687b8c0f7549375033398a65eb6336e40423c12a55b5bf732a65bcaae27a91fde89318727cd769c0cbece6371b611a0b40a6b14aa40ceb5848b738c13258fb0765cf83d92a2081d3c363cd7d48da0f0b19e884045c44e78bb61bd673c4522e1c50a2a944115a57f4670b8c388858c7f4babae8052ff86f2b6b780e3b1b5e4302fe7aa7321b3a45ae98ba5a74e87ef4cf13046c7b67bff56f9ff6f4224c4d24bd438eb92e3a1a786c50b6d1dbb302b237618ad008fa5aba8c4778ec3735dc483adc99d19ce1c87634d5ff86f06acece91c7a79e1400b6b483285c8e478f43c3fdf22ccf792aec034ffd47e60080e7d4a27b6e48bb0a15aed15d6b84e9b6af83d4de502d70026533db7c881d0b344ce7b732fbb69348aadf44b22dd3921f8eefd5ef2914a7eac8d36b5420163258fc2be1d34bbf49ef5c4c7ad6a09c7292690f569621bfba1c4d9e484acd7d92f58b79bde01dd6ba98f4cad801e902bff0e81ae787c595969187b58ed9bf68b0aeaec069b64f6facbf7f0a4a8a5d3fc401c0e1ac3bef9bafa512e36d5c8d8b135f1a05368255c15b1c976ae93c9c99288fecf018505eed0f089aec2a9ca7b198a0a89671f095092d2a9e7fb90dde3bf586a2f168f2a8329118d04bffb6adabd53f87df50275981c9fd5d69020c8e9750287e5119c1cf347d1c3e4adba1d598446b4c0a479a5475859383e8c82bfe4c6b8560ad55e27f3323d857efcad4b5ee4d83b4dd74458414d2a9ce74ffda8042038caba0098bcfd6b2e2bda9afcc4c5890f38773726aa94791642ff492f8d11c736f397c080d63e2dd24baa37aff0ae46d9c77c5097f84d6e5a90c554436cfa5311e4f31e2386c2c4b04cf44fd118b4eee2326cd1f0a48efeb4c51fbe0f395694b2b40aca9fccfc1eb84283fd53671955b251bcc2253ed3a3fbb906b2b25944fbe6c5b226b05052fec7c9e6b2d4c0a1ae1029ff70900d4634954f025a345731a76ebcfc4e61499d91b888292e6c59a16c34e4d96ac23dbad628988fcb777c4e9c6348389decbce8c9c03420c01bd670280ce1d4d641d2d4b9c3c11ade9d196f8e49290094ed55382b09f0cf0397ffcd9006e38980ee0b3882e7d93e33643c1ed2429cbefba0e1720f69a20024aff6070acd25a3d68b129e3d7699641d20c5b93e8d4b784669e3a22727d687ff1dadfd19c5b44dcf776561eecf2d28c01e683f49b1c204ba45aadf5d84bdde7d2cd53dad97d060664ddefff75f5e413f72be41d6e7c13fcbc481eefdab31fbc500109c8c24756227ff5bb18b148d0a31576d2e427c43472624312a7568d5ad9b5f9a2274549e5180288dbc0c7e046766c174fca0aca1d867fce966bf4d1097efe62ae23c925ac387b368345999a92cd1d44055e178430fad19cbf8b53756df5584503d848e13ab90c338c2aa8346e2b499e5790926cbe359dc30a3d5336293c4990832e998c2901fae3df81ad4f1ec6fd17baf25fa25fa08bb71345a1fec99299e4ee962dab091c16138fe01d5403230fd896b0992a2474fe38e5a7ff15b372e2a7a4a0ff34defe1fba14bfb6f56630aaef274b57fd0999bf77aa79f743e29c60b7d5d1774ffa9591286f809ea6c0dcc1520f5766851e0f9233b4a2e1329e93e043837510f5ef85676590b0540aa7b2b5211d7d38fbc45e2fe3d7993c6bec4ba2205a40819f8a3ef2e71af85162e39f0f859ed446947bc8516eb527c496244488f8663dee31973d91c7be81b746cde97294cbf94e09d155354af76ecac1d968038ed961843350524dbfd6ff46e4e0991aed94c144a403a5be126279a6469f9b7854b839933163c83672275491445ccc81bcabf91a6851101593bdfa0930e1058c972e7e41ad390cc4666575ce29fa80095eceb4cbb035e7e7e5a02be4606004e176db167fb67889912b8381e311c39d4378a088328f3e2cd4733dc55fc2e5a0afa7c928b98f95187a7200d8f78a2619df22a4f9fb433fb4a3a848651abfa90adc22c3bc29c1c386c0bc168c0c7873719f3cd76c49c77a5624a288022ebc89998c94f3bad87cd8bcd58502c38b0ff7ed312614f65ca1ea2f999fdcf2432e49b56c635f78514d9be0a5416e2b1ca8aa1b6f6c15d4ba022e5486afb79935d7021eea7b5d8e41a52b514af162a8b79a65efded6720126b9a5b3965f672d8da1bd9692bc14da0b29bc052e9ad22a59edbd0cb3c71fc304b0b8e296cdde1b259ac35a2e30e0741ec6a1cc4699d956959cfdfe4a91f6460271a70ba883f1b8eb3c1f52c60c361696056a411b74104960528caaa338066d823eec164c9c69d7b80c4d0c2ec7a739155c913810b3f5eb147e89e3b8699a29ca192f20cf8db8a1d7c01cbffdceb9d1a5045f55c8328966b91ee2b8e373d35ce74d35c1bea66316a2c0ea561844dcd6a027c6991038623ef894ed3489b4e04ab7e116973380fff9066eac58a406f78c4656367b57081f7b99030b0b087cbac6fd705d2d135ae4505ebb3c8b5ff3e226c9aa8896ba16600ba3dc89b73f07f9968a05045b34218a9f14a3e507103916f3a0b1f8989ab057b8907041cc1c31905b6e87f10e74e4c196c17e31450419040df59bee49aa554f9661f38435effa292f7ef01cd6173e08a3186f04018c23f37b7953c3f5ca7f83389ccbd539405ace7abb99aa29537eedb79000ee04fe5b72999ee606238874f0fa1b14d8cfc9d9c0c1a1666ca7ccceaefe1cf583157ae6e7dbd70425f487340386cbd141261ecc838482daec473b685e6ec71a23c42fbe89521360d6c6ed42284627655d2eceb9cd0f65df549b0c4efec101dd359ddb53dc99d94df991093459f7842c878b7b49fff2cf850bd924a06d3a3a420ee82dcb39e487c0f61de92ae6f0c8d12cdcc7365f2bee4300ac3842188ec82c76164c33c1d11362c1d9e136e516ae0b91172e252f73958be0913777a29be7da26ae2f7ba9e2a80a67974fe30fde3f6b9aa0b21aedbe0f23f074f962ee846d64116eb14d886ad4aa4166c779e6bf3e7d5ee3d7ff2519351f07595531ac10da596268f65434d9a4779fd8c326a847a44d0ca1cb1d1e764a56c99df167901695de6f07ffa94edf874233b340a524449b19f4cda7712cea4c7e0fcd7879edeec3ea24073354e31989ed1c08bb4bb1bec053c4c6fd352b0c91007623635619e05375728bf575f2e26bf617644f0239123f8ac1ed06767ca7b3096ec91ec1d530b7a0ec855a341ba4f72fdbd40cae0727581dfaf25b00282131bc82b5c44d4089b0b3274520a40c0053b5dd10e59a811023b660ffcb2d7e79b32af9f55ae030eb845a64361d25b175cacb07389957f23c9ff3e52e2bea41a75305377af233336d9a7bf7f9939441b76898b9aa8a596e9261f71c5176aae31270d80576885119fa6324856f1ceef3c6cb2db8a10aadea3c801c267e9987afa360958514bc85bc69c6d59211bbcf2b1312399f74f340fdf10a19145f0129d9cccfa4194bf148493db3a01b81f19aeca63e1074d94cfbb289ba9823646201ce9eb234167086a90241bfaf57c3216fcfcaf39824ff97545135f42c443b65b6369349d89de333fd015507c3a03cd3ee5253abd8fef6fe2248a002f9c70a51ddb89e7fe476163c6b1cce417be229b0e5533b81088370f7ec9468ee0de1f6feedb371dfa850ea5fe35c83ee58533c52a7c758c7adbb0329b3d7b4180be6df7f1d1881fad5a52cd807922d7eaddb13fa65cec8684a2321a4d923fc3fc657bf2ff3c02ffa6845f2eda3e736bed70e6984387cf77531b2e6ac6d67c706f43bb3944b618851abbff019ad48d116a7ca56fa436a58adc82dd5f8cc63fcd56076442ca88e3b3702ad99d6e2c46a561b87c5ac8a94ad77100be0c5d80887ba1283f38017b421c6456ac90bf90c8ce31d011ab997db7215520dda972ff1a78fcc5122e140e51a20bd361566276ae614643344e5b395bed67d8bde8957429c6ffb9147ad00d99ed2baa6766feb100c8b2601fa5f34f6428b9cec3262ee29dd220642df5fdcf2e43cf72ce7c710cce7de6099d76bf0d01f68f60d9fec99f69c0db0465ab3cf4e7a623676dac5fee48f55059140139bc210b1d5a9b2dae02eea4b799f36142286ff85ebffe76ee562d3af670c78633cf314e4d8792a8c6eb40bed1fd7d99603b22f216e260cc7dd59eb226b2a59d946c02b5458e358470be9e8c4fcd5f6403bebbd5de5421f082b39fd77cd590ad96d5ff7d3f1ac38f244742662726cfe70909d04867c869332ded36bac3f819fe173dd7f", 0x2000, &(0x7f0000000b00)={&(0x7f0000000080)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x28, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000e00)={0x50, 0x0, r1}, 0x50)
unlink(&(0x7f0000000100)='./file0/file0\x00')

618.182307ms ago: executing program 2 (id=830):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

549.642407ms ago: executing program 2 (id=832):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2800}]}, 0x24}}, 0x0)

455.574648ms ago: executing program 2 (id=833):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4018aee2, &(0x7f0000000080)=""/1)

381.569288ms ago: executing program 2 (id=834):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x16800, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000100), 0x0}, 0x20)

380.793118ms ago: executing program 2 (id=835):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000001c0)={0x10, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000dc0)={0x84, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

288.274739ms ago: executing program 1 (id=836):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0xc00)

276.419669ms ago: executing program 1 (id=837):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x14, r1, 0xe701ac47a3d23ecd, 0x0, 0x2}, 0x14}}, 0x0)

221.687919ms ago: executing program 1 (id=838):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000600)=0x3, 0x4)

221.520249ms ago: executing program 1 (id=839):
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x0, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0xfc01, 0x500}}}, {{@arp={@local, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_virt_wifi\x00', 'xfrm0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@broadcast, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@multicast, @empty, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

41.3728ms ago: executing program 1 (id=840):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0})
dup3(r2, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000580)={0x10, 0x0, &(0x7f0000000040)=[@request_death={0x400c6313, 0x0, 0xffffff7f00000000}], 0x0, 0x1000000000000, 0x0})
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r3, 0x851, 0x0)

0s ago: executing program 1 (id=841):
futex(0x0, 0xc, 0x1, 0xfffffffffffffffd, 0x0, 0x0)

kernel console output (not intermixed with test programs):

fs (loop0): Errors on filesystem, clearing orphan list.
[   81.835842][ T1549] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,noblock_validity,usrquota,prjquota,debug_want_extra_isize=0x0000000000000006,jqfmt=vfsold,usrjquota=min_batch_time=0x0000000000000a9f,nodiscard,,errors=continue. Quota mode: writeback.
[   81.862948][   T30] kauditd_printk_skb: 141 callbacks suppressed
[   81.862966][   T30] audit: type=1400 audit(2000000050.830:1280): avc:  denied  { create } for  pid=1547 comm="syz.0.355" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   81.867527][ T1549] EXT4-fs error (device loop0): ext4_add_entry:2486: inode #2: comm syz.0.355: Directory hole found for htree leaf block 0
[   81.918374][   T30] audit: type=1326 audit(2000000050.880:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   81.950429][   T30] audit: type=1326 audit(2000000050.880:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   81.977397][   T30] audit: type=1326 audit(2000000050.890:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.001147][   T30] audit: type=1326 audit(2000000050.890:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.024620][   T30] audit: type=1326 audit(2000000050.890:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.026686][  T940] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   82.049184][   T30] audit: type=1326 audit(2000000050.890:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.082568][   T30] audit: type=1326 audit(2000000050.890:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.106187][   T30] audit: type=1326 audit(2000000050.890:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.129907][   T30] audit: type=1326 audit(2000000050.890:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   82.320971][ T1571] tipc: Invalid UDP bearer configuration
[   82.321043][ T1571] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   82.508820][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.520135][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.530020][  T940] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[   82.560967][  T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.569798][  T940] usb 4-1: config 0 descriptor??
[   82.823958][ T1574] loop0: detected capacity change from 0 to 512
[   82.834269][ T1546] loop3: detected capacity change from 0 to 512
[   82.879340][ T1546] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   82.891261][ T1546] EXT4-fs (loop3): 1 truncate cleaned up
[   82.896857][ T1546] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,debug_want_extra_isize=0x000000000000006c,jqfmt=vfsv0,nombcache,quota,,errors=continue. Quota mode: writeback.
[   82.953020][ T1574] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   82.964422][ T1574] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.041346][ T1585] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   83.248924][  T329] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   83.298741][  T940] usbhid 4-1:0.0: can't add hid device: -71
[   83.304521][  T940] usbhid: probe of 4-1:0.0 failed with error -71
[   83.312094][  T940] usb 4-1: USB disconnect, device number 5
[   83.328669][  T425] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   83.358686][   T20] Bluetooth: hci0: command 0x1001 tx timeout
[   83.364560][ T1472] Bluetooth: hci0: sending frame failed (-49)
[   83.528721][  T329] usb 1-1: Using ep0 maxpacket: 32
[   83.678733][  T329] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.689734][  T329] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.699744][  T329] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   83.708840][  T329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.729351][  T329] usb 1-1: config 0 descriptor??
[   83.743737][  T425] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.754787][  T425] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.764631][  T425] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   83.773512][  T425] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.783044][  T425] usb 3-1: config 0 descriptor??
[   83.787135][  T329] hub 1-1:0.0: USB hub found
[   84.122871][  T329] hub 1-1:0.0: 1 port detected
[   84.304438][ T1589] UDC core: couldn't find an available UDC or it's busy: -16
[   84.312197][ T1589] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   84.595790][  T425] hid (null): bogus close delimiter
[   84.765838][ T1589] UDC core: couldn't find an available UDC or it's busy: -16
[   84.773836][ T1589] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   84.849169][  T425] usb 3-1: language id specifier not provided by device, defaulting to English
[   85.284869][ T1589] loop2: detected capacity change from 0 to 256
[   85.410518][ T1589] exfat: Deprecated parameter 'utf8'
[   85.417043][ T1589] exfat: Deprecated parameter 'utf8'
[   85.469683][ T1589] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[   85.707740][  T320] Bluetooth: hci0: command 0x1009 tx timeout
[   85.722842][ T1589] UDC core: couldn't find an available UDC or it's busy: -16
[   85.730970][ T1589] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   85.778738][  T425] uclogic 0003:256C:006D.0009: failed retrieving Huion firmware version: -71
[   85.790393][ T1620] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   85.790776][  T425] uclogic 0003:256C:006D.0009: failed probing parameters: -71
[   85.804379][  T425] uclogic: probe of 0003:256C:006D.0009 failed with error -71
[   85.812746][  T425] usb 3-1: USB disconnect, device number 5
[   85.988681][  T329] hub 1-1:0.0: hub_ext_port_status failed (err = -32)
[   86.076113][ T1638] tipc: Invalid UDP bearer configuration
[   86.076244][ T1638] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   86.587502][ T1645] loop2: detected capacity change from 0 to 512
[   86.645045][ T1645] EXT4-fs (loop2): Test dummy encryption mode enabled
[   87.518706][   T30] kauditd_printk_skb: 144 callbacks suppressed
[   87.518735][   T30] audit: type=1400 audit(2000000056.460:1434): avc:  denied  { unmount } for  pid=297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   87.579045][  T425] usb 1-1: USB disconnect, device number 5
[   87.628391][ T1645] EXT4-fs error (device loop2): ext4_fill_super:4832: inode #2: comm syz.2.387: casefold flag without casefold feature
[   87.641428][ T1645] EXT4-fs (loop2): get root inode failed
[   87.646899][ T1645] EXT4-fs (loop2): mount failed
[   87.696621][   T30] audit: type=1326 audit(2000000056.660:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1648 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[   87.719774][   T30] audit: type=1326 audit(2000000056.660:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1648 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[   87.742945][   T30] audit: type=1326 audit(2000000056.660:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1648 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[   87.767202][   T30] audit: type=1326 audit(2000000056.660:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1648 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[   87.790412][   T30] audit: type=1326 audit(2000000056.660:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1648 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[   87.839033][   T30] audit: type=1326 audit(2000000056.800:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1650 comm="syz.4.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   87.869848][ T1655] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   87.888135][   T30] audit: type=1326 audit(2000000056.800:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1650 comm="syz.4.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   87.911795][   T30] audit: type=1326 audit(2000000056.800:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1650 comm="syz.4.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   87.945888][ T1661] netlink: 32 bytes leftover after parsing attributes in process `syz.4.394'.
[   87.963224][ T1661] loop4: detected capacity change from 0 to 2048
[   88.006181][   T30] audit: type=1326 audit(2000000056.970:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1662 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[   88.055548][ T1661]  loop4: p1 < > p3 p4 < >
[   88.067656][ T1661] loop4: p3 start 4284289 is beyond EOD, truncated
[   88.094938][ T1671] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[   88.194861][  T488] udevd[488]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   88.194875][ T1241] udevd[1241]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   88.276497][ T1682] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   88.478889][  T425] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   88.848951][  T425] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.877776][  T425] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.011928][  T425] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   89.021134][  T425] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.029839][  T425] usb 5-1: config 0 descriptor??
[   89.054892][ T1695] tipc: Invalid UDP bearer configuration
[   89.054924][ T1695] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   89.100697][ T1699] loop0: detected capacity change from 0 to 512
[   89.118647][   T20] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   89.131815][ T1699] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   89.143027][ T1699] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.145747][ T1704] loop3: detected capacity change from 0 to 512
[   89.179462][ T1704] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.198262][ T1704] EXT4-fs (loop3): 1 truncate cleaned up
[   89.204210][ T1704] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   89.226692][ T1704] mmap: syz.3.410 (1704) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[   89.510714][  T425] hid (null): bogus close delimiter
[   89.578611][ T1715] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   89.778948][  T425] usb 5-1: string descriptor 0 read error: -71
[   89.799404][  T425] uclogic 0003:256C:006D.000A: failed retrieving string descriptor #200: -71
[   89.883878][  T425] uclogic 0003:256C:006D.000A: failed retrieving pen parameters: -71
[   89.897559][  T425] uclogic 0003:256C:006D.000A: failed probing pen v2 parameters: -71
[   89.905620][  T425] uclogic 0003:256C:006D.000A: failed probing parameters: -71
[   89.908713][   T20] usb 3-1: Using ep0 maxpacket: 16
[   89.913092][  T425] uclogic: probe of 0003:256C:006D.000A failed with error -71
[   90.031454][  T425] usb 5-1: USB disconnect, device number 7
[   90.059901][   T20] usb 3-1: config 3 has an invalid interface number: 42 but max is 0
[   90.074390][   T20] usb 3-1: config 3 has no interface number 0
[   90.081885][   T20] usb 3-1: config 3 interface 42 has no altsetting 0
[   90.458158][   T20] usb 3-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=b3.97
[   90.467082][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.479691][ T1733] tipc: Invalid UDP bearer configuration
[   90.479714][ T1733] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   90.510532][ T1735] loop4: detected capacity change from 0 to 1024
[   90.571566][ T1739] loop0: detected capacity change from 0 to 1024
[   90.581359][ T1735] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   90.659778][ T1739] EXT4-fs (loop0): Ignoring removed bh option
[   90.665798][ T1739] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   90.694199][ T1739] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,i_version,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   90.749697][   T20] usb 3-1: string descriptor 0 read error: -71
[   90.756570][   T20] net1080: probe of 3-1:3.42 failed with error -22
[   90.779843][   T20] usb 3-1: USB disconnect, device number 6
[   91.174503][ T1758] loop0: detected capacity change from 0 to 16
[   91.242076][ T1758] erofs: (device loop0): erofs_read_inode: unsupported chunk format 7fff of nid 36
[   91.278650][  T425] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   91.898949][  T425] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.950222][  T425] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.076643][  T425] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   92.154941][  T425] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.170807][  T425] usb 4-1: config 0 descriptor??
[   92.250285][ T1780] loop1: detected capacity change from 0 to 256
[   92.268149][ T1781] loop0: detected capacity change from 0 to 1024
[   92.291814][ T1780] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   92.345339][ T1781] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   92.479963][ T1790] loop1: detected capacity change from 0 to 2048
[   92.804227][ T1747] UDC core: couldn't find an available UDC or it's busy: -16
[   92.815134][ T1747] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   92.826050][   T30] kauditd_printk_skb: 120 callbacks suppressed
[   92.826066][   T30] audit: type=1326 audit(2000000061.800:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1794 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   92.829037][  T425] hid (null): bogus close delimiter
[   92.855208][   T30] audit: type=1326 audit(2000000061.800:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1794 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   92.884286][   T30] audit: type=1326 audit(2000000061.800:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1794 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   92.909341][   T30] audit: type=1326 audit(2000000061.800:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1794 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   92.938175][   T30] audit: type=1326 audit(2000000061.800:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1794 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   92.950857][ T1790] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,. Quota mode: writeback.
[   92.974126][ T1799] loop2: detected capacity change from 0 to 1024
[   93.014792][ T1799] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   93.041508][ T1747] UDC core: couldn't find an available UDC or it's busy: -16
[   93.066677][ T1790] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.437: bg 0: block 234: padding at end of block bitmap is not set
[   93.068782][ T1747] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   93.092350][ T1803] FAULT_INJECTION: forcing a failure.
[   93.092350][ T1803] name failslab, interval 1, probability 0, space 0, times 0
[   93.100612][ T1790] EXT4-fs (loop1): Remounting filesystem read-only
[   93.107049][ T1803] CPU: 0 PID: 1803 Comm: syz.0.439 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[   93.118684][  T425] usb 4-1: language id specifier not provided by device, defaulting to English
[   93.120741][ T1803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   93.120758][ T1803] Call Trace:
[   93.120765][ T1803]  <TASK>
[   93.120774][ T1803]  dump_stack_lvl+0x151/0x1c0
[   93.149810][ T1803]  ? io_uring_drop_tctx_refs+0x190/0x190
[   93.155277][ T1803]  ? x64_sys_call+0x16a/0x9a0
[   93.159789][ T1803]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   93.165692][ T1803]  dump_stack+0x15/0x20
[   93.169733][ T1803]  should_fail+0x3c6/0x510
[   93.173934][ T1803]  __should_failslab+0xa4/0xe0
[   93.178531][ T1803]  ? skb_clone+0x1d1/0x360
[   93.182804][ T1803]  should_failslab+0x9/0x20
[   93.187131][ T1803]  slab_pre_alloc_hook+0x37/0xd0
[   93.191910][ T1803]  ? skb_clone+0x1d1/0x360
[   93.196153][ T1803]  kmem_cache_alloc+0x44/0x200
[   93.200758][ T1803]  skb_clone+0x1d1/0x360
[   93.204859][ T1803]  pfkey_broadcast_one+0x9f/0x330
[   93.209694][ T1803]  pfkey_broadcast+0x2c7/0x2f0
[   93.214292][ T1803]  pfkey_sendmsg+0xd79/0xfb0
[   93.218724][ T1803]  ? avc_has_perm_noaudit+0x430/0x430
[   93.223935][ T1803]  ? pfkey_release+0x340/0x340
[   93.228523][ T1803]  ? selinux_socket_sendmsg+0x243/0x340
[   93.233917][ T1803]  ? kmem_cache_free+0x116/0x2e0
[   93.238681][ T1803]  ? check_stack_object+0x114/0x130
[   93.243713][ T1803]  ? security_socket_sendmsg+0x82/0xb0
[   93.249006][ T1803]  ? pfkey_release+0x340/0x340
[   93.253693][ T1803]  ____sys_sendmsg+0x59e/0x8f0
[   93.258292][ T1803]  ? __sys_sendmsg_sock+0x40/0x40
[   93.263237][ T1803]  ? import_iovec+0xe5/0x120
[   93.267760][ T1803]  ___sys_sendmsg+0x252/0x2e0
[   93.272274][ T1803]  ? __sys_sendmsg+0x260/0x260
[   93.276881][ T1803]  ? __fdget+0x1bc/0x240
[   93.280959][ T1803]  __se_sys_sendmsg+0x19a/0x260
[   93.285637][ T1803]  ? __x64_sys_sendmsg+0x90/0x90
[   93.290412][ T1803]  ? ksys_write+0x260/0x2c0
[   93.294754][ T1803]  ? debug_smp_processor_id+0x17/0x20
[   93.299958][ T1803]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   93.305860][ T1803]  __x64_sys_sendmsg+0x7b/0x90
[   93.310465][ T1803]  x64_sys_call+0x16a/0x9a0
[   93.314802][ T1803]  do_syscall_64+0x3b/0xb0
[   93.319059][ T1803]  ? clear_bhb_loop+0x35/0x90
[   93.323567][ T1803]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   93.329295][ T1803] RIP: 0033:0x7f2d9fbc4849
[   93.333554][ T1803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.352991][ T1803] RSP: 002b:00007f2d9e23b058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.361243][ T1803] RAX: ffffffffffffffda RBX: 00007f2d9fd89fa0 RCX: 00007f2d9fbc4849
[   93.369047][ T1803] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[   93.376858][ T1803] RBP: 00007f2d9e23b0a0 R08: 0000000000000000 R09: 0000000000000000
[   93.384670][ T1803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.392482][ T1803] R13: 0000000000000000 R14: 00007f2d9fd89fa0 R15: 00007fff6e311d38
[   93.400295][ T1803]  </TASK>
[   93.582648][   T30] audit: type=1400 audit(2000000062.550:1569): avc:  denied  { create } for  pid=1804 comm="syz.0.443" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   93.713899][ T1812] loop4: detected capacity change from 0 to 512
[   95.314681][ T1812] EXT4-fs (loop4): Test dummy encryption mode enabled
[   95.428818][ T1812] EXT4-fs error (device loop4): ext4_fill_super:4832: inode #2: comm syz.4.444: casefold flag without casefold feature
[   95.442073][ T1812] EXT4-fs (loop4): get root inode failed
[   95.447549][ T1812] EXT4-fs (loop4): mount failed
[   95.516330][ T1815] loop2: detected capacity change from 0 to 1024
[   95.608915][  T425] uclogic 0003:256C:006D.000B: failed retrieving Huion firmware version: -71
[   95.691908][  T425] uclogic 0003:256C:006D.000B: failed probing parameters: -71
[   95.726121][ T1819] loop0: detected capacity change from 0 to 512
[   95.751666][ T1815] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   95.784748][   T30] audit: type=1400 audit(2000000064.260:1570): avc:  denied  { unlink } for  pid=297 comm="syz-executor" name="file0" dev="tmpfs" ino=576 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   95.902525][  T425] uclogic: probe of 0003:256C:006D.000B failed with error -71
[   96.015237][ T1819] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   96.028076][   T30] audit: type=1326 audit(2000000064.870:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1816 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[   96.037321][  T425] usb 4-1: USB disconnect, device number 6
[   96.058845][ T1819] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.144725][   T30] audit: type=1326 audit(2000000064.870:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1816 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[   96.182978][   T30] audit: type=1326 audit(2000000064.890:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1816 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[   96.572540][ T1836] loop4: detected capacity change from 0 to 1024
[   96.685155][ T1842] loop2: detected capacity change from 0 to 256
[   97.015983][ T1836] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   97.102772][ T1842] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   97.117331][ T1848] loop1: detected capacity change from 0 to 16
[   97.189044][ T1848] erofs: (device loop1): erofs_read_inode: unsupported chunk format 7fff of nid 36
[   97.250220][ T1857] loop3: detected capacity change from 0 to 1024
[   97.293766][ T1863] loop2: detected capacity change from 0 to 1024
[   97.323925][ T1857] EXT4-fs (loop3): Test dummy encryption mode enabled
[   97.635508][ T1863] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   97.972762][ T1877] loop1: detected capacity change from 0 to 1024
[   98.520527][ T1889] loop0: detected capacity change from 0 to 1024
[   98.560852][ T1889] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   98.580822][   T30] kauditd_printk_skb: 62 callbacks suppressed
[   98.580840][   T30] audit: type=1326 audit(2000000067.550:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   98.647718][   T30] audit: type=1326 audit(2000000067.590:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   98.659707][ T1877] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   98.671386][   T30] audit: type=1326 audit(2000000067.590:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   98.720259][   T30] audit: type=1326 audit(2000000067.590:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   98.743466][   T30] audit: type=1326 audit(2000000067.590:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1892 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[   98.788631][   T20] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   98.851243][ T1900] loop4: detected capacity change from 0 to 256
[   99.015083][ T1900] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   99.437092][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.448079][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.461019][   T20] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   99.470113][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.480586][   T20] usb 4-1: config 0 descriptor??
[   99.557845][   T30] audit: type=1326 audit(2000000068.520:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1910 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   99.561074][ T1915] loop1: detected capacity change from 0 to 16
[   99.606447][   T30] audit: type=1326 audit(2000000068.560:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1910 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   99.649413][   T30] audit: type=1326 audit(2000000068.560:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1910 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   99.662946][ T1915] erofs: (device loop1): erofs_read_inode: unsupported chunk format 7fff of nid 36
[   99.697916][   T30] audit: type=1326 audit(2000000068.560:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1910 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[   99.774882][   T30] audit: type=1326 audit(2000000068.560:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1910 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  100.168917][  T425] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  100.529566][  T425] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.568679][   T20] usb 4-1: string descriptor 0 read error: -71
[  100.574733][  T425] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.588717][   T20] uclogic 0003:256C:006D.000C: failed retrieving string descriptor #200: -71
[  100.597335][   T20] uclogic 0003:256C:006D.000C: failed retrieving pen parameters: -71
[  100.618636][   T20] uclogic 0003:256C:006D.000C: failed probing pen v2 parameters: -71
[  100.618658][  T425] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  100.635574][   T20] uclogic 0003:256C:006D.000C: failed probing parameters: -71
[  100.635613][   T20] uclogic: probe of 0003:256C:006D.000C failed with error -71
[  100.636632][   T20] usb 4-1: USB disconnect, device number 7
[  100.650352][  T425] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.661996][ T1938] loop1: detected capacity change from 0 to 1024
[  100.685427][  T425] usb 3-1: config 0 descriptor??
[  100.818509][ T1945] loop4: detected capacity change from 0 to 1024
[  100.827076][ T1938] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  100.916756][ T1949] loop3: detected capacity change from 0 to 512
[  100.969670][ T1945] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  101.001850][ T1949] EXT4-fs (loop3): Test dummy encryption mode enabled
[  101.051236][ T1917] loop2: detected capacity change from 0 to 512
[  101.087048][ T1949] EXT4-fs error (device loop3): ext4_fill_super:4832: inode #2: comm syz.3.477: casefold flag without casefold feature
[  101.100428][ T1949] EXT4-fs (loop3): get root inode failed
[  101.105910][ T1949] EXT4-fs (loop3): mount failed
[  101.177832][ T1917] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.312075][ T1917] EXT4-fs (loop2): 1 truncate cleaned up
[  101.390101][ T1917] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,debug_want_extra_isize=0x000000000000006c,jqfmt=vfsv0,nombcache,quota,,errors=continue. Quota mode: writeback.
[  102.018587][    C0] sched: RT throttling activated
[  102.173477][   T63] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  102.204911][ T1958] loop1: detected capacity change from 0 to 256
[  102.281722][ T1958] FAT-fs (loop1): Directory bread(block 64) failed
[  102.288086][ T1958] FAT-fs (loop1): Directory bread(block 65) failed
[  102.294474][ T1958] FAT-fs (loop1): Directory bread(block 66) failed
[  102.300933][ T1958] FAT-fs (loop1): Directory bread(block 67) failed
[  102.307250][ T1958] FAT-fs (loop1): Directory bread(block 68) failed
[  102.313578][ T1958] FAT-fs (loop1): Directory bread(block 69) failed
[  102.319968][ T1958] FAT-fs (loop1): Directory bread(block 70) failed
[  102.326221][ T1958] FAT-fs (loop1): Directory bread(block 71) failed
[  102.332614][ T1958] FAT-fs (loop1): Directory bread(block 72) failed
[  102.339444][ T1958] FAT-fs (loop1): Directory bread(block 73) failed
[  102.394315][ T1962] netlink: 'syz.3.481': attribute type 30 has an invalid length.
[  102.427007][ T1960] loop4: detected capacity change from 0 to 32768
[  102.469181][ T1960]  loop4: p1 p2 p3 < p5 p6 p7 >
[  102.488673][  T425] usbhid 3-1:0.0: can't add hid device: -71
[  102.503728][  T425] usbhid: probe of 3-1:0.0 failed with error -71
[  102.519325][  T425] usb 3-1: USB disconnect, device number 7
[  102.634988][ T1972] loop3: detected capacity change from 0 to 16
[  102.648703][   T63] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.659698][   T63] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.669686][   T63] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  102.678968][   T63] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.688184][   T63] usb 1-1: config 0 descriptor??
[  102.718979][ T1972] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  104.288660][ T1691] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  104.528352][   T30] kauditd_printk_skb: 135 callbacks suppressed
[  104.528366][   T30] audit: type=1326 audit(2000000073.490:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2013 comm="syz.1.495" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44e41f6849 code=0x0
[  104.585582][ T2015] loop1: detected capacity change from 0 to 2048
[  104.638995][ T2015]  loop1: p1 < > p2 p3 < p5 p6 > p4
[  104.644077][ T2015] loop1: partition table partially beyond EOD, truncated
[  104.651079][ T2015] loop1: p1 start 16777216 is beyond EOD, truncated
[  104.657512][ T2015] loop1: p2 start 16908800 is beyond EOD, truncated
[  104.664488][ T2015] loop1: p4 start 11326 is beyond EOD, truncated
[  104.670803][ T2015] loop1: p5 start 16908800 is beyond EOD, truncated
[  104.677211][ T2015] loop1: p6 start 11326 is beyond EOD, truncated
[  104.718714][ T1691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.729651][ T1691] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.739348][ T1691] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  104.748336][ T1691] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.756922][ T1691] usb 3-1: config 0 descriptor??
[  104.943383][   T30] audit: type=1326 audit(2000000073.910:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2016 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  104.966870][   T30] audit: type=1326 audit(2000000073.910:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2016 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  104.990322][   T30] audit: type=1326 audit(2000000073.910:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2016 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  105.037844][ T2020] loop4: detected capacity change from 0 to 256
[  105.044799][   T30] audit: type=1326 audit(2000000073.910:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2016 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  105.063118][ T2020] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  105.081184][   T30] audit: type=1326 audit(2000000073.930:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2016 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  105.116341][ T2022] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  105.170041][ T2028] loop0: detected capacity change from 0 to 512
[  105.178782][   T63] uclogic 0003:256C:006D.000D: failed retrieving string descriptor #200: -71
[  105.187485][   T63] uclogic 0003:256C:006D.000D: failed retrieving pen parameters: -71
[  105.195976][   T63] uclogic 0003:256C:006D.000D: failed probing pen v2 parameters: -71
[  105.203987][   T63] uclogic 0003:256C:006D.000D: failed probing parameters: -71
[  105.217786][   T63] uclogic: probe of 0003:256C:006D.000D failed with error -71
[  105.226500][   T63] usb 1-1: USB disconnect, device number 6
[  105.232733][ T2005] UDC core: couldn't find an available UDC or it's busy: -16
[  105.241071][ T2005] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  105.246772][ T2032] loop3: detected capacity change from 0 to 1024
[  105.256361][ T1691] hid (null): bogus close delimiter
[  105.259950][ T2028] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.501: inode #1: comm syz.0.501: iget: illegal inode #
[  105.274391][ T2028] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.501: error while reading EA inode 1 err=-117
[  105.274437][ T2032] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  105.312926][ T2028] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.501: inode #1: comm syz.0.501: iget: illegal inode #
[  105.325807][ T2028] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.501: error while reading EA inode 1 err=-117
[  105.338431][ T2028] EXT4-fs (loop0): 1 orphan inode deleted
[  105.344468][ T2028] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback.
[  105.458935][ T1691] usb 3-1: language id specifier not provided by device, defaulting to English
[  105.543357][ T2039] 9pnet: Insufficient options for proto=fd
[  105.744019][ T2005] UDC core: couldn't find an available UDC or it's busy: -16
[  105.751380][ T2005] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  106.031383][ T2045] xt_hashlimit: size too large, truncated to 1048576
[  106.117965][ T2048] loop0: detected capacity change from 0 to 1024
[  106.129800][ T2048] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  106.179519][ T2048] EXT4-fs (loop0): Test dummy encryption mode enabled
[  106.190682][ T2005] loop2: detected capacity change from 0 to 256
[  106.207934][ T2005] exfat: Deprecated parameter 'utf8'
[  106.217275][ T2005] exfat: Deprecated parameter 'utf8'
[  106.251769][ T2005] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  106.279571][ T2005] UDC core: couldn't find an available UDC or it's busy: -16
[  106.286782][ T2005] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  106.381094][ T1691] uclogic 0003:256C:006D.000E: failed retrieving string descriptor #100: -71
[  106.395538][ T1691] uclogic 0003:256C:006D.000E: failed retrieving pen parameters: -71
[  106.403512][ T1691] uclogic 0003:256C:006D.000E: failed probing pen v1 parameters: -71
[  106.411378][ T1691] uclogic 0003:256C:006D.000E: failed probing parameters: -71
[  106.419267][ T1691] uclogic: probe of 0003:256C:006D.000E failed with error -71
[  106.436226][   T30] audit: type=1326 audit(2000000075.400:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2054 comm="syz.4.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  106.460159][ T1691] usb 3-1: USB disconnect, device number 8
[  106.541269][   T30] audit: type=1326 audit(2000000075.400:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2054 comm="syz.4.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  106.782767][   T30] audit: type=1326 audit(2000000075.400:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2054 comm="syz.4.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  106.813008][   T30] audit: type=1326 audit(2000000075.440:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2054 comm="syz.4.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  106.857014][ T2064] loop3: detected capacity change from 0 to 256
[  106.890928][ T2064] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  107.085756][ T2082] loop3: detected capacity change from 0 to 1024
[  107.195050][ T2073] loop4: detected capacity change from 0 to 40427
[  107.200368][ T2082] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  107.240554][ T2073] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  107.529740][ T2073] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  107.544920][ T2073] F2FS-fs (loop4): invalid crc value
[  107.661215][   T26] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  107.754854][ T2073] F2FS-fs (loop4): Found nat_bits in checkpoint
[  108.068914][ T2098] loop3: detected capacity change from 0 to 512
[  108.230721][ T2073] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  108.241612][ T2073] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  109.480838][ T2098] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  109.498702][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.510145][ T2098] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.521479][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.531285][   T26] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  109.540246][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.549392][   T26] usb 3-1: config 0 descriptor??
[  109.830474][ T2116] attempt to access beyond end of device
[  109.830474][ T2116] loop4: rw=2049, want=45104, limit=40427
[  110.271489][  T296] attempt to access beyond end of device
[  110.271489][  T296] loop4: rw=2049, want=45112, limit=40427
[  110.388715][   T26] usbhid 3-1:0.0: can't add hid device: -71
[  110.394489][   T26] usbhid: probe of 3-1:0.0 failed with error -71
[  110.421725][ T2121] loop3: detected capacity change from 0 to 256
[  110.449691][   T26] usb 3-1: USB disconnect, device number 9
[  110.519597][ T2121] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  110.534927][ T2113] FAULT_INJECTION: forcing a failure.
[  110.534927][ T2113] name failslab, interval 1, probability 0, space 0, times 0
[  110.578610][ T2113] CPU: 1 PID: 2113 Comm: syz.1.521 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  110.588255][ T2113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  110.598149][ T2113] Call Trace:
[  110.601274][ T2113]  <TASK>
[  110.604056][ T2113]  dump_stack_lvl+0x151/0x1c0
[  110.608565][ T2113]  ? io_uring_drop_tctx_refs+0x190/0x190
[  110.614038][ T2113]  dump_stack+0x15/0x20
[  110.618028][ T2113]  should_fail+0x3c6/0x510
[  110.622276][ T2113]  __should_failslab+0xa4/0xe0
[  110.626874][ T2113]  ? __proc_create+0x419/0xa00
[  110.631480][ T2113]  should_failslab+0x9/0x20
[  110.635823][ T2113]  slab_pre_alloc_hook+0x37/0xd0
[  110.640594][ T2113]  ? __proc_create+0x419/0xa00
[  110.645194][ T2113]  kmem_cache_alloc+0x44/0x200
[  110.649795][ T2113]  __proc_create+0x419/0xa00
[  110.654227][ T2113]  ? proc_symlink+0x290/0x290
[  110.658739][ T2113]  _proc_mkdir+0xd3/0x200
[  110.662899][ T2113]  ? __proc_create+0xa00/0xa00
[  110.667497][ T2113]  ? proc_net_ns_init+0x52/0x3a0
[  110.672269][ T2113]  proc_net_ns_init+0x29a/0x3a0
[  110.676955][ T2113]  ops_init+0x1cd/0x4a0
[  110.680953][ T2113]  setup_net+0x34b/0xb50
[  110.685028][ T2113]  ? copy_net_ns+0x5b0/0x5b0
[  110.689450][ T2113]  ? __kasan_kmalloc+0x9/0x10
[  110.693961][ T2113]  ? kmem_cache_alloc_trace+0x115/0x210
[  110.699343][ T2113]  ? copy_net_ns+0x188/0x5b0
[  110.703775][ T2113]  copy_net_ns+0x35f/0x5b0
[  110.708024][ T2113]  create_new_namespaces+0x416/0x670
[  110.713150][ T2113]  unshare_nsproxy_namespaces+0x126/0x180
[  110.718702][ T2113]  ksys_unshare+0x545/0x980
[  110.723035][ T2113]  ? fput+0x1a/0x20
[  110.726686][ T2113]  ? sighand_ctor+0x60/0x60
[  110.731023][ T2113]  ? debug_smp_processor_id+0x17/0x20
[  110.736235][ T2113]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  110.742131][ T2113]  __x64_sys_unshare+0x38/0x40
[  110.746731][ T2113]  x64_sys_call+0x728/0x9a0
[  110.751070][ T2113]  do_syscall_64+0x3b/0xb0
[  110.755322][ T2113]  ? clear_bhb_loop+0x35/0x90
[  110.759837][ T2113]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  110.765566][ T2113] RIP: 0033:0x7f44e41f6849
[  110.769820][ T2113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.789256][ T2113] RSP: 002b:00007f44e284c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  110.797503][ T2113] RAX: ffffffffffffffda RBX: 00007f44e43bc080 RCX: 00007f44e41f6849
[  110.805313][ T2113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[  110.813128][ T2113] RBP: 00007f44e284c0a0 R08: 0000000000000000 R09: 0000000000000000
[  110.820945][ T2113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.828756][ T2113] R13: 0000000000000000 R14: 00007f44e43bc080 R15: 00007ffc50430898
[  110.836564][ T2113]  </TASK>
[  110.908316][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  110.908332][   T30] audit: type=1326 audit(2000000079.870:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  110.989338][   T30] audit: type=1326 audit(2000000079.900:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.044941][   T30] audit: type=1326 audit(2000000079.900:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.065811][ T2119] loop2: detected capacity change from 0 to 40427
[  111.079890][ T2138] loop1: detected capacity change from 0 to 1024
[  111.086319][   T30] audit: type=1326 audit(2000000079.900:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.109716][   T30] audit: type=1326 audit(2000000079.900:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.133245][   T30] audit: type=1326 audit(2000000079.900:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.159268][ T2119] F2FS-fs (loop2): invalid crc value
[  111.164562][   T30] audit: type=1326 audit(2000000079.900:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.188542][   T30] audit: type=1326 audit(2000000079.910:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.212291][   T30] audit: type=1326 audit(2000000079.910:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.235686][   T30] audit: type=1326 audit(2000000079.910:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2129 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  111.274532][ T2138] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  111.278085][   T26] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  111.305398][ T2119] F2FS-fs (loop2): Found nat_bits in checkpoint
[  111.351738][ T2119] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  111.366423][ T2119] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  111.383194][ T1235] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  111.446094][ T2119] attempt to access beyond end of device
[  111.446094][ T2119] loop2: rw=2049, want=45112, limit=40427
[  111.808713][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.819612][ T1235] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.836814][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.871556][ T1235] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.889928][   T26] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  111.899116][ T1235] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  111.907979][ T1235] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.916250][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.927973][ T1235] usb 5-1: config 0 descriptor??
[  111.936798][   T26] usb 4-1: config 0 descriptor??
[  112.182597][ T2162] loop2: detected capacity change from 0 to 1024
[  112.277507][ T2134] loop3: detected capacity change from 0 to 512
[  112.352137][ T2134] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  112.421927][ T2136] UDC core: couldn't find an available UDC or it's busy: -16
[  112.458278][ T2136] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  112.475466][ T2134] EXT4-fs (loop3): 1 truncate cleaned up
[  112.495119][ T2134] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,debug_want_extra_isize=0x000000000000006c,jqfmt=vfsv0,nombcache,quota,,errors=continue. Quota mode: writeback.
[  112.517348][ T2162] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  112.529036][ T1235] hid (null): bogus close delimiter
[  112.748711][ T1235] usb 5-1: language id specifier not provided by device, defaulting to English
[  112.949578][ T2136] UDC core: couldn't find an available UDC or it's busy: -16
[  112.967431][ T2170] loop0: detected capacity change from 0 to 512
[  112.978627][ T2136] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.007276][ T2172] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  113.028719][   T26] usbhid 4-1:0.0: can't add hid device: -71
[  113.042039][   T26] usbhid: probe of 4-1:0.0 failed with error -71
[  113.065191][ T2174] loop1: detected capacity change from 0 to 256
[  113.072319][   T26] usb 4-1: USB disconnect, device number 8
[  113.079391][ T2170] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  113.091080][ T2170] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.120979][ T2174] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  113.470675][ T2136] loop4: detected capacity change from 0 to 256
[  113.589000][ T2136] exfat: Deprecated parameter 'utf8'
[  113.594316][ T2136] exfat: Deprecated parameter 'utf8'
[  113.609845][ T2185] loop1: detected capacity change from 0 to 1024
[  113.627036][ T2136] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  113.644347][ T2136] UDC core: couldn't find an available UDC or it's busy: -16
[  113.655897][ T2185] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  113.683090][ T2136] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.779006][ T1235] uclogic 0003:256C:006D.000F: failed retrieving string descriptor #100: -71
[  113.789463][ T1235] uclogic 0003:256C:006D.000F: failed retrieving pen parameters: -71
[  113.797409][ T1235] uclogic 0003:256C:006D.000F: failed probing pen v1 parameters: -71
[  113.993351][ T1235] uclogic 0003:256C:006D.000F: failed probing parameters: -71
[  114.000902][ T1235] uclogic: probe of 0003:256C:006D.000F failed with error -71
[  114.011396][ T1235] usb 5-1: USB disconnect, device number 8
[  114.503262][ T2198] loop4: detected capacity change from 0 to 1024
[  114.634433][ T2198] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  114.738602][ T2207] loop1: detected capacity change from 0 to 512
[  114.841763][ T2207] EXT4-fs (loop1): Test dummy encryption mode enabled
[  114.933837][ T2207] EXT4-fs error (device loop1): ext4_fill_super:4832: inode #2: comm syz.1.542: casefold flag without casefold feature
[  114.947174][ T2207] EXT4-fs (loop1): get root inode failed
[  114.952874][ T2207] EXT4-fs (loop1): mount failed
[  115.857235][ T2213] FAULT_INJECTION: forcing a failure.
[  115.857235][ T2213] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  115.873481][ T2213] CPU: 1 PID: 2213 Comm: syz.0.545 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  115.883119][ T2213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  115.893022][ T2213] Call Trace:
[  115.896146][ T2213]  <TASK>
[  115.898912][ T2213]  dump_stack_lvl+0x151/0x1c0
[  115.903429][ T2213]  ? io_uring_drop_tctx_refs+0x190/0x190
[  115.908902][ T2213]  dump_stack+0x15/0x20
[  115.912884][ T2213]  should_fail+0x3c6/0x510
[  115.917141][ T2213]  should_fail_alloc_page+0x5a/0x80
[  115.922173][ T2213]  prepare_alloc_pages+0x15c/0x700
[  115.927122][ T2213]  ? __alloc_pages+0x8f0/0x8f0
[  115.931724][ T2213]  ? __alloc_pages_bulk+0xe40/0xe40
[  115.936753][ T2213]  ? __kasan_check_write+0x14/0x20
[  115.941699][ T2213]  ? _raw_spin_lock+0xa4/0x1b0
[  115.946303][ T2213]  __alloc_pages+0x18c/0x8f0
[  115.950729][ T2213]  ? prep_new_page+0x110/0x110
[  115.955327][ T2213]  ? lru_cache_add+0x279/0x540
[  115.959929][ T2213]  handle_pte_fault+0xe7e/0x25c0
[  115.964705][ T2213]  ? fault_around_bytes_set+0xc0/0xc0
[  115.969913][ T2213]  do_handle_mm_fault+0x20bc/0x2400
[  115.974958][ T2213]  ? numa_migrate_prep+0xe0/0xe0
[  115.979718][ T2213]  ? follow_page_mask+0x900/0x10e0
[  115.984666][ T2213]  ? bpf_trace_run3+0x250/0x250
[  115.989351][ T2213]  ? follow_page+0x230/0x230
[  115.993778][ T2213]  __get_user_pages+0x379/0xee0
[  115.998463][ T2213]  ? __bpf_trace_mmap_lock_acquire_returned+0x33/0x40
[  116.005061][ T2213]  ? populate_vma_page_range+0xf0/0xf0
[  116.010355][ T2213]  __get_user_pages_remote+0x1bd/0x730
[  116.015651][ T2213]  pin_user_pages_remote+0x5d/0x80
[  116.020594][ T2213]  process_vm_rw+0x724/0xcc0
[  116.025023][ T2213]  ? fsnotify_perm+0x6a/0x5b0
[  116.029533][ T2213]  ? __ia32_sys_process_vm_writev+0x100/0x100
[  116.035443][ T2213]  ? wait_for_completion_killable_timeout+0x10/0x10
[  116.041863][ T2213]  ? fput+0x1a/0x20
[  116.045502][ T2213]  ? ksys_write+0x260/0x2c0
[  116.049844][ T2213]  ? __ia32_sys_read+0x90/0x90
[  116.054454][ T2213]  __x64_sys_process_vm_writev+0xe7/0x100
[  116.060006][ T2213]  x64_sys_call+0x839/0x9a0
[  116.064335][ T2213]  do_syscall_64+0x3b/0xb0
[  116.068592][ T2213]  ? clear_bhb_loop+0x35/0x90
[  116.073117][ T2213]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  116.078833][ T2213] RIP: 0033:0x7f2d9fbc4849
[  116.083086][ T2213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.102533][ T2213] RSP: 002b:00007f2d9e23b058 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  116.110769][ T2213] RAX: ffffffffffffffda RBX: 00007f2d9fd89fa0 RCX: 00007f2d9fbc4849
[  116.118590][ T2213] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000016b
[  116.126398][ T2213] RBP: 00007f2d9e23b0a0 R08: 000000000000023a R09: 0000000000000000
[  116.134207][ T2213] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002
[  116.142020][ T2213] R13: 0000000000000000 R14: 00007f2d9fd89fa0 R15: 00007fff6e311d38
[  116.149835][ T2213]  </TASK>
[  116.557335][ T2221] FAULT_INJECTION: forcing a failure.
[  116.557335][ T2221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.575396][ T2221] CPU: 0 PID: 2221 Comm: syz.3.547 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  116.585034][ T2221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  116.594932][ T2221] Call Trace:
[  116.598048][ T2221]  <TASK>
[  116.600844][ T2221]  dump_stack_lvl+0x151/0x1c0
[  116.605346][ T2221]  ? io_uring_drop_tctx_refs+0x190/0x190
[  116.610811][ T2221]  ? signal_setup_done+0x446/0x5f0
[  116.615758][ T2221]  ? ptrace_signal+0x460/0x460
[  116.620631][ T2221]  dump_stack+0x15/0x20
[  116.624615][ T2221]  should_fail+0x3c6/0x510
[  116.628867][ T2221]  should_fail_usercopy+0x1a/0x20
[  116.633813][ T2221]  _copy_from_user+0x20/0xd0
[  116.638430][ T2221]  restore_sigcontext+0xce/0x710
[  116.643193][ T2221]  ? fpu__clear_user_states+0x187/0x210
[  116.648873][ T2221]  ? __do_compat_sys_x32_rt_sigreturn+0x1e0/0x1e0
[  116.655093][ T2221]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  116.660043][ T2221]  __do_sys_rt_sigreturn+0x153/0x1e0
[  116.665159][ T2221]  ? x32_copy_siginfo_to_user+0x270/0x270
[  116.670750][ T2221]  ? debug_smp_processor_id+0x17/0x20
[  116.675919][ T2221]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  116.681820][ T2221]  ? exit_to_user_mode_prepare+0x39/0xa0
[  116.687290][ T2221]  x64_sys_call+0x91/0x9a0
[  116.691543][ T2221]  do_syscall_64+0x3b/0xb0
[  116.695796][ T2221]  ? clear_bhb_loop+0x35/0x90
[  116.700316][ T2221]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  116.706037][ T2221] RIP: 0033:0x7f1d48ad2189
[  116.710299][ T2221] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  116.729736][ T2221] RSP: 002b:00007f1d471acac0 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  116.737975][ T2221] RAX: ffffffffffffffda RBX: 00007f1d48cfbfa0 RCX: 00007f1d48ad2189
[  116.745784][ T2221] RDX: 00007f1d471acac0 RSI: 00007f1d471acbf0 RDI: 0000000000000021
[  116.753596][ T2221] RBP: 00007f1d471ad0a0 R08: 0000000000000000 R09: 0000000000000000
[  116.761409][ T2221] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  116.769220][ T2221] R13: 0000000000000000 R14: 00007f1d48cfbfa0 R15: 00007ffc0be9a518
[  116.777035][ T2221]  </TASK>
[  116.831067][ T2229] loop1: detected capacity change from 0 to 512
[  116.908862][ T2235] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  116.921369][   T30] kauditd_printk_skb: 81 callbacks suppressed
[  116.921384][   T30] audit: type=1326 audit(2000000085.900:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  116.930448][ T2229] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  116.961485][   T30] audit: type=1326 audit(2000000085.940:1908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.051498][ T2243] loop3: detected capacity change from 0 to 1024
[  117.084342][   T30] audit: type=1326 audit(2000000085.970:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.113351][ T2229] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.135637][   T30] audit: type=1326 audit(2000000085.970:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.166214][   T30] audit: type=1326 audit(2000000085.970:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.183814][ T2250] loop0: detected capacity change from 0 to 1024
[  117.192785][ T2243] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  117.221985][   T30] audit: type=1326 audit(2000000085.970:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.284097][   T30] audit: type=1326 audit(2000000085.970:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  117.323945][ T2250] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  118.178444][   T30] audit: type=1326 audit(2000000085.970:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  118.228644][   T30] audit: type=1326 audit(2000000085.970:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  118.252211][   T30] audit: type=1326 audit(2000000085.970:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2225 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  118.316308][ T2263] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  118.432780][ T2268] xt_hashlimit: size too large, truncated to 1048576
[  119.664674][ T2292] loop3: detected capacity change from 0 to 128
[  119.715054][ T2295] loop2: detected capacity change from 0 to 1024
[  119.804981][ T2295] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  121.918733][   T26] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  122.016993][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  122.017017][   T30] audit: type=1400 audit(2000000090.980:1950): avc:  denied  { create } for  pid=2317 comm="syz.2.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  122.141177][   T30] audit: type=1400 audit(2000000091.040:1951): avc:  denied  { setopt } for  pid=2317 comm="syz.2.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  122.206813][ T2332] loop1: detected capacity change from 0 to 256
[  122.238649][   T26] usb 5-1: Using ep0 maxpacket: 16
[  122.264128][   T30] audit: type=1326 audit(2000000091.230:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.325182][ T2332] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  122.378688][   T26] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  122.396304][   T30] audit: type=1326 audit(2000000091.230:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.412056][ T2344] loop0: detected capacity change from 0 to 1024
[  122.426365][   T30] audit: type=1326 audit(2000000091.230:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.449671][   T30] audit: type=1326 audit(2000000091.230:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.473890][   T30] audit: type=1326 audit(2000000091.230:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.521190][   T30] audit: type=1326 audit(2000000091.230:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.544630][   T30] audit: type=1326 audit(2000000091.230:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.567990][   T30] audit: type=1326 audit(2000000091.230:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2333 comm="syz.2.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  122.658981][   T26] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  122.674872][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.815334][ T2344] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  122.864241][   T26] usb 5-1: Product: syz
[  122.910705][   T26] usb 5-1: Manufacturer: syz
[  122.921406][   T26] usb 5-1: SerialNumber: syz
[  122.932882][   T26] usb 5-1: config 0 descriptor??
[  123.039828][   T26] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  123.047882][   T26] usb 5-1: Detected FT232RL
[  123.065044][ T2363] loop0: detected capacity change from 0 to 256
[  123.113533][ T2363] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  123.414613][ T2314] loop4: detected capacity change from 0 to 256
[  123.428727][   T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  123.476402][ T2314] FAT-fs (loop4): Unrecognized mount option "çÿbÆäÊ24¯Ÿ" or missing value
[  123.572310][ T2375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.588'.
[  123.689462][ T2375] capability: warning: `syz.3.588' uses deprecated v2 capabilities in a way that may be insecure
[  124.008714][   T26] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  124.028886][   T26] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  124.037254][   T26] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  124.049748][   T26] usb 5-1: USB disconnect, device number 9
[  124.058450][   T26] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  124.149929][   T26] ftdi_sio 5-1:0.0: device disconnected
[  124.237614][ T2391] loop2: detected capacity change from 0 to 256
[  124.375677][   T39] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  124.396373][ T2391] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  124.467182][ T2388] binder: 2387:2388 ioctl 89f1 0 returned -22
[  124.788877][   T39] usb 2-1: config index 0 descriptor too short (expected 3133, got 61)
[  124.798448][   T39] usb 2-1: config 0 has an invalid interface number: 156 but max is 1
[  124.807082][   T39] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.807568][ T2398] loop0: detected capacity change from 0 to 1024
[  124.910555][ T2398] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  124.918855][   T39] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  124.967109][ T2407] loop3: detected capacity change from 0 to 1024
[  124.977309][   T39] usb 2-1: config 0 has no interface number 0
[  124.984893][   T39] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  125.019586][ T2407] EXT4-fs (loop3): dax option not supported
[  125.046501][   T39] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  125.057731][   T39] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  125.067469][   T39] usb 2-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  125.080341][   T39] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  125.089405][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.102318][   T39] usb 2-1: config 0 descriptor??
[  125.155158][   T39] usb 2-1: MIDIStreaming interface descriptor not found
[  125.292115][ T2407] fuse: Bad value for 'fd'
[  125.450359][  T329] usb 2-1: USB disconnect, device number 5
[  125.466685][ T2430] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  125.535105][ T2435] loop3: detected capacity change from 0 to 512
[  125.593702][ T2435] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.921288][ T2435] EXT4-fs (loop3): 1 truncate cleaned up
[  126.934883][ T2435] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  126.936217][ T2446] loop2: detected capacity change from 0 to 1024
[  126.981684][ T2446] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  127.045309][ T2449] loop0: detected capacity change from 0 to 1024
[  127.110388][ T2449] EXT4-fs (loop0): dax option not supported
[  127.271286][ T2449] fuse: Bad value for 'fd'
[  127.283331][ T2459] process 'syz.1.613' launched './file0' with NULL argv: empty string added
[  127.587735][   T30] kauditd_printk_skb: 167 callbacks suppressed
[  127.587760][   T30] audit: type=1400 audit(2000000096.550:2127): avc:  denied  { execute_no_trans } for  pid=2458 comm="syz.1.613" path="/106/file0" dev="tmpfs" ino=594 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  127.735399][   T30] audit: type=1326 audit(2000000096.700:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.1.617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  127.762725][ T2478] loop0: detected capacity change from 0 to 1024
[  127.779031][   T30] audit: type=1326 audit(2000000096.700:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.1.617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  127.825853][   T30] audit: type=1326 audit(2000000096.700:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.1.617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  127.863629][   T30] audit: type=1326 audit(2000000096.700:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.1.617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  127.887698][   T30] audit: type=1326 audit(2000000096.700:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.1.617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  128.968851][   T30] audit: type=1400 audit(2000000097.930:2133): avc:  denied  { read } for  pid=2479 comm="syz.3.620" dev="nsfs" ino=4026532551 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  129.067995][   T30] audit: type=1400 audit(2000000097.930:2134): avc:  denied  { open } for  pid=2479 comm="syz.3.620" path="net:[4026532551]" dev="nsfs" ino=4026532551 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  129.175228][ T2478] EXT4-fs (loop0): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  129.251383][ T2494] loop1: detected capacity change from 0 to 1024
[  129.259817][ T2496] loop2: detected capacity change from 0 to 1024
[  129.346711][ T2499] loop3: detected capacity change from 0 to 1024
[  129.369330][ T2494] EXT4-fs (loop1): dax option not supported
[  129.382194][ T2496] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  129.730872][ T2502] loop4: detected capacity change from 0 to 512
[  131.562181][ T2494] fuse: Bad value for 'fd'
[  131.566972][ T2499] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  131.577833][ T2502] EXT4-fs (loop4): Test dummy encryption mode enabled
[  131.603762][ T2502] EXT4-fs error (device loop4): ext4_fill_super:4832: inode #2: comm syz.4.624: casefold flag without casefold feature
[  131.617211][ T2502] EXT4-fs (loop4): get root inode failed
[  131.623429][ T2502] EXT4-fs (loop4): mount failed
[  131.634593][ T2499] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,delalloc,norecovery,commit=0x0000000000000005,norecovery,,errors=continue. Quota mode: writeback.
[  131.658276][ T2512] loop1: detected capacity change from 0 to 512
[  131.687133][ T2515] FAULT_INJECTION: forcing a failure.
[  131.687133][ T2515] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.703313][ T2515] CPU: 0 PID: 2515 Comm: syz.2.627 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  131.712952][ T2515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  131.722856][ T2515] Call Trace:
[  131.725974][ T2515]  <TASK>
[  131.728748][ T2515]  dump_stack_lvl+0x151/0x1c0
[  131.733255][ T2515]  ? io_uring_drop_tctx_refs+0x190/0x190
[  131.738720][ T2515]  ? kstrtouint_from_user+0x20a/0x2a0
[  131.743929][ T2515]  dump_stack+0x15/0x20
[  131.747921][ T2515]  should_fail+0x3c6/0x510
[  131.752176][ T2515]  should_fail_usercopy+0x1a/0x20
[  131.757036][ T2515]  _copy_to_user+0x20/0x90
[  131.761290][ T2515]  simple_read_from_buffer+0xc7/0x150
[  131.766495][ T2515]  proc_fail_nth_read+0x1a3/0x210
[  131.771355][ T2515]  ? proc_fault_inject_write+0x390/0x390
[  131.776822][ T2515]  ? fsnotify_perm+0x269/0x5b0
[  131.781425][ T2515]  ? security_file_permission+0x86/0xb0
[  131.786804][ T2515]  ? proc_fault_inject_write+0x390/0x390
[  131.792459][ T2515]  vfs_read+0x27d/0xd40
[  131.796457][ T2515]  ? kernel_read+0x1f0/0x1f0
[  131.800872][ T2515]  ? __kasan_check_write+0x14/0x20
[  131.805821][ T2515]  ? mutex_lock+0xb6/0x1e0
[  131.810175][ T2515]  ? wait_for_completion_killable_timeout+0x10/0x10
[  131.816605][ T2515]  ? __fdget_pos+0x2e7/0x3a0
[  131.821032][ T2515]  ? ksys_read+0x77/0x2c0
[  131.825191][ T2515]  ksys_read+0x199/0x2c0
[  131.829272][ T2515]  ? exc_page_fault+0x47a/0x7f0
[  131.833967][ T2515]  ? vfs_write+0x1110/0x1110
[  131.838385][ T2515]  ? debug_smp_processor_id+0x17/0x20
[  131.843607][ T2515]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  131.849494][ T2515]  __x64_sys_read+0x7b/0x90
[  131.853855][ T2515]  x64_sys_call+0x28/0x9a0
[  131.858087][ T2515]  do_syscall_64+0x3b/0xb0
[  131.862339][ T2515]  ? clear_bhb_loop+0x35/0x90
[  131.866854][ T2515]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  131.872586][ T2515] RIP: 0033:0x7f3229d0825c
[  131.876833][ T2515] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  131.896273][ T2515] RSP: 002b:00007f3228380050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  131.904516][ T2515] RAX: ffffffffffffffda RBX: 00007f3229ecefa0 RCX: 00007f3229d0825c
[  131.912336][ T2515] RDX: 000000000000000f RSI: 00007f32283800b0 RDI: 0000000000000003
[  131.920140][ T2515] RBP: 00007f32283800a0 R08: 0000000000000000 R09: 0000000000000000
[  131.927953][ T2515] R10: 0000000000000086 R11: 0000000000000246 R12: 0000000000000001
[  131.935765][ T2515] R13: 0000000000000001 R14: 00007f3229ecefa0 R15: 00007ffc3a79dc58
[  131.943582][ T2515]  </TASK>
[  131.987135][ T2512] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  132.018924][   T30] audit: type=1326 audit(2000000100.990:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2518 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  132.023242][ T2512] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.629: iget: bad i_size value: -67835469387268086
[  132.390081][   T30] audit: type=1326 audit(2000000101.020:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2518 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  132.433964][ T2512] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.629: couldn't read orphan inode 15 (err -117)
[  132.465558][ T2529] loop2: detected capacity change from 0 to 1024
[  132.543304][ T2512] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  132.560238][ T2512] ext2 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.579072][ T2529] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  134.198208][ T2542] loop3: detected capacity change from 0 to 256
[  134.207652][ T2542] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  134.328718][ T2547] loop0: detected capacity change from 0 to 1024
[  134.342168][ T2547] EXT4-fs (loop0): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  134.509084][ T2557] loop3: detected capacity change from 0 to 16
[  134.635379][ T2557] erofs: (device loop3): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  134.962257][ T2563] loop2: detected capacity change from 0 to 256
[  134.980231][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  134.980258][   T30] audit: type=1400 audit(2000000103.950:2140): avc:  denied  { watch watch_reads } for  pid=2564 comm="syz.4.642" path="/108/file0" dev="tmpfs" ino=600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  135.019701][ T2563] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  135.032133][ T2565] netlink: 12 bytes leftover after parsing attributes in process `syz.4.642'.
[  135.143821][   T30] audit: type=1326 audit(2000000104.110:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2570 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  135.144805][ T2569] loop2: detected capacity change from 0 to 1024
[  135.190874][   T30] audit: type=1326 audit(2000000104.150:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2570 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  135.214908][   T30] audit: type=1326 audit(2000000104.150:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2570 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  135.322268][ T2577] loop1: detected capacity change from 0 to 256
[  135.363546][ T2569] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  135.399782][ T2577] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  135.700033][ T2574] loop4: detected capacity change from 0 to 40427
[  135.710112][   T30] audit: type=1400 audit(2000000104.680:2144): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  135.891720][ T2574] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  136.018250][ T2574] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  136.042367][ T2574] F2FS-fs (loop4): invalid crc value
[  136.203739][ T2574] F2FS-fs (loop4): Found nat_bits in checkpoint
[  136.245745][ T2599] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  136.322469][ T2574] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  136.368787][ T2574] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  136.378758][ T2607] loop3: detected capacity change from 0 to 1024
[  137.145699][ T2607] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  137.197539][   T30] audit: type=1326 audit(2000000106.160:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.0.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  137.220797][   T30] audit: type=1326 audit(2000000106.160:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.0.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  137.248394][ T2616] loop1: detected capacity change from 0 to 1024
[  137.256112][   T30] audit: type=1326 audit(2000000106.160:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.0.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  137.279349][   T30] audit: type=1326 audit(2000000106.160:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.0.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  137.302781][   T30] audit: type=1326 audit(2000000106.160:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2613 comm="syz.0.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d9fbc4849 code=0x7ffc0000
[  137.373293][ T2616] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  137.407814][ T2621] 9pnet: Insufficient options for proto=fd
[  137.510304][ T2624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.659'.
[  139.304017][ T2637] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  139.321546][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  139.330940][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  139.390081][ T2646] loop3: detected capacity change from 0 to 1024
[  139.796280][ T2658] loop1: detected capacity change from 0 to 1024
[  139.909184][ T2646] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  139.987693][ T2658] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.998790][ T2658] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.824255][   T30] kauditd_printk_skb: 55 callbacks suppressed
[  140.824271][   T30] audit: type=1326 audit(2000000109.790:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  140.948402][ T2667] 9pnet: Insufficient options for proto=fd
[  141.184206][   T30] audit: type=1326 audit(2000000109.810:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.226108][   T30] audit: type=1326 audit(2000000109.900:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.230930][ T2674] loop1: detected capacity change from 0 to 1024
[  141.258863][   T30] audit: type=1326 audit(2000000109.900:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.286270][   T30] audit: type=1326 audit(2000000109.900:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.311250][   T30] audit: type=1326 audit(2000000109.900:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.334684][   T30] audit: type=1326 audit(2000000109.900:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.376381][   T30] audit: type=1326 audit(2000000109.900:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.384628][ T2650] loop0: detected capacity change from 0 to 512
[  141.406774][   T30] audit: type=1326 audit(2000000109.900:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.432346][ T2674] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  141.435851][ T2677] loop3: detected capacity change from 0 to 512
[  141.464729][   T30] audit: type=1326 audit(2000000109.910:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2664 comm="syz.2.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  141.582974][ T2677] EXT4-fs (loop3): Mount option "journal_async_commit" incompatible with ext2
[  141.853423][  T300] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  141.901636][ T2650] EXT4-fs (loop0): dax option not supported
[  142.025056][ T2677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'.
[  142.048160][ T2677] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.058097][ T2650] loop0: detected capacity change from 0 to 16
[  142.208695][  T300] usb 3-1: Using ep0 maxpacket: 32
[  142.241976][ T2650] erofs: (device loop0): mounted with root inode @ nid 36.
[  142.369044][  T300] usb 3-1: config 2 has an invalid interface number: 219 but max is 0
[  142.380772][ T2696] FAULT_INJECTION: forcing a failure.
[  142.380772][ T2696] name failslab, interval 1, probability 0, space 0, times 0
[  142.409784][  T300] usb 3-1: config 2 has no interface number 0
[  142.426005][  T300] usb 3-1: config 2 interface 219 has no altsetting 0
[  142.431776][ T2696] CPU: 0 PID: 2696 Comm: syz.4.679 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  142.442244][ T2696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.452135][ T2696] Call Trace:
[  142.455257][ T2696]  <TASK>
[  142.458032][ T2696]  dump_stack_lvl+0x151/0x1c0
[  142.462549][ T2696]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.468012][ T2696]  ? irqentry_exit_cond_resched+0x2a/0x30
[  142.473571][ T2696]  ? sysvec_reschedule_ipi+0x8c/0x160
[  142.478784][ T2696]  dump_stack+0x15/0x20
[  142.482770][ T2696]  should_fail+0x3c6/0x510
[  142.487024][ T2696]  __should_failslab+0xa4/0xe0
[  142.491709][ T2696]  should_failslab+0x9/0x20
[  142.496052][ T2696]  slab_pre_alloc_hook+0x37/0xd0
[  142.500824][ T2696]  ? sidtab_sid2str_get+0x12b/0x2a0
[  142.505853][ T2696]  __kmalloc_track_caller+0x6c/0x260
[  142.510977][ T2696]  ? sidtab_sid2str_get+0x12b/0x2a0
[  142.516009][ T2696]  kmemdup+0x24/0x50
[  142.519740][ T2696]  sidtab_sid2str_get+0x12b/0x2a0
[  142.524600][ T2696]  security_sid_to_context_core+0x2b5/0x490
[  142.530333][ T2696]  security_sid_to_context+0x33/0x40
[  142.535451][ T2696]  selinux_secid_to_secctx+0x2a/0x40
[  142.540573][ T2696]  security_secid_to_secctx+0x74/0xb0
[  142.545780][ T2696]  audit_log_task_context+0x122/0x350
[  142.551085][ T2696]  ? audit_log_key+0x1d0/0x1d0
[  142.555688][ T2696]  audit_log_task+0x18c/0x2e0
[  142.560196][ T2696]  ? audit_core_dumps+0x100/0x100
[  142.565057][ T2696]  ? migrate_enable+0x1c1/0x2a0
[  142.569752][ T2696]  audit_seccomp+0x7a/0x1e0
[  142.574097][ T2696]  __seccomp_filter+0xc08/0x1c60
[  142.578868][ T2696]  ? release_firmware_map_entry+0x190/0x190
[  142.584586][ T2696]  ? __secure_computing+0x300/0x300
[  142.589619][ T2696]  ? __kasan_check_read+0x11/0x20
[  142.594482][ T2696]  ? preempt_schedule_irq+0xe7/0x140
[  142.599602][ T2696]  ? __cond_resched+0x20/0x20
[  142.604118][ T2696]  ? __schedule+0xcd4/0x1590
[  142.608540][ T2696]  ? sysvec_reschedule_ipi+0x8c/0x160
[  142.613752][ T2696]  __secure_computing+0xf0/0x300
[  142.618529][ T2696]  syscall_enter_from_user_mode+0xd5/0x1b0
[  142.624162][ T2696]  do_syscall_64+0x1e/0xb0
[  142.628419][ T2696]  ? clear_bhb_loop+0x35/0x90
[  142.632926][ T2696]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  142.638655][ T2696] RIP: 0033:0x7ffac183d849
[  142.642909][ T2696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.662349][ T2696] RSP: 002b:00007ffabfeb4058 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  142.670595][ T2696] RAX: ffffffffffffffda RBX: 00007ffac1a02fa0 RCX: 00007ffac183d849
[  142.678428][ T2696] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020000000
[  142.686216][ T2696] RBP: 00007ffabfeb40a0 R08: 0000000000000000 R09: 0000000000000000
[  142.694027][ T2696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.701837][ T2696] R13: 0000000000000000 R14: 00007ffac1a02fa0 R15: 00007ffe45eb1a08
[  142.709665][ T2696]  </TASK>
[  142.736427][ T2699] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  142.773827][ T2703] xt_hashlimit: size too large, truncated to 1048576
[  142.848688][  T300] usb 3-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice=9f.c7
[  142.860259][  T300] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.869705][  T300] usb 3-1: Product: syz
[  142.873755][  T300] usb 3-1: Manufacturer: syz
[  142.878182][  T300] usb 3-1: SerialNumber: syz
[  142.888339][ T2705] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  142.931166][ T2710] loop0: detected capacity change from 0 to 1024
[  143.005496][ T2710] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  143.017552][ T2715] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  143.170028][ T2721] loop1: detected capacity change from 0 to 512
[  143.494981][ T2721] EXT4-fs (loop1): Mount option "journal_async_commit" incompatible with ext2
[  143.559958][  T300] usb 3-1: USB disconnect, device number 10
[  143.594141][ T2721] netlink: 8 bytes leftover after parsing attributes in process `syz.1.688'.
[  143.629691][ T2721] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.451264][ T2746] device syzkaller0 entered promiscuous mode
[  144.807551][ T2754] netlink: 12 bytes leftover after parsing attributes in process `syz.1.697'.
[  144.828445][ T2754] netlink: 104 bytes leftover after parsing attributes in process `syz.1.697'.
[  144.989924][ T2757] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  145.257957][ T2767] loop1: detected capacity change from 0 to 512
[  145.292113][ T2767] EXT4-fs (loop1): Test dummy encryption mode enabled
[  145.394746][ T2767] EXT4-fs error (device loop1): ext4_fill_super:4832: inode #2: comm syz.1.700: casefold flag without casefold feature
[  145.408179][ T2767] EXT4-fs (loop1): get root inode failed
[  145.413784][ T2767] EXT4-fs (loop1): mount failed
[  145.428753][  T440] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  145.798638][  T440] usb 4-1: Using ep0 maxpacket: 32
[  146.318870][  T440] usb 4-1: config 2 has an invalid interface number: 219 but max is 0
[  146.327546][  T440] usb 4-1: config 2 has no interface number 0
[  146.335660][  T440] usb 4-1: config 2 interface 219 has no altsetting 0
[  146.558857][  T440] usb 4-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice=9f.c7
[  146.567836][  T440] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.575916][  T440] usb 4-1: Product: syz
[  146.580110][  T440] usb 4-1: Manufacturer: syz
[  146.584514][  T440] usb 4-1: SerialNumber: syz
[  146.837206][    T6] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  146.858754][   T30] kauditd_printk_skb: 112 callbacks suppressed
[  146.858773][   T30] audit: type=1326 audit(2000000115.830:2326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  146.889319][   T30] audit: type=1326 audit(2000000115.860:2327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.020212][  T440] usb 4-1: USB disconnect, device number 9
[  147.105320][   T30] audit: type=1400 audit(2000000116.070:2328): avc:  denied  { write } for  pid=2786 comm="syz.0.708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  147.125197][    T6] usb 3-1: Using ep0 maxpacket: 16
[  147.158776][   T30] audit: type=1326 audit(2000000116.130:2329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.217919][   T30] audit: type=1326 audit(2000000116.150:2330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.255639][   T30] audit: type=1326 audit(2000000116.180:2331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.298804][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  147.312098][   T30] audit: type=1326 audit(2000000116.210:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.357767][   T30] audit: type=1326 audit(2000000116.250:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.381856][   T30] audit: type=1326 audit(2000000116.270:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.408450][   T30] audit: type=1326 audit(2000000116.300:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2745 comm="syz.2.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3229d0944b code=0x7ffc0000
[  147.490418][ T2802] loop3: detected capacity change from 0 to 512
[  147.528736][    T6] usb 3-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  147.547815][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.563972][    T6] usb 3-1: Product: syz
[  147.576836][    T6] usb 3-1: config 0 descriptor??
[  147.596016][ T2810] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  147.618766][    T6] usb 3-1: can't set config #0, error -71
[  147.625430][    T6] usb 3-1: USB disconnect, device number 11
[  148.250303][ T2818] loop2: detected capacity change from 0 to 512
[  148.257665][ T2818] EXT4-fs (loop2): Test dummy encryption mode enabled
[  148.397834][ T2818] EXT4-fs error (device loop2): ext4_fill_super:4832: inode #2: comm syz.2.714: casefold flag without casefold feature
[  148.411606][ T2818] EXT4-fs (loop2): get root inode failed
[  148.417092][ T2818] EXT4-fs (loop2): mount failed
[  148.472816][ T2802] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.530996][ T2802] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.979635][ T2833] loop4: detected capacity change from 0 to 1024
[  150.015440][ T2837] loop1: detected capacity change from 0 to 16
[  150.035789][ T2833] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  150.067525][ T2840] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  150.081994][ T2842] loop2: detected capacity change from 0 to 256
[  150.138986][ T2842] exfat: Deprecated parameter 'namecase'
[  150.147407][ T2842] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc2dc8e67, utbl_chksum : 0xe619d30d)
[  150.215666][ T2856] loop1: detected capacity change from 0 to 512
[  150.258039][ T2856] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  150.268658][ T1691] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  150.276468][ T2856] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.678703][ T1691] usb 1-1: config 0 has an invalid interface number: 182 but max is 1
[  150.686806][ T1691] usb 1-1: config 0 has an invalid interface number: 9 but max is 1
[  150.694668][ T1691] usb 1-1: config 0 has no interface number 0
[  150.700594][ T1691] usb 1-1: config 0 has no interface number 1
[  150.706443][ T1691] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af
[  150.708606][    T6] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  150.715388][ T1691] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.731134][ T1691] usb 1-1: config 0 descriptor??
[  150.769961][ T1691] snd-usb-audio: probe of 1-1:0.182 failed with error -2
[  150.788694][ T2278] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  152.257782][ T2873] loop0: detected capacity change from 0 to 256
[  152.321437][ T2873] exfat: Unknown parameter 'Ù
'
[  152.489904][ T2880] 9pnet: Insufficient options for proto=fd
[  152.508792][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.519891][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.529656][    T6] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  152.562116][ T2882] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  152.607756][ T2883] loop4: detected capacity change from 0 to 512
[  152.653837][ T2883] EXT4-fs (loop4): Test dummy encryption mode enabled
[  152.722327][ T2883] EXT4-fs error (device loop4): ext4_fill_super:4832: inode #2: comm syz.4.733: casefold flag without casefold feature
[  152.735918][ T2883] EXT4-fs (loop4): get root inode failed
[  152.741501][ T2883] EXT4-fs (loop4): mount failed
[  152.910600][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.947617][ T2278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.482112][ T2888] tipc: Invalid UDP bearer configuration
[  153.482140][ T2888] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  154.141487][ T1691] usb 1-1: USB disconnect, device number 7
[  154.180518][ T2278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.192206][    T6] usb 3-1: config 0 descriptor??
[  154.199275][ T2278] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  154.208541][ T2278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.208682][    T6] usb 3-1: can't set config #0, error -71
[  154.228802][ T2278] usb 4-1: config 0 descriptor??
[  154.236309][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  154.236325][   T30] audit: type=1326 audit(2000000123.200:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2898 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  154.892716][ T2909] tipc: Invalid UDP bearer configuration
[  154.892742][ T2909] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  154.934943][    T6] usb 3-1: USB disconnect, device number 12
[  154.942034][   T30] audit: type=1326 audit(2000000123.200:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2898 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  154.965787][   T30] audit: type=1326 audit(2000000123.200:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2898 comm="syz.3.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d48b36849 code=0x7ffc0000
[  155.057959][ T2278] usb 4-1: can't set config #0, error -71
[  155.064325][ T2278] usb 4-1: USB disconnect, device number 10
[  155.071019][ T2902] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  155.238628][   T30] audit: type=1326 audit(2000000124.200:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2920 comm="syz.2.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  155.272729][   T30] audit: type=1326 audit(2000000124.200:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2920 comm="syz.2.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  155.501685][ T2938] loop4: detected capacity change from 0 to 512
[  158.629569][ T2938] EXT4-fs (loop4): Test dummy encryption mode enabled
[  158.643457][ T2938] EXT4-fs error (device loop4): ext4_fill_super:4832: inode #2: comm syz.4.749: casefold flag without casefold feature
[  158.658804][ T2938] EXT4-fs (loop4): get root inode failed
[  158.664273][ T2938] EXT4-fs (loop4): mount failed
[  158.701612][ T2945] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  158.737018][   T30] audit: type=1326 audit(2000000124.200:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2920 comm="syz.2.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3229d09849 code=0x7ffc0000
[  158.792724][ T2951] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  158.801026][  T329] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  158.881535][   T30] audit: type=1400 audit(2000000127.850:2352): avc:  denied  { getattr } for  pid=2953 comm="syz.1.757" name="/" dev="incremental-fs" ino=806 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  158.904969][   T30] audit: type=1400 audit(2000000127.850:2353): avc:  denied  { read } for  pid=2953 comm="syz.1.757" name="file0" dev="overlay" ino=807 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  158.940194][   T30] audit: type=1400 audit(2000000127.850:2354): avc:  denied  { open } for  pid=2953 comm="syz.1.757" path="/144/bus/file0" dev="overlay" ino=807 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  159.025068][   T30] audit: type=1326 audit(2000000127.990:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2965 comm="syz.4.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  159.097216][ T2971] loop4: detected capacity change from 0 to 512
[  159.225341][ T2962] loop3: detected capacity change from 0 to 512
[  159.233118][ T2975] loop1: detected capacity change from 0 to 1024
[  159.260876][ T2971] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  159.271895][ T2971] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.286127][ T2975] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  159.408262][ T1691] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  159.440427][ T2962] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  159.452654][ T2962] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.463740][ T2962] capability: warning: `syz.3.760' uses 32-bit capabilities (legacy support in use)
[  159.668809][ T1691] usb 3-1: Using ep0 maxpacket: 32
[  159.907522][ T2994] syz.3.769[2994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.907716][ T2994] syz.3.769[2994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.922412][ T2994] device pim6reg1 entered promiscuous mode
[  160.083772][ T1691] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.095116][ T1691] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.198267][ T2999] loop3: detected capacity change from 0 to 1024
[  160.228965][ T3001] loop0: detected capacity change from 0 to 16
[  160.236370][ T3001] erofs: Unknown parameter 'ÿÿÿÿ01777777777777777777777ÿÿ'
[  160.246117][ T2999] EXT4-fs (loop3): dax option not supported
[  160.261471][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  160.261488][   T30] audit: type=1326 audit(2000000129.230:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3006 comm="syz.1.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.295764][   T30] audit: type=1326 audit(2000000129.230:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3006 comm="syz.1.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.319377][   T30] audit: type=1326 audit(2000000129.230:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3006 comm="syz.1.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.343200][   T30] audit: type=1326 audit(2000000129.230:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3006 comm="syz.1.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.368956][ T1691] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  160.392465][ T1691] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  160.411087][ T1691] usb 3-1: Product: syz
[  160.415447][ T1691] usb 3-1: Manufacturer: syz
[  160.422704][ T3011] device syzkaller0 entered promiscuous mode
[  160.535392][   T30] audit: type=1326 audit(2000000129.500:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.559367][ T1691] hub 3-1:4.0: USB hub found
[  160.563885][   T30] audit: type=1326 audit(2000000129.500:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.596725][   T30] audit: type=1326 audit(2000000129.500:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.720610][   T30] audit: type=1326 audit(2000000129.500:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  160.778744][ T1691] hub 3-1:4.0: 2 ports detected
[  160.965231][   T30] audit: type=1326 audit(2000000129.500:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  161.008594][   T30] audit: type=1326 audit(2000000129.500:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44e41f6849 code=0x7ffc0000
[  161.158711][ T1691] hub 3-1:4.0: hub_hub_status failed (err = -32)
[  161.166219][ T1691] hub 3-1:4.0: config failed, can't get hub status (err -32)
[  161.189587][ T3023] loop3: detected capacity change from 0 to 40427
[  161.636709][  T440] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  161.663063][ T3023] F2FS-fs (loop3): fault_injection options not supported
[  161.671797][ T3023] F2FS-fs (loop3): invalid crc value
[  161.679613][ T1691] usb 3-1: USB disconnect, device number 13
[  161.699595][ T3023] F2FS-fs (loop3): Found nat_bits in checkpoint
[  161.743819][ T3023] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  161.888633][  T440] usb 2-1: Using ep0 maxpacket: 16
[  161.986322][ T3037] loop4: detected capacity change from 0 to 128
[  161.996467][ T3040] loop0: detected capacity change from 0 to 512
[  162.012959][  T440] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  162.064253][ T3037] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  162.076027][ T3037] ext4 filesystem being mounted at /136/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  162.127414][ T3040] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  162.138453][ T3040] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.316622][ T3050] tipc: Invalid UDP bearer configuration
[  165.317167][ T3050] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  165.698908][  T440] usb 2-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  165.717261][  T440] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.725597][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  165.725613][   T30] audit: type=1326 audit(2000000134.660:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f44e41f644b code=0x7ffc0000
[  165.799002][   T30] audit: type=1326 audit(2000000134.670:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3010 comm="syz.1.776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f44e41f644b code=0x7ffc0000
[  165.842249][ T3058] loop2: detected capacity change from 0 to 1024
[  165.845737][  T440] usb 2-1: Product: syz
[  165.859228][  T440] usb 2-1: Manufacturer: syz
[  165.863662][  T440] usb 2-1: SerialNumber: syz
[  165.880805][  T440] usb 2-1: config 0 descriptor??
[  165.898760][  T440] usb 2-1: can't set config #0, error -71
[  165.907653][   T30] audit: type=1326 audit(2000000134.840:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3059 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  165.938678][  T440] usb 2-1: USB disconnect, device number 6
[  165.962401][ T3069] loop4: detected capacity change from 0 to 1024
[  165.978863][   T30] audit: type=1326 audit(2000000134.840:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3059 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  165.992085][ T3058] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  166.003344][   T30] audit: type=1326 audit(2000000134.840:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3059 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  166.052511][   T30] audit: type=1326 audit(2000000134.840:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3059 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  166.068284][ T3076] loop1: detected capacity change from 0 to 1024
[  166.075941][   T30] audit: type=1326 audit(2000000134.840:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3059 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac183d849 code=0x7ffc0000
[  166.177364][ T3069] EXT4-fs (loop4): dax option not supported
[  166.237490][ T3076] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  166.269012][ T3085] xt_hashlimit: size too large, truncated to 1048576
[  166.650711][ T3095] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  166.958610][   T30] audit: type=1400 audit(2000000135.890:2424): avc:  denied  { read } for  pid=3104 comm="syz.2.797" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  168.228385][   T30] audit: type=1400 audit(2000000135.900:2425): avc:  denied  { open } for  pid=3104 comm="syz.2.797" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  168.330877][   T30] audit: type=1400 audit(2000000137.300:2426): avc:  denied  { connect } for  pid=3114 comm="syz.1.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  168.608631][ T1691] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  169.498630][ T1691] usb 1-1: Using ep0 maxpacket: 8
[  169.518636][  T440] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  169.774780][ T1691] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.809633][ T1691] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBE, skipping
[  169.885268][ T1691] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  169.979955][ T3140] kvm [3139]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0xfd0000080c
[  170.066197][ T3140] kvm [3139]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x2480000081a
[  170.501892][  T440] usb 4-1: Using ep0 maxpacket: 8
[  170.618682][  T440] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  170.637637][ T3150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.810'.
[  170.638684][ T1691] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  170.655166][  T440] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  170.664747][ T1691] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  170.672892][  T440] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.683057][ T1691] usb 1-1: Product: syz
[  170.753307][  T440] usb 4-1: config 0 descriptor??
[  170.758161][ T1691] usb 1-1: Manufacturer: syz
[  170.762619][ T1691] usb 1-1: SerialNumber: syz
[  170.768354][ T1691] usb 1-1: config 0 descriptor??
[  170.813015][ T1691] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  170.865511][ T3161] tmpfs: Unknown parameter 'usrquota'
[  172.163652][ T1691] usb 1-1: USB disconnect, device number 9
[  172.769549][ T2278] usb 4-1: USB disconnect, device number 11
[  173.368625][  T425] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  173.487449][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  173.487464][   T30] audit: type=1400 audit(2000000142.450:2430): avc:  denied  { create } for  pid=3205 comm="syz.4.827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  173.513299][ T2278] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  173.728842][  T425] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.739667][  T425] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.750065][  T425] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  173.758611][   T30] audit: type=1400 audit(2000000142.730:2431): avc:  denied  { unlink } for  pid=3209 comm="syz.2.829" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  173.763183][  T425] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  173.793797][  T425] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.798597][   T63] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  173.802691][  T425] usb 1-1: config 0 descriptor??
[  173.809533][ T2278] usb 4-1: Using ep0 maxpacket: 32
[  173.840018][ T3216] overlayfs: statfs failed on './file0'
[  173.948860][ T2278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.962564][ T2278] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.974493][ T2278] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  173.983940][ T2278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.008933][ T2278] usb 4-1: config 0 descriptor??
[  174.088753][   T63] usb 5-1: Using ep0 maxpacket: 8
[  174.158265][   T30] audit: type=1400 audit(2000000143.120:2432): avc:  denied  { setopt } for  pid=3232 comm="syz.1.838" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  174.228686][   T63] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  174.238930][   T63] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  174.247637][   T63] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  174.260267][   T63] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  174.271720][   T63] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  174.281010][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.299498][  T425] acrux 0003:1A34:0802.0010: unknown main item tag 0x0
[  174.306208][  T425] acrux 0003:1A34:0802.0010: unknown main item tag 0x0
[  174.315651][  T425] acrux 0003:1A34:0802.0010: unknown main item tag 0x0
[  174.322595][  T425] acrux 0003:1A34:0802.0010: unknown main item tag 0x0
[  174.329532][  T425] acrux 0003:1A34:0802.0010: unknown main item tag 0x0
[  174.338872][  T320] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  174.340881][  T425] acrux 0003:1A34:0802.0010: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0
[  174.346831][   T63] hub 5-1:1.0: bad descriptor, ignoring hub
[  174.361151][  T425] acrux 0003:1A34:0802.0010: no inputs found
[  174.364879][   T63] hub: probe of 5-1:1.0 failed with error -5
[  174.374983][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  174.379034][  T425] acrux 0003:1A34:0802.0010: Failed to enable force feedback support, error: -19
[  174.382477][   T63] cdc_wdm 5-1:1.0: skipping garbage
[  174.395656][   T26] ==================================================================
[  174.401340][   T63] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  174.403539][   T26] BUG: KASAN: use-after-free in __list_del_entry_valid+0x2f/0x120
[  174.416906][   T26] Read of size 8 at addr ffff88810d9ccb08 by task kworker/1:0/26
[  174.424461][   T26] 
[  174.426628][   T26] CPU: 1 PID: 26 Comm: kworker/1:0 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  174.436261][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.446161][   T26] Workqueue: events binder_deferred_func
[  174.451628][   T26] Call Trace:
[  174.454752][   T26]  <TASK>
[  174.457527][   T26]  dump_stack_lvl+0x151/0x1c0
[  174.462037][   T26]  ? io_uring_drop_tctx_refs+0x190/0x190
[  174.467506][   T26]  ? panic+0x760/0x760
[  174.471409][   T26]  ? kasan_quarantine_put+0x34/0x1a0
[  174.476549][   T26]  print_address_description+0x87/0x3b0
[  174.481912][   T26]  kasan_report+0x179/0x1c0
[  174.486249][   T26]  ? _raw_spin_lock+0xa4/0x1b0
[  174.490859][   T26]  ? __list_del_entry_valid+0x2f/0x120
[  174.496145][   T26]  ? __list_del_entry_valid+0x2f/0x120
[  174.501439][   T26]  __asan_report_load8_noabort+0x14/0x20
[  174.506915][   T26]  __list_del_entry_valid+0x2f/0x120
[  174.512038][   T26]  binder_release_work+0xcd/0x680
[  174.516897][   T26]  binder_deferred_func+0x1847/0x1bc0
[  174.522099][   T26]  ? read_word_at_a_time+0x12/0x20
[  174.527158][   T26]  process_one_work+0x6bb/0xc10
[  174.531839][   T26]  worker_thread+0xad5/0x12a0
[  174.536358][   T26]  kthread+0x421/0x510
[  174.540245][   T26]  ? worker_clr_flags+0x180/0x180
[  174.545107][   T26]  ? kthread_blkcg+0xd0/0xd0
[  174.549654][   T26]  ret_from_fork+0x1f/0x30
[  174.553896][   T26]  </TASK>
[  174.556768][   T26] 
[  174.558925][   T26] Allocated by task 3237:
[  174.563087][   T26]  ____kasan_kmalloc+0xdb/0x110
[  174.567771][   T26]  __kasan_kmalloc+0x9/0x10
[  174.572114][   T26]  kmem_cache_alloc_trace+0x115/0x210
[  174.577326][   T26]  binder_thread_write+0x9f5/0x6ec0
[  174.582353][   T26]  binder_ioctl_write_read+0x205/0x7300
[  174.587733][   T26]  binder_ioctl+0x371/0x2640
[  174.592162][   T26]  __se_sys_ioctl+0x114/0x190
[  174.596675][   T26]  __x64_sys_ioctl+0x7b/0x90
[  174.601103][   T26]  x64_sys_call+0x98/0x9a0
[  174.605355][   T26]  do_syscall_64+0x3b/0xb0
[  174.609605][   T26]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  174.615335][   T26] 
[  174.617677][   T26] Freed by task 26:
[  174.621323][   T26]  kasan_set_track+0x4b/0x70
[  174.625751][   T26]  kasan_set_free_info+0x23/0x40
[  174.630526][   T26]  ____kasan_slab_free+0x126/0x160
[  174.635471][   T26]  __kasan_slab_free+0x11/0x20
[  174.640070][   T26]  slab_free_freelist_hook+0xbd/0x190
[  174.645289][   T26]  kfree+0xc8/0x220
[  174.648923][   T26]  binder_free_ref+0x128/0x260
[  174.653523][   T26]  binder_deferred_func+0x171c/0x1bc0
[  174.658732][   T26]  process_one_work+0x6bb/0xc10
[  174.663419][   T26]  worker_thread+0xad5/0x12a0
[  174.667929][   T26]  kthread+0x421/0x510
[  174.671835][   T26]  ret_from_fork+0x1f/0x30
[  174.676089][   T26] 
[  174.678257][   T26] The buggy address belongs to the object at ffff88810d9ccb00
[  174.678257][   T26]  which belongs to the cache kmalloc-64 of size 64
[  174.691970][   T26] The buggy address is located 8 bytes inside of
[  174.691970][   T26]  64-byte region [ffff88810d9ccb00, ffff88810d9ccb40)
[  174.704819][   T26] The buggy address belongs to the page:
[  174.710297][   T26] page:ffffea0004367300 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88810d9cc000 pfn:0x10d9cc
[  174.721654][   T26] flags: 0x4000000000000200(slab|zone=1)
[  174.727133][   T26] raw: 4000000000000200 ffffea0004c96080 0000001100000011 ffff888100042780
[  174.735558][   T26] raw: ffff88810d9cc000 000000008020001e 00000001ffffffff 0000000000000000
[  174.743966][   T26] page dumped because: kasan: bad access detected
[  174.750224][   T26] page_owner tracks the page as allocated
[  174.755760][   T26] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 102, ts 4937698962, free_ts 0
[  174.770604][   T26]  post_alloc_hook+0x1a3/0x1b0
[  174.775206][   T26]  prep_new_page+0x1b/0x110
[  174.779545][   T26]  get_page_from_freelist+0x3550/0x35d0
[  174.784924][   T26]  __alloc_pages+0x27e/0x8f0
[  174.789348][   T26]  new_slab+0x9a/0x4e0
[  174.793355][   T26]  ___slab_alloc+0x39e/0x830
[  174.797767][   T26]  __slab_alloc+0x4a/0x90
[  174.801941][   T26]  kmem_cache_alloc_trace+0x142/0x210
[  174.807144][   T26]  kernfs_fop_open+0x7fa/0xab0
[  174.811742][   T26]  do_dentry_open+0x81c/0xfd0
[  174.816257][   T26]  vfs_open+0x73/0x80
[  174.820073][   T26]  path_openat+0x26f0/0x2f40
[  174.824500][   T26]  do_filp_open+0x21c/0x460
[  174.828841][   T26]  do_sys_openat2+0x13f/0x820
[  174.833353][   T26]  __x64_sys_openat+0x243/0x290
[  174.838040][   T26]  x64_sys_call+0x6bf/0x9a0
[  174.842380][   T26] page_owner free stack trace missing
[  174.847586][   T26] 
[  174.849757][   T26] Memory state around the buggy address:
[  174.855239][   T26]  ffff88810d9cca00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  174.863126][   T26]  ffff88810d9cca80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  174.871026][   T26] >ffff88810d9ccb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  174.878919][   T26]                       ^
[  174.883087][   T26]  ffff88810d9ccb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  174.890986][   T26]  ffff88810d9ccc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  174.898881][   T26] ==================================================================
[  174.906780][   T26] Disabling lock debugging due to kernel taint
[  174.913114][   T26] general protection fault, probably for non-canonical address 0xf9bffc3f00000003: 0000 [#1] PREEMPT SMP KASAN
[  174.924667][   T26] KASAN: maybe wild-memory-access in range [0xce0001f800000018-0xce0001f80000001f]
[  174.933769][   T26] CPU: 1 PID: 26 Comm: kworker/1:0 Tainted: G    B             5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  174.944784][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.954675][   T26] Workqueue: events binder_deferred_func
[  174.960144][   T26] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  174.966042][   T26] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 fc 7e 48 ff 49 8b 17 4c 39 f2 75
[  174.985487][   T26] RSP: 0018:ffffc900001b7c00 EFLAGS: 00010a06
[  174.991387][   T26] RAX: 19c0003f00000003 RBX: ffff88812a93fd00 RCX: ffffffff826a3ef9
[  174.999198][   T26] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff88810d9ccb00
[  175.007016][   T26] RBP: ffffc900001b7c20 R08: ffffffff8141a43b R09: 0000000000000003
[  175.014819][   T26] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: dffffc0000000000
[  175.022630][   T26] R13: ffff88810d9ccb00 R14: ffff88810d9ccb00 R15: ce0001f80000001a
[  175.030445][   T26] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  175.039221][   T26] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  175.045635][   T26] CR2: 000000110c2615b1 CR3: 0000000006a0f000 CR4: 00000000003506a0
[  175.053445][   T26] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  175.061269][   T26] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  175.069069][   T26] Call Trace:
[  175.072222][   T26]  <TASK>
[  175.074973][   T26]  ? __die_body+0x62/0xb0
[  175.079133][   T26]  ? die_addr+0x9f/0xd0
[  175.083127][   T26]  ? exc_general_protection+0x311/0x4b0
[  175.088510][   T26]  ? check_panic_on_warn+0x65/0xb0
[  175.093453][   T26]  ? asm_exc_general_protection+0x27/0x30
[  175.099010][   T26]  ? check_panic_on_warn+0x5b/0xb0
[  175.103955][   T26]  ? __list_del_entry_valid+0x49/0x120
[  175.109250][   T26]  ? __list_del_entry_valid+0x75/0x120
[  175.114544][   T26]  binder_release_work+0xcd/0x680
[  175.119404][   T26]  binder_deferred_func+0x1847/0x1bc0
[  175.124624][   T26]  ? read_word_at_a_time+0x12/0x20
[  175.129561][   T26]  process_one_work+0x6bb/0xc10
[  175.134254][   T26]  worker_thread+0xad5/0x12a0
[  175.138763][   T26]  kthread+0x421/0x510
[  175.142673][   T26]  ? worker_clr_flags+0x180/0x180
[  175.147536][   T26]  ? kthread_blkcg+0xd0/0xd0
[  175.151952][   T26]  ret_from_fork+0x1f/0x30
[  175.156207][   T26]  </TASK>
[  175.159171][   T26] Modules linked in:
[  175.163054][   T26] ---[ end trace 1b62f297c3088e93 ]---
[  175.164777][   T20] usb 5-1: USB disconnect, device number 10
[  175.168318][   T26] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  175.180086][   T26] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 fc 7e 48 ff 49 8b 17 4c 39 f2 75
[  175.199538][   T26] RSP: 0018:ffffc900001b7c00 EFLAGS: 00010a06
[  175.205401][   T26] RAX: 19c0003f00000003 RBX: ffff88812a93fd00 RCX: ffffffff826a3ef9
[  175.213237][   T26] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff88810d9ccb00
[  175.221072][   T26] RBP: ffffc900001b7c20 R08: ffffffff8141a43b R09: 0000000000000003
[  175.228860][   T26] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: dffffc0000000000
[  175.230294][ T2278] hid-generic 0003:0403:6030.0011: unknown main item tag 0x0
[  175.236640][   T26] R13: ffff88810d9ccb00 R14: ffff88810d9ccb00 R15: ce0001f80000001a
[  175.236661][   T26] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  175.236679][   T26] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  175.244757][  T320] usb 3-1: Using ep0 maxpacket: 8
[  175.251686][   T26] CR2: 000000110c2615b1 CR3: 0000000006a0f000 CR4: 00000000003506a0
[  175.251711][   T26] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  175.266878][ T2278] hid-generic 0003:0403:6030.0011: hidraw1: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.3-1/input0
[  175.271736][   T26] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  175.306531][   T26] Kernel panic - not syncing: Fatal exception
[  175.312712][   T26] Kernel Offset: disabled
[  175.316852][   T26] Rebooting in 86400 seconds..