last executing test programs:

2.213523195s ago: executing program 3 (id=3144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0xfff)
syz_emit_ethernet(0x8a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x54, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x2, 0x0, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa}, @md5sig={0x13, 0x12, "d082e275205e556149a021cc13c33d89"}, @window={0x3, 0x3}, @window={0x3, 0x3}, @sack_perm={0x4, 0x2}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "27406263e43d5959a166a23bd1116edc"}]}}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x14}}}}}}}, 0x0)

2.187766917s ago: executing program 3 (id=3145):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0)
flock(r0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r1, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
flock(r1, 0x2)

1.437036094s ago: executing program 4 (id=3154):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000004000001d8500000007000000440000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
clock_nanosleep(0x2, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f00000001c0)={[{@mblk_io_submit}, {@delalloc}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
getxattr(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0)

1.323955214s ago: executing program 3 (id=3155):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

1.310760764s ago: executing program 3 (id=3157):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, [@printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

1.263433469s ago: executing program 4 (id=3159):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @dev, @broadcast=0xac1414bb}}}}}}, 0x0)

1.13210921s ago: executing program 3 (id=3162):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x10, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x3c}}, 0x0)

1.091846614s ago: executing program 3 (id=3164):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000000040ef17856000000000000109022400010000000009040000fd030000000921000000012205000905810300000000"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000c00)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00220500"], 0x0}, 0x0)

991.737943ms ago: executing program 4 (id=3169):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r2, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x80004506, 0x0)

951.901636ms ago: executing program 1 (id=3180):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x41}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000e2bac15d3b6641a215f099e26603a050337b2ccc70a9f928ba3c529bb6e7365e7e246317380f5884d79663e7fcaa89795d7b10e88378c33265a7af06040e3d0bbc6a5864dfa023c6ac1da574242785bbb4ece12b11da52496875e1e384042aad63a3094bf3bc0e40a79960f9f1610940e67e30611d9873d1e6cb9c4cce44c999c49ff52a6400192fd021d7158438d7686a6f66778022c93c544189b684754e7e0f77a4f498609e53104c8aa70632fcc58c757bbc06f6472622dce2729d7296959ce003ec84acd015e352484c42fc29e5aea62fb7977813f7254fd6f62fec638abf292e6c33925b29"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x1c, &(0x7f00000003c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r3, 0x0, 0x0}, 0x10)

923.130769ms ago: executing program 1 (id=3171):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521)

832.120697ms ago: executing program 1 (id=3175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', <r3=>0x0})
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000200)=0x1de, 0x4)
bind$packet(r2, &(0x7f0000000080)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendto$packet(r2, &(0x7f0000000040)="bb53a945842851722bb479853e60", 0xe, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000004740)=[{{&(0x7f0000002200)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, 0x80, 0x0}}], 0x1, 0x2040, 0x0)

811.869549ms ago: executing program 1 (id=3176):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000017c0)={r1, &(0x7f00000002c0)="a8", &(0x7f00000003c0)=@udp6=r3}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000000), &(0x7f0000000100)=@tcp=r2}, 0x20)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r1, &(0x7f0000000100)='X', &(0x7f0000000040)=@udp=r4}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000017c0)={r1, &(0x7f00000002c0), &(0x7f00000003c0)=@udp6=r0}, 0x20)

786.408791ms ago: executing program 1 (id=3178):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
tgkill(r2, r2, 0x1a)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

760.529793ms ago: executing program 1 (id=3179):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000008c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0xa, '\t'}, @main=@item_4={0x3, 0x0, 0xa, "9eee0961"}]}}, 0x0}, 0x0)

542.454992ms ago: executing program 0 (id=3187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x5, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
sendto$inet(r1, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

513.040425ms ago: executing program 0 (id=3188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x4b4b, &(0x7f0000000100))

446.600001ms ago: executing program 0 (id=3191):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000020000f0000f901000000000002"], 0x1c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001fc0)=ANY=[@ANYBLOB="3c00000014000905000000000000000002000000", @ANYRES32=r4, @ANYBLOB="1400060000800000000000f00030000000f2ff0008000200ac"], 0x3c}}, 0x0)

395.679045ms ago: executing program 0 (id=3193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r1}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
close(r2)

308.932973ms ago: executing program 0 (id=3195):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socket(0x0, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r1, r3, 0x1, 0x0, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000400)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}, 0x0)

308.545343ms ago: executing program 0 (id=3196):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000500)=ANY=[@ANYBLOB="1f809a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB="00160200000009ca7f615e2a62c55e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f0000000240)={0x0, 0xc, 0x5, "44e7c10303"}, 0x0, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x89}, &(0x7f0000000380), 0x0})

303.327924ms ago: executing program 4 (id=3197):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x2, 0x0}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

152.641017ms ago: executing program 4 (id=3198):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

135.511298ms ago: executing program 2 (id=3199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x25)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001100290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0)

135.097488ms ago: executing program 4 (id=3200):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00220c00000083"], 0x0}, 0x0)

61.019965ms ago: executing program 2 (id=3201):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000002300)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x4}}, 0x10, 0x0}, 0x0)
sendmsg$tipc(r2, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(r0, 0x0, 0x0, 0x0)

11.650639ms ago: executing program 2 (id=3202):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1], 0x18}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000200)=r3}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r1)
close(r4)

11.222099ms ago: executing program 2 (id=3203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1807000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={<r4=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000100)={'wg2\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x20, r2, 0x1, 0x0, 0x0, {0xd}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0)

10.791069ms ago: executing program 2 (id=3204):
munmap(&(0x7f0000003000/0x1000)=nil, 0x1000)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
pwritev2(r0, &(0x7f0000000300), 0x0, 0xd8f6, 0x800, 0xe)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
fcntl$setlease(r3, 0x400, 0x3)

0s ago: executing program 2 (id=3205):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000003c0)='\x00', 0x1, 0x0, 0x0, 0x0)
poll(&(0x7f0000000000)=[{r0}], 0x1, 0xef)
close(r0)

0s ago: executing program 2 (id=3206):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000200)={'syz0\x00', {}, 0x50, [0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x101], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fff], [0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffc, 0x0, 0xef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe61], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_DEV_CREATE(r2, 0x5501)
r3 = syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000040))
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

][ T7357] F2FS-fs (loop2): invalid crc value
[  249.708188][ T7357] F2FS-fs (loop2): Found nat_bits in checkpoint
[  249.857628][ T7357] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  249.884159][ T7357] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  249.972525][    T8] attempt to access beyond end of device
[  249.972525][    T8] loop2: rw=2049, want=45120, limit=40427
[  249.984810][ T7390] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.992026][ T7390] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.004181][ T5881] attempt to access beyond end of device
[  250.004181][ T5881] loop2: rw=524288, want=45072, limit=40427
[  250.016142][ T7390] device bridge_slave_0 entered promiscuous mode
[  250.023474][ T7390] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.030423][ T5881] attempt to access beyond end of device
[  250.030423][ T5881] loop2: rw=0, want=45072, limit=40427
[  250.030639][ T7390] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.048493][ T7390] device bridge_slave_1 entered promiscuous mode
[  250.136406][ T7404] loop0: detected capacity change from 0 to 1024
[  250.137368][ T7390] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.149454][ T7390] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.156542][ T7390] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.163407][ T7390] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.176767][ T1503] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  250.192159][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  250.200011][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.207262][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.230928][ T7404] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  250.247651][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  250.255911][ T7404] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  250.264064][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.270937][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.278778][ T7404] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e018, mo2=0000]
[  250.287593][ T7404] System zones: 0-1, 3-12
[  250.291980][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  250.297308][ T7404] EXT4-fs (loop0): orphan cleanup on readonly fs
[  250.300557][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.312896][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.312978][ T7404] EXT4-fs error (device loop0): ext4_free_blocks:6224: comm syz.0.2713: Freeing blocks not in datazone - block = 0, count = 4096
[  250.336689][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  250.338495][ T7404] EXT4-fs (loop0): 1 orphan inode deleted
[  250.349854][ T7404] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,max_batch_time=0x0000000000000400,stripe=0x0000000000000800,grpjquota=,debug,,errors=continue. Quota mode: writeback.
[  250.385509][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  250.415270][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  250.422904][ T1503] usb 4-1: Using ep0 maxpacket: 8
[  250.428608][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  250.435975][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  250.443737][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  250.457996][  T324] device bridge_slave_1 left promiscuous mode
[  250.464015][  T324] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.471492][  T324] device bridge_slave_0 left promiscuous mode
[  250.477835][  T324] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.486892][  T324] device veth1_macvtap left promiscuous mode
[  250.492767][  T324] device veth0_vlan left promiscuous mode
[  250.512420][ T7418] syz.0.2721[7418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  250.512501][ T7418] syz.0.2721[7418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  250.528617][ T7418] loop0: detected capacity change from 0 to 512
[  250.547544][ T1503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.559607][ T1503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.570432][ T7418] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  250.577550][ T1503] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  250.590298][ T7418] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  250.600112][ T1503] usb 4-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  250.601638][ T7418] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.2721: corrupted in-inode xattr
[  250.609245][ T1503] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.626107][ T7418] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.2721: couldn't read orphan inode 15 (err -117)
[  250.640488][ T7418] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,mblk_io_submit,user_xattr,auto_da_alloc,lazytime,quota,,errors=continue. Quota mode: writeback.
[  250.641015][ T7390] device veth0_vlan entered promiscuous mode
[  250.672693][ T1503] usb 4-1: config 0 descriptor??
[  250.693668][ T7422] loop4: detected capacity change from 0 to 2048
[  250.700456][ T7390] device veth1_macvtap entered promiscuous mode
[  250.711084][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.724335][ T7424] loop7: detected capacity change from 0 to 16384
[  250.734455][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.743316][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  250.753790][ T7422] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  250.767895][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  250.780224][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  250.806069][ T7422] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2722: corrupted inode contents
[  250.818813][ T7422] EXT4-fs error (device loop4): ext4_setent:3666: inode #12: comm syz.4.2722: mark_inode_dirty error
[  250.831067][ T7422] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz.4.2722: corrupted inode contents
[  250.831258][ T7424] blk_update_request: I/O error, dev loop7, sector 4096 op 0x0:(READ) flags 0x0 phys_seg 13 prio class 0
[  250.843339][ T7422] EXT4-fs error (device loop4): ext4_setent:3666: inode #12: comm syz.4.2722: mark_inode_dirty error
[  250.882465][ T7410] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.899177][ T7410] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.906460][ T7410] device bridge_slave_0 entered promiscuous mode
[  250.913792][ T7410] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.921529][ T7410] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.931277][ T7032] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /27/file0: bad entry in directory: inode out of bounds - offset=92, inode=32784, rec_len=16, size=2048 fake=0
[  250.952424][ T7032] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 7: padding at end of block bitmap is not set
[  250.956055][ T7410] device bridge_slave_1 entered promiscuous mode
[  250.973105][ T7032] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6184: Corrupt filesystem
[  250.982455][ T7032] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz-executor: corrupted inode contents
[  250.994611][ T7032] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #12: comm syz-executor: mark_inode_dirty error
[  251.006301][ T7032] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #12: comm syz-executor: corrupted inode contents
[  251.055156][ T7438] loop0: detected capacity change from 0 to 1024
[  251.094854][ T7410] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.101739][ T7410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.108852][ T7410] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.115598][ T7410] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.123902][ T7438] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000004,nombcache,,errors=continue. Quota mode: none.
[  251.146782][ T7438] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038 (0x7fffffff)
[  251.178769][ T1503] hid-steam 0003:28DE:1102.0089: unknown main item tag 0x0
[  251.186067][ T1503] hid-steam 0003:28DE:1102.0089: : USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  251.190786][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  251.204333][ T3035] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.211929][ T3035] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.246968][ T1503] hid-steam 0003:28DE:1102.008A: unknown main item tag 0x0
[  251.258154][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  251.266094][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.273025][  T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.279635][ T1503] hid-steam 0003:28DE:1102.008A: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  251.281160][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  251.299327][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.306156][  T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.332792][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  251.347004][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  251.377491][ T1503] hid-steam 0003:28DE:1102.0089: Steam Controller 'XXXXXXXXXX' connected
[  251.386211][ T7443] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.386841][ T7394] input: Steam Controller as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1102.0089/input/input86
[  251.405277][ T1503] input: Steam Controller as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1102.0089/input/input87
[  251.430206][ T7443] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.452189][ T1503] usb 4-1: USB disconnect, device number 39
[  251.459051][ T7443] device bridge_slave_0 entered promiscuous mode
[  251.478504][ T1503] hid-steam 0003:28DE:1102.0089: Steam Controller 'XXXXXXXXXX' disconnected
[  251.488282][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  251.491271][ T7453] loop0: detected capacity change from 0 to 512
[  251.502191][ T7410] device veth0_vlan entered promiscuous mode
[  251.512170][ T7443] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.519273][ T7443] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.532552][ T7443] device bridge_slave_1 entered promiscuous mode
[  251.540192][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  251.548826][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  251.556396][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  251.574373][ T7410] device veth1_macvtap entered promiscuous mode
[  251.590636][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  251.597820][ T7453] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  251.613146][ T7453] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[  251.631250][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  251.638730][ T7453] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  251.655950][ T7453] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 2 with error 28
[  251.668374][ T7453] EXT4-fs (loop0): This should not happen!! Data will be lost
[  251.668374][ T7453] 
[  251.668791][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  251.678165][ T7453] EXT4-fs (loop0): Total free blocks count 0
[  251.691610][ T7453] EXT4-fs (loop0): Free/Dirty block details
[  251.697401][ T7453] EXT4-fs (loop0): free_blocks=65281
[  251.705735][ T7453] EXT4-fs (loop0): dirty_blocks=2
[  251.710934][ T7453] EXT4-fs (loop0): Block reservation details
[  251.719765][ T7453] EXT4-fs (loop0): i_reserved_data_blocks=2
[  251.797761][ T7460] loop7: detected capacity change from 0 to 16384
[  251.835030][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  251.849599][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  251.878003][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  251.886196][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  251.894268][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.901119][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.908374][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  251.916530][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  251.925229][   T54] blk_update_request: I/O error, dev loop7, sector 5632 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  251.937130][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.943991][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.977240][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  251.985373][ T7466] loop3: detected capacity change from 0 to 128
[  251.993431][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  252.002945][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  252.010783][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  252.021108][ T7443] device veth0_vlan entered promiscuous mode
[  252.029996][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  252.038163][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  252.045412][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  252.059821][ T7443] device veth1_macvtap entered promiscuous mode
[  252.068491][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  252.080902][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  252.089262][ T3035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  252.106893][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  252.114959][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  252.136702][  T293] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  252.167596][ T7474] loop4: detected capacity change from 0 to 128
[  252.227995][ T7445] loop1: detected capacity change from 0 to 131072
[  252.269248][ T7445] F2FS-fs (loop1): invalid crc value
[  252.278540][ T7445] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  252.283945][ T7474] attempt to access beyond end of device
[  252.283945][ T7474] loop4: rw=34817, want=241, limit=128
[  252.328437][   T45] attempt to access beyond end of device
[  252.328437][   T45] loop4: rw=1, want=1041, limit=128
[  252.345356][ T7445] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  252.382681][ T7493] bpf_get_probe_write_proto: 2 callbacks suppressed
[  252.382697][ T7493] syz.4.2743[7493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.383195][ T7445] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[  252.389633][ T7493] syz.4.2743[7493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.413192][ T7493] ªªªªªª: renamed from vlan0
[  252.481423][ T7500] bridge0: port 3(vlan0) entered blocking state
[  252.488457][ T7500] bridge0: port 3(vlan0) entered disabled state
[  252.495061][ T7500] device vlan0 entered promiscuous mode
[  252.500976][ T7500] bridge0: port 3(vlan0) entered blocking state
[  252.506762][  T293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.507070][ T7500] bridge0: port 3(vlan0) entered forwarding state
[  252.525489][ T7500] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  252.540868][  T293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.550814][  T293] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  252.555471][ T7500] device vlan0 left promiscuous mode
[  252.564818][  T293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.565055][ T7500] bridge0: port 3(vlan0) entered disabled state
[  252.582664][  T293] usb 1-1: config 0 descriptor??
[  252.632927][ T7508] kernel profiling enabled (shift: 10)
[  252.662895][  T324] tipc: Left network mode
[  252.662989][ T7508] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  252.916641][   T39] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  252.926893][  T293] usbhid 1-1:0.0: can't add hid device: -71
[  252.936822][  T293] usbhid: probe of 1-1:0.0 failed with error -71
[  252.945413][  T293] usb 1-1: USB disconnect, device number 41
[  252.955316][ T7527] loop7: detected capacity change from 0 to 16384
[  253.013020][   T54] blk_update_request: I/O error, dev loop7, sector 7936 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  253.046051][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  253.046063][   T30] audit: type=1326 audit(1726194519.758:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.2.2758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ea6809ef9 code=0x7ffc0000
[  253.078542][   T30] audit: type=1326 audit(1726194519.768:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.2.2758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ea6809ef9 code=0x7ffc0000
[  253.101956][   T30] audit: type=1326 audit(1726194519.778:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.2.2758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f6ea6809ef9 code=0x7ffc0000
[  253.131493][   T30] audit: type=1326 audit(1726194519.778:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.2.2758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ea6809ef9 code=0x7ffc0000
[  253.163114][   T30] audit: type=1326 audit(1726194519.778:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.2.2758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ea6809ef9 code=0x7ffc0000
[  253.197385][  T324] device bridge_slave_1 left promiscuous mode
[  253.203475][  T324] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.210500][   T30] audit: type=1326 audit(1726194519.918:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7536 comm="syz.4.2761" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27bef14ef9 code=0x0
[  253.235805][  T324] device bridge_slave_0 left promiscuous mode
[  253.245308][  T324] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.253611][  T324] device veth1_macvtap left promiscuous mode
[  253.259645][  T324] device veth0_vlan left promiscuous mode
[  253.288450][   T30] audit: type=1400 audit(1726194520.008:1968): avc:  denied  { write } for  pid=7547 comm="syz.4.2765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  253.311961][   T30] audit: type=1400 audit(1726194520.038:1969): avc:  denied  { nlmsg_write } for  pid=7547 comm="syz.4.2765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  253.360911][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.381714][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.382110][   T30] audit: type=1400 audit(1726194520.098:1970): avc:  denied  { write } for  pid=7549 comm="syz.0.2766" name="ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  253.392503][   T39] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  253.437400][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.451200][   T39] usb 4-1: config 0 descriptor??
[  253.478098][  T293] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  253.552917][ T7564] loop2: detected capacity change from 0 to 1024
[  253.566048][ T7564] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  253.577387][ T7564] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[  253.726591][  T293] usb 2-1: Using ep0 maxpacket: 16
[  253.846659][  T293] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.857777][  T293] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.867367][  T293] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  253.876179][  T293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.887032][  T293] usb 2-1: config 0 descriptor??
[  253.926682][   T20] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  253.937227][   T39] hid (null): bogus close delimiter
[  254.146679][   T39] usb 4-1: language id specifier not provided by device, defaulting to English
[  254.286712][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.297503][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.307032][   T20] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  254.315893][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.324441][   T20] usb 1-1: config 0 descriptor??
[  254.367444][  T293] cp2112 0003:10C4:EA90.008C: unknown main item tag 0x0
[  254.377132][  T293] cp2112 0003:10C4:EA90.008C: unknown main item tag 0x0
[  254.384037][  T293] cp2112 0003:10C4:EA90.008C: unknown main item tag 0x0
[  254.390962][  T293] cp2112 0003:10C4:EA90.008C: unknown main item tag 0x0
[  254.397884][  T293] cp2112 0003:10C4:EA90.008C: unknown main item tag 0x0
[  254.406488][  T293] cp2112 0003:10C4:EA90.008C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  254.581115][   T39] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.008B/input/input88
[  254.586713][  T293] cp2112 0003:10C4:EA90.008C: Part Number: 0x00 Device Version: 0x00
[  254.603938][   T39] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.008B/input/input89
[  254.627535][   T39] uclogic 0003:256C:006D.008B: input,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  254.722131][ T7596] loop2: detected capacity change from 0 to 1024
[  254.785647][  T319] usb 4-1: USB disconnect, device number 40
[  254.797227][   T20] hid (null): bogus close delimiter
[  254.834774][ T7596] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  254.845372][ T7596] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038 (0x7fffffff)
[  254.936591][   T39] usb 5-1: new full-speed USB device number 38 using dummy_hcd
[  255.077666][   T30] audit: type=1400 audit(1726194521.798:1971): avc:  denied  { create } for  pid=7601 comm="syz.2.2789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  255.236704][  T293] cp2112 0003:10C4:EA90.008C: error reading lock byte: 0
[  255.316725][   T39] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  255.316739][   T20] uclogic 0003:256C:006D.008D: failed retrieving Huion firmware version: -71
[  255.316768][   T20] uclogic 0003:256C:006D.008D: failed probing parameters: -71
[  255.336596][   T39] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  255.345192][   T20] uclogic: probe of 0003:256C:006D.008D failed with error -71
[  255.360550][ T7609] loop7: detected capacity change from 0 to 16384
[  255.364175][   T20] usb 1-1: USB disconnect, device number 42
[  255.368142][   T39] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  255.384807][   T39] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  255.394070][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.419679][ T7590] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  255.437108][   T39] hub 5-1:1.0: bad descriptor, ignoring hub
[  255.443191][   T43] blk_update_request: I/O error, dev loop7, sector 3456 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  255.456730][  T293] usb 2-1: USB disconnect, device number 36
[  255.468966][   T39] hub: probe of 5-1:1.0 failed with error -5
[  255.474989][   T39] cdc_wdm 5-1:1.0: skipping garbage
[  255.496878][   T39] cdc_wdm 5-1:1.0: skipping garbage
[  255.507169][   T39] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  255.756685][   T20] usb 5-1: USB disconnect, device number 38
[  255.877453][  T311] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  255.919118][ T7644] loop7: detected capacity change from 0 to 16384
[  255.996784][   T43] blk_update_request: I/O error, dev loop7, sector 8704 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  256.117984][  T311] usb 3-1: Using ep0 maxpacket: 8
[  256.126700][  T293] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  256.192700][ T7668] loop3: detected capacity change from 0 to 512
[  256.212645][ T7670] syz.1.2819[7670] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.212730][ T7670] syz.1.2819[7670] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.236689][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.258814][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.268394][  T311] usb 3-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[  256.277971][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.288832][  T311] usb 3-1: config 0 descriptor??
[  256.298376][ T7668] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.309252][ T7668] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038 (0x7fffffff)
[  256.346723][ T7668] syz.3.2818 (7668) used greatest stack depth: 19472 bytes left
[  256.371081][ T7679] loop4: detected capacity change from 0 to 1024
[  256.376621][  T293] usb 1-1: Using ep0 maxpacket: 8
[  256.426483][ T7685] loop3: detected capacity change from 0 to 512
[  256.434557][ T7679] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.454081][ T7685] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2821: invalid indirect mapped block 256 (level 2)
[  256.467465][ T7679] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  256.467783][ T7685] EXT4-fs (loop3): 2 truncates cleaned up
[  256.481484][ T7685] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.496756][  T293] usb 1-1: New USB device found, idVendor=09d8, idProduct=0320, bcdDevice=8c.41
[  256.506155][  T293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.514552][  T293] usb 1-1: config 0 descriptor??
[  256.676613][  T319] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  256.767989][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.775220][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.785382][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.792958][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.800249][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.807571][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.814795][  T311] playstation 0003:054C:0CE6.008E: unknown main item tag 0x0
[  256.822512][ T1503] usb 1-1: USB disconnect, device number 43
[  256.823306][  T311] playstation 0003:054C:0CE6.008E: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.2-1/input0
[  256.852827][ T7699] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1298427216 (10387417728 ns) > initial count (4311810304 ns). Using initial count to start timer.
[  256.871102][ T7697] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.878275][ T7697] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.885732][ T7697] device bridge_slave_0 entered promiscuous mode
[  256.893826][ T7697] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.901256][ T7697] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.908826][ T7697] device bridge_slave_1 entered promiscuous mode
[  256.986646][  T311] playstation 0003:054C:0CE6.008E: Invalid reportID received, expected 9 got 0
[  256.995473][  T311] playstation 0003:054C:0CE6.008E: Failed to retrieve DualSense pairing info: -22
[  257.004538][  T311] playstation 0003:054C:0CE6.008E: Failed to get MAC address from DualSense
[  257.013021][  T311] playstation 0003:054C:0CE6.008E: Failed to create dualsense.
[  257.015640][ T7697] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.027348][ T7697] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.034440][ T7697] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.041251][ T7697] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.049124][  T311] playstation: probe of 0003:054C:0CE6.008E failed with error -22
[  257.076317][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  257.084507][ T1503] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.091648][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.104047][ T1503] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.111003][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.140949][  T319] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  257.150522][  T319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.161661][ T7697] device veth0_vlan entered promiscuous mode
[  257.165898][  T319] usb 2-1: config 0 descriptor??
[  257.175000][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  257.183647][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  257.195360][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  257.202842][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  257.212232][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  257.221143][  T491] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.227995][  T491] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.235495][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  257.243504][  T491] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.250370][  T491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.257934][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  257.265734][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  257.283745][  T491] usb 3-1: USB disconnect, device number 40
[  257.291340][ T7697] device veth1_macvtap entered promiscuous mode
[  257.304986][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  257.323243][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  257.342917][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  257.353866][  T324] device bridge_slave_1 left promiscuous mode
[  257.362546][  T324] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.370310][  T324] device bridge_slave_0 left promiscuous mode
[  257.376346][  T324] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.385306][  T324] device veth0_vlan left promiscuous mode
[  257.540781][ T7705] loop4: detected capacity change from 0 to 131072
[  257.548312][ T7711] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer.
[  257.581515][ T7705] F2FS-fs (loop4): invalid crc value
[  257.594795][ T7705] F2FS-fs (loop4): Found nat_bits in checkpoint
[  257.608973][ T7716] device pim6reg1 entered promiscuous mode
[  257.640010][ T7705] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  257.646854][ T7705] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  257.665801][  T319] isku 0003:1E7D:319C.008F: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[  257.866679][  T319] isku 0003:1E7D:319C.008F: couldn't init struct isku_device
[  257.890920][  T319] isku 0003:1E7D:319C.008F: couldn't install keyboard
[  257.912650][  T319] isku: probe of 0003:1E7D:319C.008F failed with error -5
[  258.068760][  T311] usb 2-1: USB disconnect, device number 37
[  258.196978][ T7754] loop4: detected capacity change from 0 to 512
[  258.247535][ T7746] loop0: detected capacity change from 0 to 40427
[  258.257287][ T7754] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  258.279875][ T7754] EXT4-fs (loop4): 1 truncate cleaned up
[  258.285348][ T7754] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  258.309618][ T7746] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  258.315786][ T7746] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  258.337063][  T293] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  258.345811][ T7746] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  258.376112][ T7746] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  258.383247][ T7746] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  258.410873][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  258.410887][   T30] audit: type=1400 audit(1726194525.128:2021): avc:  denied  { mounton } for  pid=7762 comm="syz.4.2850" path="/28/file0" dev="incremental-fs" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  258.427849][ T7746] attempt to access beyond end of device
[  258.427849][ T7746] loop0: rw=2049, want=53256, limit=40427
[  258.440229][   T30] audit: type=1400 audit(1726194525.128:2022): avc:  denied  { write } for  pid=7762 comm="syz.4.2850" path="/28/file0/file0" dev="incremental-fs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  258.487738][ T7746] attempt to access beyond end of device
[  258.487738][ T7746] loop0: rw=2049, want=53264, limit=40427
[  258.502355][   T30] audit: type=1326 audit(1726194525.228:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9c81daef9 code=0x7ffc0000
[  258.503703][ T7746] attempt to access beyond end of device
[  258.503703][ T7746] loop0: rw=2049, want=53392, limit=40427
[  258.540152][ T7767] loop4: detected capacity change from 0 to 512
[  258.563847][ T7133] attempt to access beyond end of device
[  258.563847][ T7133] loop0: rw=2049, want=45104, limit=40427
[  258.585806][ T7771] syz.1.2855[7771] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  258.585899][ T7771] syz.1.2855[7771] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  258.586963][ T7769] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  258.614561][   T30] audit: type=1326 audit(1726194525.228:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9c81daef9 code=0x7ffc0000
[  258.638205][   T30] audit: type=1326 audit(1726194525.228:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fb9c81daef9 code=0x7ffc0000
[  258.662216][   T30] audit: type=1326 audit(1726194525.228:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9c81daef9 code=0x7ffc0000
[  258.662234][  T324] Bluetooth: hci0: Frame reassembly failed (-84)
[  258.692234][ T7767] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  258.698003][   T30] audit: type=1326 audit(1726194525.228:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7764 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9c81daef9 code=0x7ffc0000
[  258.704322][ T7767] EXT4-fs (loop4): 1 orphan inode deleted
[  258.731203][ T7767] EXT4-fs (loop4): 1 truncate cleaned up
[  258.737266][  T293] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  258.753685][  T293] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  258.765228][ T7767] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  258.788556][  T293] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  258.802984][ T7767] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, 
[  258.802998][  T293] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  258.811187][ T7767] block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  258.820722][  T293] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.829529][ T7767] EXT4-fs (loop4): Remounting filesystem read-only
[  258.846437][   T30] audit: type=1400 audit(1726194525.558:2028): avc:  denied  { ioctl } for  pid=7766 comm="syz.4.2852" path="/29/bus/cpuset.effective_mems" dev="loop4" ino=18 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  258.871722][ T7752] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  259.091565][   T30] audit: type=1400 audit(1726194525.808:2029): avc:  denied  { read } for  pid=7783 comm="syz.4.2859" path="socket:[65280]" dev="sockfs" ino=65280 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  259.123039][ T1503] usb 3-1: USB disconnect, device number 41
[  259.476839][  T293] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  259.723478][ T7799] loop1: detected capacity change from 0 to 40427
[  259.757322][ T7813] loop0: detected capacity change from 0 to 128
[  259.769195][ T7799] F2FS-fs (loop1): invalid crc value
[  259.775339][ T7799] F2FS-fs (loop1): Found nat_bits in checkpoint
[  259.810359][ T7813] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  259.814939][ T7799] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  259.821177][ T7813] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  259.839982][ T7799] attempt to access beyond end of device
[  259.839982][ T7799] loop1: rw=2049, want=45104, limit=40427
[  259.870458][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.881406][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.891037][  T293] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  259.900074][  T293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.900368][ T7390] attempt to access beyond end of device
[  259.900368][ T7390] loop1: rw=2049, want=45120, limit=40427
[  259.908682][  T293] usb 5-1: config 0 descriptor??
[  259.923151][ T7813] loop_set_status: loop0 () has still dirty pages (nrpages=1)
[  259.943263][ T7813] EXT4-fs error (device loop0): __ext4_find_entry:1695: inode #2: comm syz.0.2871: checksumming directory block 0
[  259.963398][ T7133] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: comm syz-executor: Directory block failed checksum
[  260.067045][  T480] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  260.148192][ T7822] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.155030][ T7822] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.162528][ T7822] device bridge_slave_0 entered promiscuous mode
[  260.169589][ T7822] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.176476][ T7822] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.184238][ T7822] device bridge_slave_1 entered promiscuous mode
[  260.230551][ T7822] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.237407][ T7822] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.244474][ T7822] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.251293][ T7822] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.271581][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  260.279151][  T491] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.286201][  T491] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.297425][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  260.305382][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.312221][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.319494][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  260.327711][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.334531][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.355831][ T7822] device veth0_vlan entered promiscuous mode
[  260.362741][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  260.371014][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  260.378888][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  260.386080][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  260.393195][  T311] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  260.401866][  T293] samsung 0003:0419:0600.0090: global environment stack underflow
[  260.409711][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  260.417384][  T293] samsung 0003:0419:0600.0090: item 0 4 1 11 parsing failed
[  260.424646][  T293] samsung 0003:0419:0600.0090: parse failed
[  260.430628][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  260.438200][  T293] samsung: probe of 0003:0419:0600.0090 failed with error -22
[  260.447091][  T480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.457693][ T7822] device veth1_macvtap entered promiscuous mode
[  260.463996][  T480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.474056][  T491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  260.474517][  T480] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  260.487292][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  260.490666][  T480] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.507058][  T480] usb 3-1: config 0 descriptor??
[  260.513599][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  260.602981][  T293] usb 5-1: USB disconnect, device number 39
[  260.656670][  T311] usb 2-1: Using ep0 maxpacket: 16
[  260.656711][  T491] Bluetooth: hci0: command 0x1003 tx timeout
[  260.667640][  T445] Bluetooth: hci0: sending frame failed (-49)
[  260.776659][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.787404][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.796898][  T311] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  260.809670][  T311] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  260.818558][  T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.826680][ T1503] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  260.827484][  T311] usb 2-1: config 0 descriptor??
[  260.966959][ T7811] UDC core: couldn't find an available UDC or it's busy: -16
[  260.974275][ T7811] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.986824][  T480] hid (null): bogus close delimiter
[  261.122550][   T30] audit: type=1400 audit(1726194527.838:2030): avc:  denied  { write } for  pid=7831 comm="syz.4.2876" name="task" dev="proc" ino=65555 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  261.144393][ T7830] loop4: detected capacity change from 0 to 256
[  261.206652][ T1503] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.206685][  T480] usb 3-1: language id specifier not provided by device, defaulting to English
[  261.217727][ T1503] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.236782][ T1503] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  261.249696][ T1503] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.262775][ T1503] usb 1-1: config 0 descriptor??
[  261.317539][  T311] koneplus 0003:1E7D:2E22.0092: unknown main item tag 0x0
[  261.324955][  T311] koneplus 0003:1E7D:2E22.0092: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.1-1/input0
[  261.657903][  T480] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0091/input/input90
[  261.670764][  T480] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0091/input/input91
[  261.683407][  T480] uclogic 0003:256C:006D.0091: input,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  261.729035][  T491] usb 2-1: USB disconnect, device number 38
[  261.740531][ T1503] hid-led 0003:1D34:000A.0093: unknown main item tag 0x0
[  261.749155][ T1503] hid-led 0003:1D34:000A.0093: unknown main item tag 0x0
[  261.756002][ T1503] hid-led 0003:1D34:000A.0093: unknown main item tag 0x0
[  261.762912][ T1503] hid-led 0003:1D34:000A.0093: unknown main item tag 0x0
[  261.769850][ T1503] hid-led 0003:1D34:000A.0093: unknown main item tag 0x0
[  261.897258][  T311] usb 3-1: USB disconnect, device number 42
[  261.957248][ T1503] hid-led 0003:1D34:000A.0093: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.0-1/input0
[  261.969243][ T1503] hid-led 0003:1D34:000A.0093: Dream Cheeky Webmail Notifier initialized
[  262.158969][  T311] usb 1-1: USB disconnect, device number 44
[  262.240493][ T7836] loop1: detected capacity change from 0 to 512
[  262.320172][ T7836] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  262.328144][ T7836] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  262.336325][ T7836] EXT4-fs (loop1): 1 truncate cleaned up
[  262.342198][ T7836] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,grpjquota="errors=continue,errors=remount-ro,noblock_validity,. Quota mode: writeback.
[  262.451467][ T7845] loop1: detected capacity change from 0 to 1024
[  262.503720][ T7845] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  262.514194][ T7845] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038 (0x7fffffff)
[  262.598649][ T7849] loop1: detected capacity change from 0 to 2048
[  262.678669][ T7849] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  262.694188][ T7849] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  262.709086][ T7849] EXT4-fs (loop1): Delayed block allocation failed for inode 13 at logical offset 16 with max blocks 17 with error 28
[  262.721450][ T7849] EXT4-fs (loop1): This should not happen!! Data will be lost
[  262.721450][ T7849] 
[  262.731330][ T7849] EXT4-fs (loop1): Total free blocks count 0
[  262.737285][ T7849] EXT4-fs (loop1): Free/Dirty block details
[  262.742999][ T7849] EXT4-fs (loop1): free_blocks=2415919104
[  262.746857][   T39] Bluetooth: hci0: command 0x1001 tx timeout
[  262.748862][ T7849] EXT4-fs (loop1): dirty_blocks=32
[  262.754872][ T7843] Bluetooth: hci0: sending frame failed (-49)
[  262.759518][ T7849] EXT4-fs (loop1): Block reservation details
[  262.771180][ T7849] EXT4-fs (loop1): i_reserved_data_blocks=2
[  262.778013][ T7854] EXT4-fs (loop1): Delayed block allocation failed for inode 13 at logical offset 16 with max blocks 16 with error 28
[  262.790381][ T7854] EXT4-fs (loop1): This should not happen!! Data will be lost
[  262.790381][ T7854] 
[  262.800407][  T324] tipc: Left network mode
[  262.869336][ T7856] loop1: detected capacity change from 0 to 1024
[  262.936987][  T311] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  262.947311][ T7856] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  262.964570][ T7856] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  263.130383][ T7861] kvm: apic: phys broadcast and lowest prio
[  263.191697][ T7864] device syzkaller0 entered promiscuous mode
[  263.227043][  T324] device bridge_slave_1 left promiscuous mode
[  263.233083][  T324] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.240527][  T324] device bridge_slave_0 left promiscuous mode
[  263.246449][  T324] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.254789][  T324] device veth1_macvtap left promiscuous mode
[  263.260755][  T324] device veth0_vlan left promiscuous mode
[  263.296618][  T491] Bluetooth: hci1: command 0x1003 tx timeout
[  263.296831][  T311] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  263.302574][ T7843] Bluetooth: hci1: sending frame failed (-49)
[  263.326636][  T311] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  263.339233][  T311] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  263.351941][  T311] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  263.360807][  T311] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.369419][  T311] usb 1-1: config 0 descriptor??
[  263.386662][ T7851] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  263.604269][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  263.604286][   T30] audit: type=1400 audit(1726194530.318:2035): avc:  denied  { create } for  pid=7876 comm="syz.1.2893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  263.631523][   T30] audit: type=1400 audit(1726194530.318:2036): avc:  denied  { write } for  pid=7876 comm="syz.1.2893" path="socket:[66563]" dev="sockfs" ino=66563 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  263.655986][   T30] audit: type=1400 audit(1726194530.318:2037): avc:  denied  { nlmsg_write } for  pid=7876 comm="syz.1.2893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  263.838026][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.845404][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.852571][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.859820][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.866962][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.874178][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.881395][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.888747][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.895930][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.903177][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.910366][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.917562][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.924744][  T311] plantronics 0003:047F:FFFF.0094: unknown main item tag 0x0
[  263.932172][  T311] plantronics 0003:047F:FFFF.0094: No inputs registered, leaving
[  263.941196][  T311] plantronics 0003:047F:FFFF.0094: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  264.136865][   T39] usb 1-1: USB disconnect, device number 45
[  264.416634][   T20] Bluetooth: hci2: command 0x1003 tx timeout
[  264.422497][ T7843] Bluetooth: hci2: sending frame failed (-49)
[  264.585027][ T7892] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2898'.
[  264.698786][   T30] audit: type=1326 audit(1726194531.418:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7905 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef13127ef9 code=0x7ffc0000
[  264.723156][   T30] audit: type=1326 audit(1726194531.418:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7905 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef13127ef9 code=0x7ffc0000
[  264.747174][   T30] audit: type=1326 audit(1726194531.418:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7905 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fef13127ef9 code=0x7ffc0000
[  264.772375][   T30] audit: type=1326 audit(1726194531.418:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7905 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef13127ef9 code=0x7ffc0000
[  264.795786][   T30] audit: type=1326 audit(1726194531.418:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7905 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef13127ef9 code=0x7ffc0000
[  264.819285][   T39] Bluetooth: hci0: command 0x1009 tx timeout
[  264.831259][   T30] audit: type=1400 audit(1726194531.548:2043): avc:  denied  { ioctl } for  pid=7907 comm="syz.0.2906" path="socket:[65785]" dev="sockfs" ino=65785 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  264.966658][  T311] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  265.099240][ T7917] loop0: detected capacity change from 0 to 40427
[  265.187026][ T7917] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  265.194734][ T7917] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  265.203898][ T7917] F2FS-fs (loop0): invalid crc value
[  265.210536][ T7917] F2FS-fs (loop0): Found nat_bits in checkpoint
[  265.240910][ T7917] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  265.247813][ T7917] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  265.326689][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.337647][  T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.347204][  T311] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  265.356134][  T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.377545][  T311] usb 2-1: config 0 descriptor??
[  265.386607][   T39] Bluetooth: hci1: command 0x1001 tx timeout
[  265.392494][ T7843] Bluetooth: hci1: sending frame failed (-49)
[  265.857717][  T311] holtek 0003:1241:5015.0095: unknown main item tag 0x5
[  265.865220][  T311] holtek 0003:1241:5015.0095: hidraw0: USB HID v0.00 Device [HID 1241:5015] on usb-dummy_hcd.1-1/input0
[  265.876467][  T311] holtek 0003:1241:5015.0095: no inputs found
[  266.059654][  T311] usb 2-1: USB disconnect, device number 39
[  266.496668][  T319] Bluetooth: hci2: command 0x1001 tx timeout
[  266.502550][ T7843] Bluetooth: hci2: sending frame failed (-49)
[  266.516647][ T1503] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  266.574398][   T30] audit: type=1326 audit(1726194533.288:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7929 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee73f14ef9 code=0x7ffc0000
[  266.604004][ T7932] loop1: detected capacity change from 0 to 128
[  266.668811][ T7932] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  266.679299][ T7932] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  266.766625][ T1503] usb 1-1: Using ep0 maxpacket: 8
[  266.926733][ T1503] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.937508][ T1503] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.947158][ T1503] usb 1-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[  266.956030][ T1503] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.964576][ T1503] usb 1-1: config 0 descriptor??
[  267.456802][  T480] Bluetooth: hci1: command 0x1009 tx timeout
[  267.458099][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.470705][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.477976][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.485130][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.492330][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.499539][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.506775][ T1503] playstation 0003:054C:0CE6.0096: unknown main item tag 0x0
[  267.514476][ T1503] playstation 0003:054C:0CE6.0096: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.0-1/input0
[  267.650015][ T7945] loop1: detected capacity change from 0 to 1024
[  267.676663][ T1503] playstation 0003:054C:0CE6.0096: Invalid byte count transferred, expected 20 got 0
[  267.686057][ T1503] playstation 0003:054C:0CE6.0096: Failed to retrieve DualSense pairing info: -22
[  267.695155][ T1503] playstation 0003:054C:0CE6.0096: Failed to get MAC address from DualSense
[  267.704068][ T7945] EXT4-fs (loop1): Ignoring removed orlov option
[  267.708015][ T1503] playstation 0003:054C:0CE6.0096: Failed to create dualsense.
[  267.710522][ T7945] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  267.718707][ T1503] playstation: probe of 0003:054C:0CE6.0096 failed with error -22
[  267.738177][ T7945] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  267.871748][ T7952] loop1: detected capacity change from 0 to 512
[  267.885025][  T480] usb 1-1: USB disconnect, device number 46
[  267.908244][ T7952] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  267.919463][ T7952] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  268.189362][ T7960] input: syz0 as /devices/virtual/input/input92
[  268.264595][ T7963] loop1: detected capacity change from 0 to 256
[  268.405819][ T7968] loop1: detected capacity change from 0 to 256
[  268.441447][ T7968] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  268.489482][ T7968] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  268.498518][ T7968] exFAT-fs (loop1): Filesystem has been set read-only
[  268.505422][ T7968] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  268.519578][ T7390] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  268.528682][ T7390] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  268.576599][  T480] Bluetooth: hci2: command 0x1009 tx timeout
[  268.663358][ T7979] loop0: detected capacity change from 0 to 1024
[  268.670384][ T7977] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.677896][ T7977] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.686809][ T7977] device bridge_slave_0 entered promiscuous mode
[  268.696058][ T7977] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.702996][ T7977] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.710528][ T7979] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[  268.710528][ T7979] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  268.710528][ T7979] 
[  268.711750][ T7977] device bridge_slave_1 entered promiscuous mode
[  268.747199][ T7979] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,max_dir_size_kb=0x0000000000000003,sysvgroups,grpquota,debug_want_extra_isize=0x0000000000000080,minixdf,nogrpid,noauto_da_alloc,nouser_xattr,,errors=continue. Quota mode: writeback.
[  268.891443][ T7983] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.898478][ T7983] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.905732][ T7983] device bridge_slave_0 entered promiscuous mode
[  268.912903][ T7983] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.919873][ T7983] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.927440][ T7983] device bridge_slave_1 entered promiscuous mode
[  268.978231][ T7977] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.985120][ T7977] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.992227][ T7977] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.999085][ T7977] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.037817][ T8002] loop0: detected capacity change from 0 to 256
[  269.053141][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.061731][  T480] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.069212][  T480] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.090381][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.098227][ T8002] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  269.098416][  T480] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.116868][  T480] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.124486][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.132539][  T480] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.139395][  T480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.157518][   T45] device bridge_slave_1 left promiscuous mode
[  269.157983][ T8002] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000005)
[  269.163478][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.172408][ T8002] exFAT-fs (loop0): Filesystem has been set read-only
[  269.186009][   T45] device bridge_slave_0 left promiscuous mode
[  269.192244][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.193305][ T8002] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000005)
[  269.208907][   T45] device veth1_macvtap left promiscuous mode
[  269.217291][   T45] device veth0_vlan left promiscuous mode
[  269.219690][ T7822] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000005)
[  269.232237][ T7822] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000005)
[  269.340087][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.359437][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.379789][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.390037][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.401843][ T7977] device veth0_vlan entered promiscuous mode
[  269.408387][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.416215][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.423846][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.431359][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.439468][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.446293][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.463579][ T7977] device veth1_macvtap entered promiscuous mode
[  269.471449][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.483455][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.491955][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.500060][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.506898][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.525655][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.534198][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.543698][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.568545][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.585072][ T7983] device veth0_vlan entered promiscuous mode
[  269.598292][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  269.598306][   T30] audit: type=1400 audit(1726194536.318:2054): avc:  denied  { create } for  pid=8006 comm="syz.3.2928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  269.600600][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  269.632553][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.640973][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.648869][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.657249][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.664495][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.686332][ T7983] device veth1_macvtap entered promiscuous mode
[  269.696941][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.704853][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.713284][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  269.734358][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  269.742513][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.750703][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  269.758709][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.781240][ T8005] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.788245][ T8005] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.795425][ T8005] device bridge_slave_0 entered promiscuous mode
[  269.807259][ T8005] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.814198][ T8005] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.821720][ T8005] device bridge_slave_1 entered promiscuous mode
[  269.907147][ T8005] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.913996][ T8005] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.921149][ T8005] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.927991][ T8005] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.935720][   T39] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  269.958557][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.966049][  T480] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.973314][  T480] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.997728][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.005677][ T1503] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.012524][ T1503] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.020915][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.029183][ T1503] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.036025][ T1503] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.043296][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.051109][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.067033][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  270.081003][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  270.089345][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  270.096935][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  270.105495][ T8005] device veth0_vlan entered promiscuous mode
[  270.120622][ T8005] device veth1_macvtap entered promiscuous mode
[  270.127841][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  270.136805][   T20] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  270.145182][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.154264][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  270.196855][   T39] usb 4-1: Using ep0 maxpacket: 32
[  270.209860][ T8020] syz.0.2942[8020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.209937][ T8020] syz.0.2942[8020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.222739][ T8020] input: syz0 as /devices/virtual/input/input93
[  270.347268][   T45] device bridge_slave_1 left promiscuous mode
[  270.353300][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.361082][   T45] device bridge_slave_0 left promiscuous mode
[  270.367190][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.375762][   T45] device bridge_slave_1 left promiscuous mode
[  270.382009][   T20] usb 2-1: Using ep0 maxpacket: 16
[  270.387199][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.394658][   T45] device bridge_slave_0 left promiscuous mode
[  270.400992][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.409653][   T45] device veth1_macvtap left promiscuous mode
[  270.415592][   T45] device veth0_vlan left promiscuous mode
[  270.422130][   T45] device veth1_macvtap left promiscuous mode
[  270.428197][   T45] device veth0_vlan left promiscuous mode
[  270.506723][   T20] usb 2-1: config 0 has no interfaces?
[  270.512049][   T20] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  270.526685][   T39] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  270.531130][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.549009][   T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.554697][   T20] usb 2-1: config 0 descriptor??
[  270.569858][   T39] usb 4-1: Product: syz
[  270.573831][   T39] usb 4-1: Manufacturer: syz
[  270.578407][   T39] usb 4-1: SerialNumber: syz
[  270.589274][   T39] usb 4-1: config 0 descriptor??
[  270.800876][  T480] usb 2-1: USB disconnect, device number 40
[  271.276655][   T39] (unnamed net_device) (uninitialized): Assigned a random MAC address: b6:06:0d:a0:b6:c5
[  271.289109][   T39] rtl8150 4-1:0.0: eth1: rtl8150 is detected
[  271.304415][   T30] audit: type=1400 audit(1726194538.018:2055): avc:  denied  { read } for  pid=138 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  271.337876][   T39] usb 4-1: USB disconnect, device number 41
[  271.386706][   T30] audit: type=1400 audit(1726194538.038:2056): avc:  denied  { search } for  pid=138 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.427109][   T30] audit: type=1400 audit(1726194538.038:2057): avc:  denied  { read } for  pid=138 comm="dhcpcd" name="n21" dev="tmpfs" ino=19481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  271.431638][ T8028] loop0: detected capacity change from 0 to 40427
[  271.456895][   T30] audit: type=1400 audit(1726194538.038:2058): avc:  denied  { open } for  pid=138 comm="dhcpcd" path="/run/udev/data/n21" dev="tmpfs" ino=19481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  271.488716][   T30] audit: type=1400 audit(1726194538.038:2059): avc:  denied  { getattr } for  pid=138 comm="dhcpcd" path="/run/udev/data/n21" dev="tmpfs" ino=19481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  271.556156][ T8033] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.563180][ T8033] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.573259][ T8028] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  271.580884][ T8028] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  271.583730][ T8033] device bridge_slave_0 entered promiscuous mode
[  271.596035][ T8033] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.603325][ T8033] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.616303][ T8028] F2FS-fs (loop0): invalid crc value
[  271.620921][ T8033] device bridge_slave_1 entered promiscuous mode
[  271.641259][ T8028] F2FS-fs (loop0): Found nat_bits in checkpoint
[  271.691575][ T8028] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  271.708865][ T8028] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  271.734223][ T8028] attempt to access beyond end of device
[  271.734223][ T8028] loop0: rw=2049, want=77960, limit=40427
[  271.786065][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.806262][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  271.832357][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.840808][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.850023][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.856894][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.864226][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.872428][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.884029][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.891111][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.898372][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.904589][ T8047] loop1: detected capacity change from 0 to 128
[  271.906229][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.923831][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.942294][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.958083][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.966125][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.974699][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.982213][ T8047] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  271.993303][ T8047] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  272.033923][ T8033] device veth0_vlan entered promiscuous mode
[  272.053963][ T8047] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  272.063122][ T8047] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  272.077303][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.088523][ T8033] device veth1_macvtap entered promiscuous mode
[  272.111108][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.119542][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.130447][ T8057] loop3: detected capacity change from 0 to 512
[  272.148738][ T8059] loop1: detected capacity change from 0 to 16
[  272.168598][ T8059] erofs: (device loop1): mounted with root inode @ nid 36.
[  272.178334][   T48] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[9000]
[  272.209311][ T8057] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.2956: casefold flag without casefold feature
[  272.223944][ T8059] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[8192]
[  272.224833][ T8057] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz.3.2956: missing EA_INODE flag
[  272.246503][ T8057] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2956: error while reading EA inode 2 err=-117
[  272.259366][ T8057] EXT4-fs (loop3): 1 orphan inode deleted
[  272.264908][ T8057] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  272.294150][ T8066] syz.0.2958[8066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.294230][ T8066] syz.0.2958[8066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.319202][   T45] device bridge_slave_1 left promiscuous mode
[  272.343250][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.358932][   T45] device bridge_slave_0 left promiscuous mode
[  272.365668][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.394957][   T45] device veth1_macvtap left promiscuous mode
[  272.459328][ T8077] loop3: detected capacity change from 0 to 512
[  272.474195][   T30] audit: type=1326 audit(1726194539.188:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8081 comm="syz.1.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4efc984ef9 code=0x7ffc0000
[  272.501887][   T30] audit: type=1326 audit(1726194539.198:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8081 comm="syz.1.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4efc984ef9 code=0x7ffc0000
[  272.528960][   T30] audit: type=1326 audit(1726194539.248:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8081 comm="syz.1.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4efc984ef9 code=0x7ffc0000
[  272.552535][   T30] audit: type=1326 audit(1726194539.248:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8081 comm="syz.1.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4efc984ef9 code=0x7ffc0000
[  272.581289][ T8077] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.2960: casefold flag without casefold feature
[  272.594300][ T8077] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.2960: missing EA_INODE flag
[  272.615956][ T8077] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2960: error while reading EA inode 12 err=-117
[  272.644415][ T8077] EXT4-fs (loop3): 1 orphan inode deleted
[  272.663735][ T8077] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  272.716608][   T20] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  272.724926][ T8091] loop1: detected capacity change from 0 to 512
[  272.737360][ T8083] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.744495][ T8083] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.752055][ T8083] device bridge_slave_0 entered promiscuous mode
[  272.763726][ T8083] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.771857][ T8083] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.780498][ T8083] device bridge_slave_1 entered promiscuous mode
[  272.797236][ T8091] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.2968: casefold flag without casefold feature
[  272.816679][ T8091] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.2968: missing EA_INODE flag
[  272.828350][ T8091] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2968: error while reading EA inode 2 err=-117
[  272.852236][ T8091] EXT4-fs (loop1): 1 orphan inode deleted
[  272.870020][ T8091] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  272.962955][   T20] usb 1-1: Using ep0 maxpacket: 32
[  272.997320][ T8083] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.004191][ T8083] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.011305][ T8083] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.018078][ T8083] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.070369][ T8119] ªªªªªª: renamed from vlan0
[  273.077562][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.094895][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.133636][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  273.147256][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  273.155336][  T480] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.162212][  T480] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.169574][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  273.177617][  T480] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.184471][  T480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.204498][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  273.212436][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  273.233665][ T8083] device veth0_vlan entered promiscuous mode
[  273.239994][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  273.249350][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  273.249948][ T8115] loop3: detected capacity change from 0 to 40427
[  273.257357][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  273.270245][   T20] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  273.279578][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  273.286964][   T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.294754][   T20] usb 1-1: Product: syz
[  273.299248][   T20] usb 1-1: Manufacturer: syz
[  273.303656][   T20] usb 1-1: SerialNumber: syz
[  273.311616][   T20] usb 1-1: config 0 descriptor??
[  273.320128][ T8083] device veth1_macvtap entered promiscuous mode
[  273.332653][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  273.347984][  T483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  273.356799][ T8115] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  273.357178][  T483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  273.363000][ T8115] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  273.376644][  T293] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  273.420292][ T8115] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  273.458432][ T8115] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  273.465486][ T8115] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  273.518256][ T8115] attempt to access beyond end of device
[  273.518256][ T8115] loop3: rw=2049, want=53256, limit=40427
[  273.529960][ T8115] attempt to access beyond end of device
[  273.529960][ T8115] loop3: rw=2049, want=53264, limit=40427
[  273.542303][ T8115] attempt to access beyond end of device
[  273.542303][ T8115] loop3: rw=2049, want=53328, limit=40427
[  273.558691][ T7977] attempt to access beyond end of device
[  273.558691][ T7977] loop3: rw=2049, want=45104, limit=40427
[  273.699585][   T45] device bridge_slave_1 left promiscuous mode
[  273.705653][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.727200][ T8155] loop1: detected capacity change from 0 to 128
[  273.736438][   T45] device bridge_slave_0 left promiscuous mode
[  273.742749][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.753123][   T45] device veth1_macvtap left promiscuous mode
[  273.759631][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.773699][   T45] device veth0_vlan left promiscuous mode
[  273.779696][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.790027][  T293] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  273.799100][  T293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.811378][ T8155] attempt to access beyond end of device
[  273.811378][ T8155] loop1: rw=34817, want=129, limit=128
[  273.811546][  T293] usb 5-1: config 0 descriptor??
[  273.912926][ T8161] tipc: Started in network mode
[  273.917698][ T8161] tipc: Node identity c23d2dec9f9e, cluster identity 4711
[  273.924589][ T8161] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  273.955511][ T8160] tipc: Resetting bearer <eth:syzkaller0>
[  273.974398][ T8160] tipc: Disabling bearer <eth:syzkaller0>
[  274.026614][   T20] (unnamed net_device) (uninitialized): Assigned a random MAC address: 82:f7:3c:ed:0f:30
[  274.038931][   T20] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  274.054664][   T20] usb 1-1: USB disconnect, device number 47
[  274.323109][  T293] arvo 0003:1E7D:30D4.0097: item fetching failed at offset 5/7
[  274.332310][  T293] arvo 0003:1E7D:30D4.0097: parse failed
[  274.338600][  T293] arvo: probe of 0003:1E7D:30D4.0097 failed with error -22
[  274.446677][  T311] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  274.528100][  T293] usb 5-1: USB disconnect, device number 40
[  274.532372][ T8166] loop3: detected capacity change from 0 to 131072
[  274.598168][ T8166] F2FS-fs (loop3): invalid crc value
[  274.605052][ T8166] F2FS-fs (loop3): Found nat_bits in checkpoint
[  274.638734][ T8166] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  274.656352][ T8166] F2FS-fs (loop3): Corrupted max_depth of 3: 16842753
[  274.677006][ T8193] loop1: detected capacity change from 0 to 256
[  274.686712][  T311] usb 3-1: Using ep0 maxpacket: 16
[  274.718599][ T8193] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1768846636 (3537693272 ns) > initial count (1927074542 ns). Using initial count to start timer.
[  274.806654][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.831125][  T311] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.841571][  T311] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  274.866066][  T311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.877240][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  274.877254][   T30] audit: type=1400 audit(1726194541.598:2105): avc:  denied  { name_bind } for  pid=8202 comm="syz.1.3010" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  274.904975][  T311] usb 3-1: config 0 descriptor??
[  275.101098][ T8205] loop0: detected capacity change from 0 to 40427
[  275.157565][ T8205] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  275.163840][ T8205] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  275.175078][ T8205] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  275.205063][ T8205] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  275.212285][ T8205] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  275.226465][ T8205] attempt to access beyond end of device
[  275.226465][ T8205] loop0: rw=2049, want=53256, limit=40427
[  275.234702][ T8219] loop1: detected capacity change from 0 to 40427
[  275.238118][ T8205] attempt to access beyond end of device
[  275.238118][ T8205] loop0: rw=2049, want=53264, limit=40427
[  275.260853][ T8219] F2FS-fs (loop1): invalid crc value
[  275.266413][ T8005] attempt to access beyond end of device
[  275.266413][ T8005] loop0: rw=2049, want=45104, limit=40427
[  275.268114][ T8219] F2FS-fs (loop1): Found nat_bits in checkpoint
[  275.283552][  T319] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  275.324505][ T8219] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  275.346603][  T480] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  275.372742][   T30] audit: type=1326 audit(1726194542.088:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.398143][  T311] cp2112 0003:10C4:EA90.0098: unknown main item tag 0x0
[  275.404921][  T311] cp2112 0003:10C4:EA90.0098: unknown main item tag 0x0
[  275.421963][  T311] cp2112 0003:10C4:EA90.0098: unknown main item tag 0x0
[  275.429016][   T30] audit: type=1326 audit(1726194542.088:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.435171][  T311] cp2112 0003:10C4:EA90.0098: unknown main item tag 0x0
[  275.452684][   T30] audit: type=1326 audit(1726194542.088:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.461180][ T7983] attempt to access beyond end of device
[  275.461180][ T7983] loop1: rw=524288, want=45072, limit=40427
[  275.494226][   T30] audit: type=1326 audit(1726194542.088:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.517547][  T311] cp2112 0003:10C4:EA90.0098: unknown main item tag 0x0
[  275.525020][  T311] cp2112 0003:10C4:EA90.0098: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  275.528336][   T30] audit: type=1326 audit(1726194542.088:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.565663][   T30] audit: type=1326 audit(1726194542.088:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.589883][   T30] audit: type=1326 audit(1726194542.088:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.613413][   T30] audit: type=1326 audit(1726194542.088:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.636587][  T480] usb 5-1: Using ep0 maxpacket: 8
[  275.637250][ T8233] overlayfs: statfs failed on './file0'
[  275.642241][   T30] audit: type=1326 audit(1726194542.088:2114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8229 comm="syz.0.3019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0f1baeef9 code=0x7ffc0000
[  275.647397][  T311] cp2112 0003:10C4:EA90.0098: Part Number: 0x00 Device Version: 0x00
[  275.746695][  T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.757426][  T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.766691][  T480] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.767124][  T319] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  275.779407][  T480] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.805424][  T319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.806619][  T480] usb 5-1: New USB device found, idVendor=056a, idProduct=4135, bcdDevice= 0.cc
[  275.822591][  T480] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.824160][  T319] usb 4-1: config 0 descriptor??
[  275.834270][  T480] usb 5-1: config 0 descriptor??
[  275.969639][ T8239] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.976483][ T8239] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.984049][ T8239] device bridge_slave_0 entered promiscuous mode
[  275.991062][ T8239] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.998067][ T8239] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.005375][ T8239] device bridge_slave_1 entered promiscuous mode
[  276.056214][ T8239] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.063233][ T8239] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.070364][ T8239] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.077231][ T8239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.105481][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  276.114664][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.122201][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.133333][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  276.141390][ T1503] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.148232][ T1503] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.162641][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  276.170875][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.177750][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.184948][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  276.197020][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.215112][ T8239] device veth0_vlan entered promiscuous mode
[  276.223575][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  276.232122][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  276.240008][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  276.247264][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  276.255505][   T45] device bridge_slave_1 left promiscuous mode
[  276.261521][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.268869][   T45] device bridge_slave_0 left promiscuous mode
[  276.274819][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.282882][   T45] device veth1_macvtap left promiscuous mode
[  276.289020][   T45] device veth0_vlan left promiscuous mode
[  276.291063][  T480] wacom 0003:056A:4135.0099: Unknown device_type for 'HID 056a:4135'. Ignoring.
[  276.326751][  T311] cp2112 0003:10C4:EA90.0098: error reading lock byte: 0
[  276.337833][  T319] holtek 0003:1241:5015.009A: unknown main item tag 0x5
[  276.355886][  T319] holtek 0003:1241:5015.009A: hidraw1: USB HID v0.00 Device [HID 1241:5015] on usb-dummy_hcd.3-1/input0
[  276.367205][  T319] holtek 0003:1241:5015.009A: no inputs found
[  276.385902][ T8239] device veth1_macvtap entered promiscuous mode
[  276.393035][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  276.404394][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  276.415983][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  276.497268][  T319] usb 5-1: USB disconnect, device number 41
[  276.554529][  T382] usb 4-1: USB disconnect, device number 42
[  276.580488][   T20] usb 3-1: USB disconnect, device number 43
[  276.612386][ T8253] loop0: detected capacity change from 0 to 512
[  276.986597][  T319] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  277.049053][ T8257] tipc: Started in network mode
[  277.053839][ T8257] tipc: Node identity 4637e77c0503, cluster identity 4711
[  277.061048][ T8257] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  277.110777][ T8256] tipc: Resetting bearer <eth:syzkaller0>
[  277.129844][ T8256] tipc: Disabling bearer <eth:syzkaller0>
[  277.226629][  T319] usb 1-1: Using ep0 maxpacket: 8
[  277.346664][  T319] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  277.362872][  T319] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[  277.391377][  T319] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.391916][ T8287] overlayfs: upper fs does not support tmpfile.
[  277.413530][ T8287] overlayfs: upper fs does not support tmpfile.
[  277.414192][  T319] usb 1-1: config 0 descriptor??
[  277.461549][ T8275] loop3: detected capacity change from 0 to 40427
[  277.478601][  T319] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  277.486332][  T319] usb 1-1: Detected SIO
[  277.491380][  T319] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 2
[  277.499960][  T319] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  277.500181][ T8301] device pim6reg1 entered promiscuous mode
[  277.538265][ T8275] F2FS-fs (loop3): invalid crc value
[  277.545738][ T8275] F2FS-fs (loop3): Found nat_bits in checkpoint
[  277.602231][ T8311] tipc: Started in network mode
[  277.607033][ T8311] tipc: Node identity 0a616e589fc3, cluster identity 4711
[  277.608668][ T8275] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  277.614033][ T8311] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  277.663689][ T7977] handle_bad_sector: 2 callbacks suppressed
[  277.663707][ T7977] attempt to access beyond end of device
[  277.663707][ T7977] loop3: rw=524288, want=45072, limit=40427
[  277.681454][ T7977] attempt to access beyond end of device
[  277.681454][ T7977] loop3: rw=0, want=45072, limit=40427
[  277.692533][ T8310] tipc: Resetting bearer <eth:syzkaller0>
[  277.700381][   T39] usb 1-1: USB disconnect, device number 48
[  277.711180][   T39] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  277.720946][ T8310] tipc: Disabling bearer <eth:syzkaller0>
[  277.724789][   T39] ftdi_sio 1-1:0.0: device disconnected
[  277.749833][   T45] attempt to access beyond end of device
[  277.749833][   T45] loop3: rw=2049, want=41104, limit=40427
[  277.805470][   T45] tipc: Left network mode
[  277.897719][ T8330] loop1: detected capacity change from 0 to 512
[  277.927912][ T8332] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.934940][ T8332] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.950264][ T8332] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.952895][ T8330] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz.1.3058: invalid block
[  277.957153][ T8332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  277.957275][ T8332] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.968729][ T8330] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3058: invalid indirect mapped block 10 (level 1)
[  277.975091][ T8332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  277.977023][ T8332] device bridge0 entered promiscuous mode
[  277.991687][ T8330] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3058: invalid indirect mapped block 8 (level 1)
[  278.024274][ T8330] EXT4-fs (loop1): 1 truncate cleaned up
[  278.030030][ T8330] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable,,errors=continue. Quota mode: none.
[  278.133066][ T8330] EXT4-fs error (device loop1): ext4_discard_preallocations:5127: comm syz.1.3058: Error -117 loading buddy information for 14592488
[  278.141362][ T8347] loop2: detected capacity change from 0 to 512
[  278.146968][ T8330] EXT4-fs error (device loop1): ext4_discard_preallocations:5127: comm syz.1.3058: Error -117 loading buddy information for 14592488
[  278.166493][ T8330] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #18: comm syz.1.3058: attempt to clear invalid blocks 37 len 12
[  278.167599][ T8336] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.186890][ T8336] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.194226][ T8336] device bridge_slave_0 entered promiscuous mode
[  278.200500][ T8347] EXT4-fs (loop2): Ignoring removed bh option
[  278.204189][ T8330] EXT4-fs error (device loop1): __ext4_get_inode_loc:4340: comm syz.1.3058: Invalid inode table block 0 in block_group 0
[  278.207874][ T8336] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.225784][ T8336] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.233144][ T8330] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  278.242903][ T8336] device bridge_slave_1 entered promiscuous mode
[  278.243531][ T8347] EXT4-fs error (device loop2): __ext4_iget:4892: inode #15: block 1803188595: comm syz.2.3066: invalid block
[  278.263631][ T8330] EXT4-fs error (device loop1): ext4_punch_hole:4132: inode #18: comm syz.1.3058: mark_inode_dirty error
[  278.267730][ T8347] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.3066: couldn't read orphan inode 15 (err -117)
[  278.287857][ T8347] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none.
[  278.309581][ T8239] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1)
[  278.335414][ T8239] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[  278.354022][ T8239] EXT4-fs error (device loop1): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 0 in block_group 0
[  278.367232][ T8239] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  278.385004][ T8239] EXT4-fs error (device loop1): ext4_dirty_inode:6024: inode #18: comm syz-executor: mark_inode_dirty error
[  278.449259][   T45] device bridge_slave_1 left promiscuous mode
[  278.455757][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.461534][ T8361] loop4: detected capacity change from 0 to 512
[  278.469942][   T45] device bridge_slave_0 left promiscuous mode
[  278.475923][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.483853][   T45] device veth1_macvtap left promiscuous mode
[  278.489984][   T45] device veth0_vlan left promiscuous mode
[  278.512321][ T8361] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.3073: bg 0: block 5: invalid block bitmap
[  278.524631][ T8361] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6184: Corrupt filesystem
[  278.533509][ T8361] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3073: invalid indirect mapped block 3 (level 2)
[  278.546920][ T8361] EXT4-fs (loop4): 1 orphan inode deleted
[  278.552462][ T8361] EXT4-fs (loop4): 1 truncate cleaned up
[  278.558896][ T8361] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  278.586602][   T39] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  278.605891][ T8336] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.612846][ T8336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.619975][ T8336] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.626729][ T8336] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.672868][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  278.681329][  T311] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.686698][  T319] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  278.695674][  T311] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.715969][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.724133][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.730978][  T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.738330][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.746272][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.753392][  T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.774587][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  278.778788][ T8371] loop4: detected capacity change from 0 to 1024
[  278.793075][ T1503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  278.825594][ T8366] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.832515][ T8366] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.840300][ T8371] JBD2: no valid journal superblock found
[  278.843722][ T8366] device bridge_slave_0 entered promiscuous mode
[  278.846006][ T8371] EXT4-fs (loop4): error loading journal
[  278.857522][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.874706][ T8366] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.881716][ T8366] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.889032][ T8366] device bridge_slave_1 entered promiscuous mode
[  278.901783][ T8336] device veth0_vlan entered promiscuous mode
[  278.908031][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  278.915754][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  278.925907][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  278.926772][  T319] usb 3-1: Using ep0 maxpacket: 32
[  278.933287][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  278.946736][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  278.957616][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  278.967420][   T39] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  278.975358][ T8336] device veth1_macvtap entered promiscuous mode
[  278.976278][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.985621][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  278.998604][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  279.003541][   T39] usb 1-1: config 0 descriptor??
[  279.015705][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  279.067714][   T45] tipc: Left network mode
[  279.577263][   T45] device bridge_slave_1 left promiscuous mode
[  279.583227][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.617005][   T45] device bridge_slave_0 left promiscuous mode
[  279.623048][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.687683][   T45] device veth1_macvtap left promiscuous mode
[  279.693540][   T45] device veth0_vlan left promiscuous mode
[  280.035552][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  280.044175][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  280.046728][  T319] usb 3-1: unable to read config index 0 descriptor/all
[  280.053158][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  280.060629][  T319] usb 3-1: can't read configurations, error -71
[  280.073106][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  280.121974][ T8387] syz.4.3083[8387] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.122072][ T8387] syz.4.3083[8387] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.193627][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  280.213669][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  280.226923][   T39] hid (null): bogus close delimiter
[  280.234150][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  280.243141][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  280.260265][ T8394] loop4: detected capacity change from 0 to 128
[  280.271616][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.278485][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.290009][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  280.298649][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  280.306880][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.313715][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.324404][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  280.332326][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  280.379218][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  280.397460][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  280.410723][ T8366] device veth0_vlan entered promiscuous mode
[  280.421282][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  280.429724][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  280.437924][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  280.446802][   T39] usb 1-1: string descriptor 0 read error: -22
[  280.452527][ T8366] device veth1_macvtap entered promiscuous mode
[  280.473432][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  280.498462][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  280.511624][  T480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  280.671781][ T8416] loop3: detected capacity change from 0 to 2048
[  280.700843][ T8416] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  280.708925][   T39] uclogic 0003:256C:006D.009B: interface is invalid, ignoring
[  280.744852][ T8416] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  280.921824][  T480] usb 1-1: USB disconnect, device number 49
[  280.926980][ T8418] loop4: detected capacity change from 0 to 40427
[  280.968223][ T8437] loop2: detected capacity change from 0 to 2048
[  280.983472][ T8418] F2FS-fs (loop4): Found nat_bits in checkpoint
[  281.046842][ T8418] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  281.067732][ T8437] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  281.092081][ T8418] attempt to access beyond end of device
[  281.092081][ T8418] loop4: rw=2049, want=53384, limit=40427
[  281.122178][   T30] kauditd_printk_skb: 84 callbacks suppressed
[  281.122207][   T30] audit: type=1400 audit(1726194547.838:2199): avc:  denied  { unmount } for  pid=8336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  281.167206][ T8033] attempt to access beyond end of device
[  281.167206][ T8033] loop4: rw=2049, want=45112, limit=40427
[  281.168505][ T8456] loop3: detected capacity change from 0 to 4096
[  281.242174][ T8456] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  281.253941][   T30] audit: type=1326 audit(1726194547.978:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8460 comm="syz.1.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14f671ef9 code=0x7ffc0000
[  281.290201][   T30] audit: type=1326 audit(1726194547.998:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8462 comm="syz.2.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e725c1ef9 code=0x7ffc0000
[  281.313879][   T30] audit: type=1326 audit(1726194547.998:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8462 comm="syz.2.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f7e725c1ef9 code=0x7ffc0000
[  281.355527][   T30] audit: type=1326 audit(1726194548.008:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8462 comm="syz.2.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e725c1ef9 code=0x7ffc0000
[  281.488222][ T8481] IPv4: Oversized IP packet from 136.202.26.0
[  281.492346][   T30] audit: type=1326 audit(1726194548.008:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8462 comm="syz.2.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e725c1ef9 code=0x7ffc0000
[  281.532476][ T8479] device syzkaller0 entered promiscuous mode
[  281.536618][   T30] audit: type=1326 audit(1726194548.008:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8464 comm="syz.2.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7e725f3fe5 code=0x7ffc0000
[  281.564668][   T30] audit: type=1326 audit(1726194548.038:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8460 comm="syz.1.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14f671ef9 code=0x7ffc0000
[  281.588041][   T30] audit: type=1326 audit(1726194548.038:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8460 comm="syz.1.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc14f671ef9 code=0x7ffc0000
[  281.611624][   T30] audit: type=1326 audit(1726194548.038:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8460 comm="syz.1.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14f671ef9 code=0x7ffc0000
[  281.674275][ T8484] netlink: 'syz.3.3119': attribute type 15 has an invalid length.
[  281.755325][ T8498] loop3: detected capacity change from 0 to 1024
[  281.829844][ T8508] loop4: detected capacity change from 0 to 4096
[  281.837632][ T8498] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  281.849104][ T8508] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  281.855371][ T8498] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback.
[  281.871202][ T8511] overlayfs: statfs failed on './file0'
[  281.986633][  T319] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  282.042519][ T8522] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  282.077161][  T480] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  282.308810][ T8529] loop4: detected capacity change from 0 to 40427
[  282.321057][ T8529] F2FS-fs (loop4): Unrecognized mount option "nodiscard" or missing value
[  282.346636][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.357587][  T319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.367385][  T319] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  282.376420][  T319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.389385][  T319] usb 2-1: config 0 descriptor??
[  282.431399][ T8536] syz.4.3139[8536] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.431481][ T8536] syz.4.3139[8536] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.458127][ T8536] loop4: detected capacity change from 0 to 512
[  282.475422][  T480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.493905][  T480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.504242][  T480] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  282.513514][  T480] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.525478][  T480] usb 3-1: config 0 descriptor??
[  282.532267][ T8536] EXT4-fs (loop4): Ignoring removed orlov option
[  282.538601][ T8536] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  282.552736][ T8536] EXT4-fs error (device loop4): dx_probe:822: inode #2: comm syz.4.3139: Attempting to read directory block (0) that is past i_size (256)
[  282.569261][ T8536] EXT4-fs (loop4): Remounting filesystem read-only
[  282.575600][ T8536] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  282.584255][ T8536] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,orlov,nogrpid,init_itable,dioread_nolock,grpjquota=.oldalloc,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback.
[  282.612135][ T8536] EXT4-fs (loop4): shut down requested (2)
[  282.618368][ T8536] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  282.737302][ T8544] device pim6reg1 entered promiscuous mode
[  282.790182][ T8552] loop4: detected capacity change from 0 to 1024
[  282.867481][ T8552] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c119, mo2=0002]
[  282.875552][ T8552] System zones: 0-1, 3-12
[  282.880340][ T8552] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,barrier=0xfffffffffffffff8,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,nombcache,nodelalloc,acl,debug,,errors=continue. Quota mode: none.
[  282.880793][  T319] sony 0003:054C:0268.009C: unknown main item tag 0x0
[  282.914281][  T319] sony 0003:054C:0268.009C: unknown main item tag 0x0
[  282.921286][  T319] sony 0003:054C:0268.009C: unknown main item tag 0x0
[  282.931228][  T319] sony 0003:054C:0268.009C: unknown main item tag 0x0
[  282.938006][  T319] sony 0003:054C:0268.009C: unknown main item tag 0x0
[  282.948109][  T319] sony 0003:054C:0268.009C: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.1-1/input0
[  282.967807][  T319] sony 0003:054C:0268.009C: failed to claim input
[  282.987929][  T480] logitech-hidpp-device 0003:046D:C086.009D: item fetching failed at offset 3/5
[  283.000530][  T480] logitech-hidpp-device 0003:046D:C086.009D: hidpp_probe:parse failed
[  283.008721][  T480] logitech-hidpp-device: probe of 0003:046D:C086.009D failed with error -22
[  283.099296][ T8562] loop0: detected capacity change from 0 to 1024
[  283.109047][  T480] usb 2-1: USB disconnect, device number 41
[  283.183267][ T8562] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  283.217249][  T319] usb 3-1: USB disconnect, device number 46
[  283.491791][ T8574] loop0: detected capacity change from 0 to 128
[  283.516466][ T8576] loop4: detected capacity change from 0 to 2048
[  283.533110][ T8574] attempt to access beyond end of device
[  283.533110][ T8574] loop0: rw=34817, want=129, limit=128
[  283.587067][ T8576] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  283.598321][ T8576] EXT4-fs (loop4): mounted filesystem without journal. Opts: mblk_io_submit,delalloc,,errors=continue. Quota mode: none.
[  283.654872][ T8585] loop0: detected capacity change from 0 to 1024
[  283.731941][ T8585] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  283.778774][ T8585] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  283.785429][ T8590] loop4: detected capacity change from 0 to 2048
[  283.811217][ T8596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3162'.
[  283.820231][ T8585] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 16384 with max blocks 1 with error 28
[  283.851199][ T8585] EXT4-fs (loop0): This should not happen!! Data will be lost
[  283.851199][ T8585] 
[  283.861901][ T8585] EXT4-fs (loop0): Total free blocks count 0
[  283.867958][ T8585] EXT4-fs (loop0): Free/Dirty block details
[  283.874011][ T8585] EXT4-fs (loop0): free_blocks=68451041280
[  283.880290][ T8585] EXT4-fs (loop0): dirty_blocks=16
[  283.885290][ T8585] EXT4-fs (loop0): Block reservation details
[  283.891081][ T8585] EXT4-fs (loop0): i_reserved_data_blocks=1
[  283.913780][ T8590] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  284.116667][ T1503] usb 4-1: new full-speed USB device number 43 using dummy_hcd
[  284.242837][ T8648] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1107 sclass=netlink_route_socket pid=8648 comm=syz.2.3181
[  284.255731][ T8648] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3181'.
[  284.321896][ T8654] loop2: detected capacity change from 0 to 256
[  284.341343][ T8654] FAT-fs (loop2): Directory bread(block 1285) failed
[  284.351355][ T8654] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  284.406196][ T8658] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  284.446678][  T382] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  284.476712][ T1503] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  284.490004][ T8669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3191'.
[  284.500575][ T1503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  284.511676][ T1503] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  284.527679][ T1503] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  284.540769][ T1503] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  284.550032][ T1503] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.559344][ T1503] usb 4-1: config 0 descriptor??
[  284.592848][ T8675] loop2: detected capacity change from 0 to 2048
[  284.664917][ T8675] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  284.682953][ T8675] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  284.699068][ T8675] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  284.711304][ T8675] EXT4-fs (loop2): This should not happen!! Data will be lost
[  284.711304][ T8675] 
[  284.720916][ T8675] EXT4-fs (loop2): Total free blocks count 0
[  284.727433][ T8675] EXT4-fs (loop2): Free/Dirty block details
[  284.733132][ T8675] EXT4-fs (loop2): free_blocks=66060288
[  284.739770][ T8675] EXT4-fs (loop2): dirty_blocks=64
[  284.744699][ T8675] EXT4-fs (loop2): Block reservation details
[  284.747053][ T8685] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  284.750880][ T8675] EXT4-fs (loop2): i_reserved_data_blocks=4
[  284.768739][ T8685] EXT4-fs (loop2): This should not happen!! Data will be lost
[  284.768739][ T8685] 
[  284.816911][  T382] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  284.828484][  T382] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  284.845326][  T382] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  284.854403][  T382] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.865751][  T382] usb 2-1: config 0 descriptor??
[  284.886616][  T311] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  284.942876][ T8701] syz.2.3205[8701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.942935][ T8701] syz.2.3205[8701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.037658][ T1503] hid-rmi 0003:17EF:6085.009E: unknown main item tag 0x0
[  285.055734][ T1503] hid-rmi 0003:17EF:6085.009E: unknown main item tag 0x0
[  285.062514][ T1503] hid-rmi 0003:17EF:6085.009E: item fetching failed at offset 2/5
[  285.070442][ T1503] hid-rmi 0003:17EF:6085.009E: parse failed
[  285.076146][ T1503] hid-rmi: probe of 0003:17EF:6085.009E failed with error -22
[  285.086612][  T293] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  285.209983][ T8704] input: syz0 as /devices/virtual/input/input97
[  285.217817][ T8704] ==================================================================
[  285.225701][ T8704] BUG: KASAN: use-after-free in mutex_lock+0xa9/0x1e0
[  285.232293][ T8704] Write of size 8 at addr ffff888124a59850 by task syz.2.3206/8704
[  285.240020][ T8704] 
[  285.242187][ T8704] CPU: 0 PID: 8704 Comm: syz.2.3206 Tainted: G        W         5.15.160-syzkaller-00026-ge6fb3b0fa87f #0
[  285.253296][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  285.263195][ T8704] Call Trace:
[  285.266319][ T8704]  <TASK>
[  285.269095][ T8704]  dump_stack_lvl+0x151/0x1c0
[  285.273607][ T8704]  ? io_uring_drop_tctx_refs+0x190/0x190
[  285.279077][ T8704]  ? __wake_up_klogd+0xd5/0x110
[  285.283760][ T8704]  ? panic+0x760/0x760
[  285.287670][ T8704]  ? vfs_open+0x73/0x80
[  285.291664][ T8704]  print_address_description+0x87/0x3b0
[  285.297045][ T8704]  kasan_report+0x179/0x1c0
[  285.301385][ T8704]  ? mutex_lock+0xa9/0x1e0
[  285.305632][ T8704]  ? mutex_lock+0xa9/0x1e0
[  285.309889][ T8704]  kasan_check_range+0x293/0x2a0
[  285.314658][ T8704]  __kasan_check_write+0x14/0x20
[  285.319433][ T8704]  mutex_lock+0xa9/0x1e0
[  285.323518][ T8704]  ? wait_for_completion_killable_timeout+0x10/0x10
[  285.329939][ T8704]  steam_input_open+0x91/0x1a0
[  285.334533][ T8704]  ? steam_input_register+0xa70/0xa70
[  285.339743][ T8704]  ? __kasan_check_write+0x14/0x20
[  285.344689][ T8704]  ? mutex_lock_interruptible+0xb6/0x1e0
[  285.350156][ T8704]  ? __kasan_check_write+0x14/0x20
[  285.355106][ T8704]  input_open_device+0x1a5/0x310
[  285.359878][ T8704]  ? kobject_get_unless_zero+0x229/0x320
[  285.365368][ T8704]  evdev_open+0x3df/0x620
[  285.369518][ T8704]  chrdev_open+0x4f7/0x620
[  285.373772][ T8704]  ? cd_forget+0x170/0x170
[  285.378019][ T8704]  ? fsnotify_perm+0x4ba/0x5d0
[  285.382706][ T8704]  ? cd_forget+0x170/0x170
[  285.386960][ T8704]  do_dentry_open+0x81c/0xfd0
[  285.391473][ T8704]  vfs_open+0x73/0x80
[  285.395290][ T8704]  path_openat+0x26f0/0x2f40
[  285.399718][ T8704]  ? __kasan_slab_free+0x11/0x20
[  285.404488][ T8704]  ? __kasan_slab_alloc+0xb1/0xe0
[  285.409350][ T8704]  ? kmem_cache_alloc+0xf5/0x200
[  285.414207][ T8704]  ? getname_flags+0xba/0x520
[  285.418759][ T8704]  ? __x64_sys_openat+0x243/0x290
[  285.423584][ T8704]  ? do_filp_open+0x460/0x460
[  285.428099][ T8704]  do_filp_open+0x21c/0x460
[  285.432434][ T8704]  ? vfs_tmpfile+0x2c0/0x2c0
[  285.436868][ T8704]  do_sys_openat2+0x13f/0x830
[  285.441385][ T8704]  ? do_sys_open+0x220/0x220
[  285.445800][ T8704]  ? debug_smp_processor_id+0x17/0x20
[  285.451008][ T8704]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  285.456910][ T8704]  ? exit_to_user_mode_prepare+0x39/0xa0
[  285.462378][ T8704]  ? irqentry_exit+0x12/0x40
[  285.466804][ T8704]  ? exc_page_fault+0x47a/0x830
[  285.471498][ T8704]  __x64_sys_openat+0x243/0x290
[  285.476178][ T8704]  ? __ia32_sys_open+0x270/0x270
[  285.480954][ T8704]  x64_sys_call+0x6bf/0x9a0
[  285.485299][ T8704]  do_syscall_64+0x3b/0xb0
[  285.489557][ T8704]  ? clear_bhb_loop+0x35/0x90
[  285.494059][ T8704]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  285.499786][ T8704] RIP: 0033:0x7f7e725c0890
[  285.504127][ T8704] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  285.523566][ T8704] RSP: 002b:00007f7e7123ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  285.531811][ T8704] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e725c0890
[  285.539621][ T8704] RDX: 0000000000000000 RSI: 00007f7e7123ac10 RDI: 00000000ffffff9c
[  285.547434][ T8704] RBP: 00007f7e7123ac10 R08: 0000000000000000 R09: 0000000000000000
[  285.555244][ T8704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  285.563055][ T8704] R13: 0000000000000000 R14: 00007f7e72779f80 R15: 00007ffdaba2d928
[  285.570872][ T8704]  </TASK>
[  285.573735][ T8704] 
[  285.575902][ T8704] Allocated by task 8083:
[  285.580066][ T8704]  ____kasan_kmalloc+0xdb/0x110
[  285.584753][ T8704]  __kasan_kmalloc+0x9/0x10
[  285.589092][ T8704]  __kmalloc+0x13a/0x270
[  285.593172][ T8704]  fib6_info_alloc+0x33/0xe0
[  285.597610][ T8704]  ip6_route_info_create+0x50b/0x14c0
[  285.602807][ T8704]  ip6_route_add+0x27/0x130
[  285.607146][ T8704]  addrconf_add_linklocal+0x5b5/0x9e0
[  285.612372][ T8704]  addrconf_addr_gen+0x572/0xd00
[  285.617128][ T8704]  addrconf_init_auto_addrs+0xb8a/0x1060
[  285.622594][ T8704]  addrconf_notify+0x91d/0xdd0
[  285.627192][ T8704]  raw_notifier_call_chain+0x8c/0xf0
[  285.632316][ T8704]  __dev_notify_flags+0x304/0x610
[  285.637175][ T8704]  dev_change_flags+0xf0/0x1a0
[  285.641774][ T8704]  do_setlink+0xcd1/0x3b00
[  285.646115][ T8704]  rtnl_newlink+0x1779/0x2050
[  285.650629][ T8704]  rtnetlink_rcv_msg+0x951/0xc40
[  285.655448][ T8704]  netlink_rcv_skb+0x1cf/0x410
[  285.660017][ T8704]  rtnetlink_rcv+0x1c/0x20
[  285.664397][ T8704]  netlink_unicast+0x8df/0xac0
[  285.668988][ T8704]  netlink_sendmsg+0xa0a/0xd20
[  285.673586][ T8704]  __sys_sendto+0x564/0x720
[  285.677928][ T8704]  __x64_sys_sendto+0xe5/0x100
[  285.682524][ T8704]  x64_sys_call+0x15c/0x9a0
[  285.686874][ T8704]  do_syscall_64+0x3b/0xb0
[  285.691118][ T8704]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  285.696846][ T8704] 
[  285.699017][ T8704] Last potentially related work creation:
[  285.704585][ T8704]  kasan_save_stack+0x3b/0x60
[  285.709086][ T8704]  __kasan_record_aux_stack+0xd3/0xf0
[  285.714289][ T8704]  kasan_record_aux_stack_noalloc+0xb/0x10
[  285.719933][ T8704]  call_rcu+0x135/0x1310
[  285.724012][ T8704]  fib6_del+0xd30/0x1060
[  285.728090][ T8704]  fib6_clean_node+0x2ed/0x550
[  285.732693][ T8704]  fib6_walk_continue+0x52d/0x720
[  285.737552][ T8704]  fib6_walk+0x172/0x2d0
[  285.741632][ T8704]  fib6_clean_all+0x202/0x2c0
[  285.746146][ T8704]  rt6_disable_ip+0x153/0x730
[  285.750657][ T8704]  addrconf_ifdown+0x160/0x1ae0
[  285.755345][ T8704]  addrconf_notify+0x37d/0xdd0
[  285.759945][ T8704]  raw_notifier_call_chain+0x8c/0xf0
[  285.765067][ T8704]  __dev_notify_flags+0x304/0x610
[  285.769926][ T8704]  dev_change_flags+0xf0/0x1a0
[  285.774525][ T8704]  dev_ifsioc+0x147/0x10c0
[  285.778778][ T8704]  dev_ioctl+0x54d/0xe70
[  285.782858][ T8704]  sock_do_ioctl+0x34f/0x5a0
[  285.787284][ T8704]  sock_ioctl+0x455/0x740
[  285.791451][ T8704]  __se_sys_ioctl+0x114/0x190
[  285.795964][ T8704]  __x64_sys_ioctl+0x7b/0x90
[  285.800388][ T8704]  x64_sys_call+0x98/0x9a0
[  285.804642][ T8704]  do_syscall_64+0x3b/0xb0
[  285.808894][ T8704]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  285.814625][ T8704] 
[  285.816808][ T8704] Second to last potentially related work creation:
[  285.823390][ T8704]  kasan_save_stack+0x3b/0x60
[  285.827904][ T8704]  __kasan_record_aux_stack+0xd3/0xf0
[  285.833115][ T8704]  kasan_record_aux_stack_noalloc+0xb/0x10
[  285.838748][ T8704]  call_rcu+0x135/0x1310
[  285.842830][ T8704]  fib6_del+0xd30/0x1060
[  285.847032][ T8704]  fib6_clean_node+0x2ed/0x550
[  285.851633][ T8704]  fib6_walk_continue+0x52d/0x720
[  285.856492][ T8704]  fib6_walk+0x172/0x2d0
[  285.860570][ T8704]  fib6_clean_all+0x202/0x2c0
[  285.865084][ T8704]  rt6_disable_ip+0x153/0x730
[  285.869605][ T8704]  addrconf_ifdown+0x160/0x1ae0
[  285.874284][ T8704]  addrconf_notify+0x37d/0xdd0
[  285.878883][ T8704]  raw_notifier_call_chain+0x8c/0xf0
[  285.884005][ T8704]  dev_close_many+0x37c/0x530
[  285.888520][ T8704]  unregister_netdevice_many+0x492/0x17c0
[  285.894073][ T8704]  default_device_exit_batch+0x38a/0x3f0
[  285.899544][ T8704]  cleanup_net+0x6ce/0xc00
[  285.903796][ T8704]  process_one_work+0x6bb/0xc10
[  285.908482][ T8704]  worker_thread+0xad5/0x12a0
[  285.912994][ T8704]  kthread+0x421/0x510
[  285.916899][ T8704]  ret_from_fork+0x1f/0x30
[  285.921154][ T8704] 
[  285.923325][ T8704] The buggy address belongs to the object at ffff888124a59800
[  285.923325][ T8704]  which belongs to the cache kmalloc-512 of size 512
[  285.937218][ T8704] The buggy address is located 80 bytes inside of
[  285.937218][ T8704]  512-byte region [ffff888124a59800, ffff888124a59a00)
[  285.950230][ T8704] The buggy address belongs to the page:
[  285.955716][ T8704] page:ffffea0004929600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888124a5ac00 pfn:0x124a58
[  285.967153][ T8704] head:ffffea0004929600 order:2 compound_mapcount:0 compound_pincount:0
[  285.975308][ T8704] flags: 0x4000000000010200(slab|head|zone=1)
[  285.981220][ T8704] raw: 4000000000010200 ffffea000416e908 ffffea0004be2408 ffff888100042f00
[  285.989640][ T8704] raw: ffff888124a5ac00 0000000000100005 00000001ffffffff 0000000000000000
[  285.998051][ T8704] page dumped because: kasan: bad access detected
[  286.004305][ T8704] page_owner tracks the page as allocated
[  286.009853][ T8704] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 382, ts 48093356374, free_ts 47909074995
[  286.027995][ T8704]  post_alloc_hook+0x1a3/0x1b0
[  286.032598][ T8704]  prep_new_page+0x1b/0x110
[  286.036949][ T8704]  get_page_from_freelist+0x3550/0x35d0
[  286.042330][ T8704]  __alloc_pages+0x27e/0x8f0
[  286.046738][ T8704]  new_slab+0x9a/0x4e0
[  286.050646][ T8704]  ___slab_alloc+0x39e/0x830
[  286.055071][ T8704]  __slab_alloc+0x4a/0x90
[  286.059239][ T8704]  __kmalloc+0x16d/0x270
[  286.063322][ T8704]  ___neigh_create+0x6d0/0x1bd0
[  286.068004][ T8704]  __neigh_create+0x32/0x40
[  286.072346][ T8704]  ip6_finish_output2+0x9ee/0x16e0
[  286.077290][ T8704]  __ip6_finish_output+0x60f/0x7c0
[  286.082237][ T8704]  ip6_finish_output+0x31/0x210
[  286.086926][ T8704]  ip6_output+0x1f7/0x4d0
[  286.091090][ T8704]  ndisc_send_skb+0x73e/0xc90
[  286.095605][ T8704]  ndisc_send_rs+0x532/0x6a0
[  286.100120][ T8704] page last free stack trace:
[  286.104641][ T8704]  free_unref_page_prepare+0x7c8/0x7d0
[  286.109924][ T8704]  free_unref_page+0xe8/0x750
[  286.114440][ T8704]  __free_pages+0x61/0xf0
[  286.118603][ T8704]  __free_slab+0xec/0x1d0
[  286.122769][ T8704]  __unfreeze_partials+0x165/0x1a0
[  286.127718][ T8704]  put_cpu_partial+0xc4/0x120
[  286.132228][ T8704]  __slab_free+0x1c8/0x290
[  286.136480][ T8704]  ___cache_free+0x109/0x120
[  286.140908][ T8704]  qlink_free+0x4d/0x90
[  286.144903][ T8704]  qlist_free_all+0x44/0xb0
[  286.149242][ T8704]  kasan_quarantine_reduce+0x15a/0x180
[  286.154535][ T8704]  __kasan_slab_alloc+0x2f/0xe0
[  286.159223][ T8704]  slab_post_alloc_hook+0x53/0x2c0
[  286.164166][ T8704]  kmem_cache_alloc+0xf5/0x200
[  286.168768][ T8704]  getname_flags+0xba/0x520
[  286.173109][ T8704]  user_path_at_empty+0x2d/0x1a0
[  286.177882][ T8704] 
[  286.180054][ T8704] Memory state around the buggy address:
[  286.185541][ T8704]  ffff888124a59700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.193435][ T8704]  ffff888124a59780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.201318][ T8704] >ffff888124a59800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.209562][ T8704]                                                  ^
[  286.216074][ T8704]  ffff888124a59880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.223970][ T8704]  ffff888124a59900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.231865][ T8704] ==================================================================
[  286.239765][ T8704] Disabling lock debugging due to kernel taint
[  286.247145][  T319] usb 4-1: USB disconnect, device number 43
[  286.262439][ T8704] general protection fault, probably for non-canonical address 0xdffffc002000000e: 0000 [#1] PREEMPT SMP KASAN
[  286.274061][ T8704] KASAN: probably user-memory-access in range [0x0000000100000070-0x0000000100000077]
[  286.283445][ T8704] CPU: 1 PID: 8704 Comm: syz.2.3206 Tainted: G    B   W         5.15.160-syzkaller-00026-ge6fb3b0fa87f #0
[  286.294541][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  286.304446][ T8704] RIP: 0010:__mutex_lock+0x279/0x1870
[  286.309647][ T8704] Code: 3e ce fc 4c 8b 3b 49 83 e7 f8 0f 84 ba 00 00 00 4c 89 6c 24 20 4d 8d 6f 34 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 8f 0f 00 00 41 83 7d 00 00 74 67 49 83 c7
[  286.329105][ T8704] RSP: 0018:ffffc90000cdf2e0 EFLAGS: 00010203
[  286.334985][ T8704] RAX: 000000002000000e RBX: ffff888124a59850 RCX: dffffc0000000000
[  286.342809][ T8704] RDX: 0000000000000000 RSI: 0000000000000286 RDI: ffff888124a59850
[  286.350608][ T8704] RBP: ffffc90000cdf500 R08: dffffc0000000000 R09: 0000000000000007
[  286.358426][ T8704] R10: ffffed102494b30a R11: dffffc0000000001 R12: 1ffff11021da8768
[  286.366230][ T8704] R13: 0000000100000074 R14: 1ffff9200019be6c R15: 0000000100000040
[  286.366711][  T311] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  286.374049][ T8704] FS:  00007f7e7123b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  286.374072][ T8704] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  286.374087][ T8704] CR2: 000000110c288348 CR3: 00000001108e4000 CR4: 00000000003506a0
[  286.383096][  T311] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.391666][ T8704] DR0: 0000000000000000 DR1: 0000000001000000 DR2: 0000000000000000
[  286.391684][ T8704] DR3: 0004000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  286.391700][ T8704] Call Trace:
[  286.391707][ T8704]  <TASK>
[  286.404794][  T311] usb 1-1: config 0 descriptor??
[  286.405897][ T8704]  ? __die_body+0x62/0xb0
[  286.405928][ T8704]  ? die_addr+0x9f/0xd0
[  286.448166][ T8704]  ? exc_general_protection+0x311/0x4b0
[  286.453637][ T8704]  ? asm_exc_general_protection+0x27/0x30
[  286.459205][ T8704]  ? __mutex_lock+0x279/0x1870
[  286.463786][ T8704]  ? __kasan_check_read+0x11/0x20
[  286.468657][ T8704]  ? preempt_schedule+0xd9/0xe0
[  286.473334][ T8704]  ? schedule_preempt_disabled+0x20/0x20
[  286.478800][ T8704]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  286.484445][ T8704]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  286.491127][ T8704]  ? preempt_schedule_thunk+0x16/0x18
[  286.496336][ T8704]  ? __kasan_check_write+0x14/0x20
[  286.501278][ T8704]  ? check_panic_on_warn+0x65/0xb0
[  286.506228][ T8704]  ? end_report+0x5b/0xc0
[  286.510395][ T8704]  ? mutex_lock+0xa9/0x1e0
[  286.514644][ T8704]  ? mutex_lock+0xa9/0x1e0
[  286.518897][ T8704]  ? kasan_check_range+0x293/0x2a0
[  286.523845][ T8704]  __mutex_lock_slowpath+0xe/0x10
[  286.528706][ T8704]  mutex_lock+0x135/0x1e0
[  286.532871][ T8704]  ? wait_for_completion_killable_timeout+0x10/0x10
[  286.539295][ T8704]  steam_input_open+0x91/0x1a0
[  286.543892][ T8704]  ? steam_input_register+0xa70/0xa70
[  286.549102][ T8704]  ? __kasan_check_write+0x14/0x20
[  286.554179][ T8704]  ? mutex_lock_interruptible+0xb6/0x1e0
[  286.559641][ T8704]  ? __kasan_check_write+0x14/0x20
[  286.564588][ T8704]  input_open_device+0x1a5/0x310
[  286.569359][ T8704]  ? kobject_get_unless_zero+0x229/0x320
[  286.574825][ T8704]  evdev_open+0x3df/0x620
[  286.578996][ T8704]  chrdev_open+0x4f7/0x620
[  286.583251][ T8704]  ? cd_forget+0x170/0x170
[  286.587496][ T8704]  ? fsnotify_perm+0x4ba/0x5d0
[  286.592097][ T8704]  ? cd_forget+0x170/0x170
[  286.596350][ T8704]  do_dentry_open+0x81c/0xfd0
[  286.600864][ T8704]  vfs_open+0x73/0x80
[  286.604682][ T8704]  path_openat+0x26f0/0x2f40
[  286.609110][ T8704]  ? __kasan_slab_free+0x11/0x20
[  286.613898][ T8704]  ? __kasan_slab_alloc+0xb1/0xe0
[  286.618742][ T8704]  ? kmem_cache_alloc+0xf5/0x200
[  286.623521][ T8704]  ? getname_flags+0xba/0x520
[  286.628032][ T8704]  ? __x64_sys_openat+0x243/0x290
[  286.632891][ T8704]  ? do_filp_open+0x460/0x460
[  286.637407][ T8704]  do_filp_open+0x21c/0x460
[  286.641742][ T8704]  ? vfs_tmpfile+0x2c0/0x2c0
[  286.646179][ T8704]  do_sys_openat2+0x13f/0x830
[  286.650696][ T8704]  ? do_sys_open+0x220/0x220
[  286.655114][ T8704]  ? debug_smp_processor_id+0x17/0x20
[  286.660315][ T8704]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  286.666233][ T8704]  ? exit_to_user_mode_prepare+0x39/0xa0
[  286.667581][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.671689][ T8704]  ? irqentry_exit+0x12/0x40
[  286.683010][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.686888][ T8704]  ? exc_page_fault+0x47a/0x830
[  286.686913][ T8704]  __x64_sys_openat+0x243/0x290
[  286.699532][  T293] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  286.701167][ T8704]  ? __ia32_sys_open+0x270/0x270
[  286.705835][  T293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.714665][ T8704]  x64_sys_call+0x6bf/0x9a0
[  286.714689][ T8704]  do_syscall_64+0x3b/0xb0
[  286.714710][ T8704]  ? clear_bhb_loop+0x35/0x90
[  286.724288][  T293] usb 5-1: config 0 descriptor??
[  286.727334][ T8704]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  286.727362][ T8704] RIP: 0033:0x7f7e725c0890
[  286.755193][ T8704] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  286.774633][ T8704] RSP: 002b:00007f7e7123ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  286.782877][ T8704] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e725c0890
[  286.790688][ T8704] RDX: 0000000000000000 RSI: 00007f7e7123ac10 RDI: 00000000ffffff9c
[  286.798498][ T8704] RBP: 00007f7e7123ac10 R08: 0000000000000000 R09: 0000000000000000
[  286.806310][ T8704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  286.814124][ T8704] R13: 0000000000000000 R14: 00007f7e72779f80 R15: 00007ffdaba2d928
[  286.821940][ T8704]  </TASK>
[  286.824798][ T8704] Modules linked in:
[  286.829045][ T8704] ---[ end trace b8214a369e8d848c ]---
[  286.834381][ T8704] RIP: 0010:__mutex_lock+0x279/0x1870
[  286.839564][ T8704] Code: 3e ce fc 4c 8b 3b 49 83 e7 f8 0f 84 ba 00 00 00 4c 89 6c 24 20 4d 8d 6f 34 4c 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 8f 0f 00 00 41 83 7d 00 00 74 67 49 83 c7
[  286.859390][ T8704] RSP: 0018:ffffc90000cdf2e0 EFLAGS: 00010203
[  286.865466][ T8704] RAX: 000000002000000e RBX: ffff888124a59850 RCX: dffffc0000000000
[  286.873945][ T8704] RDX: 0000000000000000 RSI: 0000000000000286 RDI: ffff888124a59850
[  286.881912][ T8704] RBP: ffffc90000cdf500 R08: dffffc0000000000 R09: 0000000000000007
[  286.889642][ T8704] R10: ffffed102494b30a R11: dffffc0000000001 R12: 1ffff11021da8768
[  286.897609][ T8704] R13: 0000000100000074 R14: 1ffff9200019be6c R15: 0000000100000040
[  286.905389][ T8704] FS:  00007f7e7123b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  286.914175][ T8704] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  286.920584][ T8704] CR2: 000000110c288348 CR3: 00000001108e4000 CR4: 00000000003506a0
[  286.928417][ T8704] DR0: 0000000000000000 DR1: 0000000001000000 DR2: 0000000000000000
[  286.936194][ T8704] DR3: 0004000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  286.944042][ T8704] Kernel panic - not syncing: Fatal exception
[  286.950234][ T8704] Kernel Offset: disabled
[  286.954364][ T8704] Rebooting in 86400 seconds..