last executing test programs:

8.227884463s ago: executing program 3 (id=6110):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r8, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00', @ANYBLOB="1d3200000000000000001000000014000f00fe8000000000000000000000bb080001000000f5"], 0x30}}, 0x0)
r9 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000380)=0x1000)

7.180256703s ago: executing program 3 (id=6114):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r8=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r8}, 0x10)
bind$xdp(r3, &(0x7f0000000240)={0x2c, 0x1, r5, 0x0, r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)

6.961984928s ago: executing program 1 (id=6116):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x75, 0x1c, 0x1, 0x10, 0xfe6, 0x9800, 0xd19a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x29, 0x2, 0x2, 0xb4, 0x8c, 0xbb, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000440)={0x1c, &(0x7f0000000280)={0x20, 0x1, 0x6, "68f7e1487209"}, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000740)={0x0, 0x5, 0x3, "b71168"}, 0x0, 0x0, 0x0, 0x0, 0x0})

6.324770062s ago: executing program 3 (id=6123):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x8040480)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x8927, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0})

6.286026516s ago: executing program 3 (id=6124):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400000400ec00000000000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c0012000b000100627269646765"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006272696467655f736c6176655f31000008000a00", @ANYRES32=r5], 0x3c}}, 0x0)
socket$inet6(0xa, 0x80001, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006272696467655f736c6176655f3100000a000100be"], 0x40}}, 0x0)

6.132446044s ago: executing program 3 (id=6125):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000040)="660f3881ae000000c483b17e35e661c286000f08c4a2ed8c03f30f09f30fc7b5c5a40000410f01cbc4c2f9341cd50d0000000f7973d50f08", 0x38}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f000001a080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0xc0145b0e, &(0x7f0000000040))

5.128252629s ago: executing program 0 (id=6132):
syz_open_dev$tty20(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448e0, &(0x7f00000001c0))

4.475863015s ago: executing program 2 (id=6142):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000140)=0x80000000, 0x4)

4.475702155s ago: executing program 2 (id=6143):
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffc6e)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
openat$pfkey(0xffffff9c, 0x0, 0x101000, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000100)=@req={0x28, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='batadv0\x00'}})
socket(0x11, 0x800000003, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r5)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
r6 = openat$cgroup_int(r5, 0x0, 0x2, 0x0)
write$cgroup_int(r6, &(0x7f0000000740), 0x12)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)

4.143576733s ago: executing program 0 (id=6144):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r0, 0x8b22, &(0x7f0000000040))

2.919235294s ago: executing program 1 (id=6148):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8000, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4048aecb, &(0x7f0000000080))

2.808157846s ago: executing program 0 (id=6149):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x5, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507005c0ef5dcc0d6eb07000000", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x61b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x2, 0x3}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005140)=@newchain={0x24, 0x64, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)

2.807438107s ago: executing program 4 (id=6150):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x2007ffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$peeksig(0x4209, r0, 0x0, &(0x7f00000005c0)=[{}, {}, {}])
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r3, 0x11, 0xa, 0x0, &(0x7f0000000380))

2.723978657s ago: executing program 1 (id=6151):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000340)={0xe, 0x5, 0x40})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

1.722500132s ago: executing program 4 (id=6152):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xb, [@struct={0x9, 0x1, 0x0, 0x4, 0x1, 0x5a, [{0x41ede236, 0x4, 0x5}]}]}, {0x0, [0x5f, 0x0, 0x61, 0x30, 0x30, 0x30, 0x0, 0x5f, 0x5f]}}, &(0x7f00000008c0)=""/211, 0x3b, 0xd3, 0x1, 0x4, 0x0, @void, @value}, 0x28)

1.664311518s ago: executing program 4 (id=6153):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x0, 0x0)
preadv2(r1, &(0x7f0000000180)=[{&(0x7f0000000100)=""/65, 0x41}], 0x1, 0x0, 0x0, 0x0)

1.660624649s ago: executing program 4 (id=6154):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0)

1.581966398s ago: executing program 0 (id=6155):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000180)=0x6)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10)
connect$inet6(r2, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
socket$inet6(0xa, 0x5, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f234e0000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)
ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0xc020aa08, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100677470001400028008000100", @ANYRES32=r4], 0x48}}, 0x0)

1.532163054s ago: executing program 4 (id=6156):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r5, &(0x7f00000015c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x4003)

1.531813154s ago: executing program 3 (id=6157):
ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$usbfs(&(0x7f0000000500), 0x532664a8, 0x600080)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.239928037s ago: executing program 2 (id=6158):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000034c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9420a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883f53b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725e78400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e0808657393921a4902c5340690bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eea61f766664e5e9c678dd5e8f7f07368b317b0e09580380717188b22574dc2b50cfe0d4c3ce4628ef8b90c4179be593b31bb716525863c2044781e7d79c5fb015c1cdef274fd95c943f4a31bd248b122e4c10c3b8f57d63615df5a7a14cac878cb10dc96e27fd49bfb2b1e711e2b0715d263b0bba3f396ab238b4bdc3a372ae821b5494dd8954d5dd9c2d894833e652e58bf110e4c0f4e364c3b4fc1b8262cf8d9651bbd9fd9fac5f2831e965935239b60f72a0194262077f2ad9b4d2dc036b8d1c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r1, r1, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r4=>0x0}, 0x8)
r5 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r4, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r5, r0, 0x0, r3}, 0x10)

1.142197458s ago: executing program 0 (id=6159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

1.088321155s ago: executing program 0 (id=6160):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "63b6bcef"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x9}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$HIDIOCGFIELDINFO(r1, 0xc038480a, &(0x7f0000000000)={0x22, 0x100, 0x17, 0xfffffffe, 0x5145, 0xffffffff, 0x7, 0x7, 0x80000000, 0xfffffffc, 0x8, 0x0, 0xfffffffe, 0x4000001})

1.087973865s ago: executing program 2 (id=6161):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)

1.087739995s ago: executing program 1 (id=6162):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00')
read$FUSE(r3, &(0x7f00000050c0)={0x2020}, 0x2020)

464.110777ms ago: executing program 4 (id=6163):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r5 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r5, &(0x7f0000000740)=[{&(0x7f0000000300)=""/49, 0x31}], 0x1, 0xbc, 0x0)

234.893793ms ago: executing program 2 (id=6164):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x0, 0x0)
preadv2(r1, &(0x7f0000000180)=[{&(0x7f0000000100)=""/65, 0x41}], 0x1, 0x0, 0x0, 0x0)

102.339718ms ago: executing program 1 (id=6165):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000004dc0)=@delchain={0x740, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x4}, {0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0x6e4, 0x2, [@TCA_U32_LINK={0x8, 0x3, 0x3f5}, @TCA_U32_FLAGS={0x8, 0xb, 0x5}, @TCA_U32_INDEV={0x14, 0x8, 'veth1_to_bridge\x00'}, @TCA_U32_ACT={0x6bc, 0x7, [@m_mpls={0xa0, 0x16, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x6005}, @TCA_MPLS_LABEL={0x8, 0x5, 0x38993}, @TCA_MPLS_TC={0x5, 0x6, 0x4}, @TCA_MPLS_LABEL={0x8, 0x5, 0xbc27b}, @TCA_MPLS_TC={0x5, 0x6, 0x2}, @TCA_MPLS_TTL={0x5, 0x7, 0x1}, @TCA_MPLS_LABEL={0x8, 0x5, 0xf80e6}]}, {0x39, 0x6, "612d3699db034f8f08430151bfb3f0819c1d44301a821ce1a7e2fcd26a93322f414a08eb783ba01be15256ed15fc2fa03568c8552b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_mirred={0x160, 0x1e, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x7, 0x20000000, 0xffff, 0x6}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x7, 0x8, 0x8, 0x401}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3a61, 0x5a68ce02, 0x0, 0x2eca, 0x5}, 0x3}}]}, {0xd1, 0x6, "71558f82c797ed40aa96cae0561caac80e37421fbe6b5847795e9152419bd6e36082801f37e53ccbea50d8b4e7d6d4cd06cec76ec462499bdf122811144a51b56146738d4d25cbd285f2e729dbbe3c6137f7cd123b784cfddefd732ecc306f6cd0dc9c82fffc866125185fd50c16a59b8228811ffa42a3fc06ae6c491841f2d3b022b410d20071f23972ad211e8d088570180a0b72ec30b207b439e9499530f5ed3add294c6979c4716758179993cb396d1a9e8371981dc62a436962aa697442d2123e008f091efa1ef638699b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_police={0x64, 0x20, 0x0, 0x0, {{0xb}, {0x4}, {0x35, 0x6, "becc0dfba237e62806d749b491e4df74a2edaae87448c525c394a1cd2b702d5bf5d0417b2f2d65c8e351d44c338dd81ad3"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_xt={0xb4, 0x15, 0x0, 0x0, {{0x7}, {0x64, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8}, @TCA_IPT_HOOK={0x8, 0x2, 0x7}, @TCA_IPT_INDEX={0x8, 0x3, 0xfffffffe}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}]}, {0x29, 0x6, "7cc4d4d8913023393152cf1483893cb72022204afc5a3c78451fb35e595b70d04ef5495ca4"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ct={0x44, 0xb, 0x0, 0x0, {{0x7}, {0x4}, {0x19, 0x6, "3b8dd99ff628f0e136ea03ee3bb7e4eb97a588c1fa"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x90, 0x1f, 0x0, 0x0, {{0x7}, {0x68, 0x2, 0x0, 0x1, [@TCA_CT_ACTION={0x6, 0x3, 0x7}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_CT_ACTION={0x6, 0x3, 0x21}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0600be9e48e760ba6779831df0129d79"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_LABELS_MASK={0x14, 0x8, "e7011bcc7a6b8ee870edb3e1d4364f94"}, @TCA_CT_ACTION={0x6, 0x3, 0x34}, @TCA_CT_LABELS={0x14, 0x7, "d84f053b22a32e873e2676b45f4a0ad9"}]}, {0x4}, {0xc}, {0xc}}}, @m_ctinfo={0x6c, 0xf, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x9}]}, {0x2d, 0x6, "871e4a3093c0e8019f3e85d16b62fbd06858927c4759e03eb68fe380f18d158dfeeec5a54f2e4d1b78"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_pedit={0xd8, 0x13, 0x0, 0x0, {{0xa}, {0x4}, {0xa9, 0x6, "13095aa19e3ff97ff1475cc7f6d44e64023e0f07f5503ec93c537ec467da66e10c0670c5424185a4211b985fbb71c90e943fd5ba6989123f51adc29f4d098a5853a725f727bd15293ea587519524ef80fd8af80f756cfebcef3980870a5ae562474c9ec51aaff99d80483e5889203fa14a5bdb050b4f8c23a709ea648f0083bafcaefd2dfdc6e9fd21bd1230b100d95fdedd566e96c84f3a440023eb3e68c8f4ce4718278e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_ct={0x188, 0x2, 0x0, 0x0, {{0x7}, {0x68, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @empty}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e21}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x3}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @loopback}, @TCA_CT_MARK={0x8, 0x5, 0x8}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0e16c0fbcfd4e59e5f04cfa3cef75f58"}, @TCA_CT_ZONE={0x6, 0x4, 0x40}]}, {0xfa, 0x6, "a1f2a4ce007ddd8790543600a2420ec559f8c649a2a9f3d420934096de08ac63d9c315e8dded6fb2508c68041b7a0aaceed27574893969cda1525b9c8934a0e1e629652c69b92b0c6af575f0df47a043720f08c20d25a11fd3d0a1a33bb49821dd083349fa0d176cd4a307e71c04cd22f512591403a4b3bf2f517e65c5c9da8db780c47af490bf4f5a3657faefcdd5726a3328052df3f62a23cdddee72c32714d8e6fe2a05fbf6e706ce8982979ef8f4a0b551d14b2f93f6166542955dc5bce3689be9fe95626bbded9b18f97ec2efe958898f5beb20933796e6b3c7209a4c6a7ab7fcfcac6e41ee18e29999441f5131306482f32bfb"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x60}, @TCA_ROUTE4_IIF={0x8}]}}]}, 0x740}, 0x1, 0x0, 0x0, 0x1}, 0x20000810)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

274.46µs ago: executing program 1 (id=6166):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e0001000200"], 0x8)

0s ago: executing program 2 (id=6167):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000100)=@req={0x28, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='batadv0\x00'}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
socket$netlink(0x10, 0x3, 0x0)
fchdir(0xffffffffffffffff)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(0x0)
r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000740), 0x12)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040201006000000"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)

kernel console output (not intermixed with test programs):

e.
[ 1725.703179][T30705] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1725.716449][T30705] CPU: 0 PID: 30705 Comm: syz.3.5816 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1725.726226][T30705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1725.736119][T30705] Call Trace:
[ 1725.739255][T30705]  dump_stack_lvl+0x1e2/0x24b
[ 1725.743771][T30705]  ? panic+0x812/0x812
[ 1725.747666][T30705]  ? kmem_cache_free+0xa9/0x1e0
[ 1725.752353][T30705]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1725.757651][T30705]  dump_stack+0x15/0x17
[ 1725.761638][T30705]  should_fail+0x3c6/0x510
[ 1725.765897][T30705]  should_fail_usercopy+0x1a/0x20
[ 1725.770748][T30705]  _copy_from_user+0x20/0xd0
[ 1725.775175][T30705]  strndup_user+0xb3/0x150
[ 1725.779426][T30705]  __se_sys_mount+0x9b/0x3b0
[ 1725.783854][T30705]  ? __x64_sys_mount+0xd0/0xd0
[ 1725.788454][T30705]  __x64_sys_mount+0xbf/0xd0
[ 1725.792881][T30705]  do_syscall_64+0x34/0x70
[ 1725.797134][T30705]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1725.802858][T30705] RIP: 0033:0x7f43c847bff9
[ 1725.807114][T30705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1725.826553][T30705] RSP: 002b:00007f43c70f5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1725.834885][T30705] RAX: ffffffffffffffda RBX: 00007f43c8633f80 RCX: 00007f43c847bff9
[ 1725.842710][T30705] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000
[ 1725.850505][T30705] RBP: 00007f43c70f5090 R08: 0000000020000400 R09: 0000000000000000
[ 1725.858316][T30705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1725.866564][T30705] R13: 0000000000000000 R14: 00007f43c8633f80 R15: 00007ffd1a08a578
[ 1726.265660][T30737] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1726.303166][T30735] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1726.330257][T30735] EXT4-fs error (device loop3): ext4_fill_super:4955: inode #2: comm syz.3.5824: casefold flag without casefold feature
[ 1726.352979][T30735] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1726.383366][T30735] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1726.416760][T30731] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1726.431859][T30731] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1726.480632][T30731] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1726.519840][T30731] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1726.526721][T30731] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1726.540142][T30748] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1726.547103][T30748] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1726.557305][T30741] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1726.561109][T30748] device bridge_slave_0 entered promiscuous mode
[ 1726.565321][T30741] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1726.574415][T30748] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1726.585898][T30741] F2FS-fs (loop0): invalid crc value
[ 1726.587103][T30741] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1726.591447][T30748] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1726.604963][T30748] device bridge_slave_1 entered promiscuous mode
[ 1726.674806][T30756] EXT4-fs error (device loop3): ext4_fill_super:4955: inode #2: comm syz.3.5829: casefold flag without casefold feature
[ 1726.691507][T30748] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1726.697260][T30756] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1726.698363][T30748] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1726.709078][T30756] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[ 1726.709078][T30756] 
[ 1726.715132][T30748] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1726.724777][T30756] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1726.731518][T30748] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1726.748339][T30741] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1726.755790][T30741] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1726.876135][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1726.959934][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1726.968350][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1726.987705][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1726.998746][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1727.022504][T30748] device veth0_vlan entered promiscuous mode
[ 1727.029134][T30737] overlayfs: statfs failed on './file0'
[ 1727.077970][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1727.091813][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1727.100928][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1727.108924][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1727.132860][T30748] device veth1_macvtap entered promiscuous mode
[ 1727.190044][T30768] EXT4-fs error (device loop3): ext4_add_entry:2440: inode #2: comm syz.3.5829: Directory hole found for htree leaf block 0
[ 1727.335512][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1727.359537][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1727.367735][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1727.376172][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1727.384295][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1727.455017][    T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1727.463945][    T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1727.499618][T30771] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1727.508563][T30771] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038 (0x7fffffff)
[ 1727.638699][T30775] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1727.648128][T30775] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038 (0x7fffffff)
[ 1727.760101][   T24] audit: type=1400 audit(1729592685.229:637): avc:  denied  { create } for  pid=30770 comm="syz.2.5830" dev="anon_inodefs" ino=103263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1727.906274][   T24] audit: type=1400 audit(1729592685.229:638): avc:  denied  { ioctl } for  pid=30770 comm="syz.2.5830" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=103263 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1728.030940][T29488] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1728.081092][T30789] device vlan0 entered promiscuous mode
[ 1728.088412][T30791] device vlan0 left promiscuous mode
[ 1728.164109][   T20] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[ 1728.225455][T30799] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1728.233916][T30799] EXT4-fs error (device loop2): __ext4_iget:4986: inode #11: block 1: comm syz.2.5835: invalid block
[ 1728.244810][T30799] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5835: couldn't read orphan inode 11 (err -117)
[ 1728.256606][T30799] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1728.368011][T17740] device bridge_slave_1 left promiscuous mode
[ 1728.374013][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1728.381622][T17740] device bridge_slave_0 left promiscuous mode
[ 1728.387784][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1728.395926][T17740] device veth1_macvtap left promiscuous mode
[ 1728.401925][T17740] device veth0_vlan left promiscuous mode
[ 1728.435190][T29488] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1728.444064][T29488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1728.452717][T29488] usb 5-1: config 0 descriptor??
[ 1728.466322][T30806] exfat: Unknown parameter '���k+R�ȼ�˥�u9[�H'
[ 1728.555105][   T20] usb 1-1: config 0 has an invalid interface number: 156 but max is 1
[ 1728.563462][   T20] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1728.573667][   T20] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1728.582370][   T20] usb 1-1: config 0 has no interface number 0
[ 1728.588644][   T20] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1728.598285][   T20] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1728.609043][   T20] usb 1-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1728.635022][  T348] usb 2-1: new full-speed USB device number 102 using dummy_hcd
[ 1728.865142][   T20] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1728.874121][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=21
[ 1728.882361][   T20] usb 1-1: SerialNumber: syz
[ 1728.890920][   T20] usb 1-1: config 0 descriptor??
[ 1728.937330][   T20] usb 1-1: MIDIStreaming interface descriptor not found
[ 1729.135005][  T348] usb 2-1: not running at top speed; connect to a high speed hub
[ 1729.195205][T29487] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1729.215071][  T348] usb 2-1: config 1 has an invalid descriptor of length 126, skipping remainder of the config
[ 1729.225787][  T348] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1729.385087][  T348] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1729.401042][  T348] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1729.424042][  T348] usb 2-1: Product: ᬿನᰚ֕⢎밄⑑塂蠳䟻ᆷ遘谜얫ᶗ⬹䪂眾ﱻ젻䩆ꁲ䮆且趼掰꿘Ⴏ㋨ጱ玿ꍣ滸墸຿⨐᥉脨鞥鉈㗗葦すഞⱎ
[ 1729.445050][T29487] usb 3-1: Using ep0 maxpacket: 8
[ 1729.469741][  T348] usb 2-1: Manufacturer: ю
[ 1729.482428][  T348] usb 2-1: SerialNumber: ࠐ
[ 1729.575067][T29487] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1729.590914][T29487] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1729.607476][T29487] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1729.632989][T29487] usb 3-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00
[ 1729.642351][T29487] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.651044][T29487] usb 3-1: config 0 descriptor??
[ 1730.035999][T30803] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1730.043700][T30803] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1730.052658][T30803] F2FS-fs (loop1): invalid crc value
[ 1730.059354][T30803] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1730.082926][T30803] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1730.089891][T30803] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1730.155833][T29487] ntrig 0003:1B96:0010.00B6: item fetching failed at offset 5/7
[ 1730.163450][T29487] ntrig 0003:1B96:0010.00B6: parse failed
[ 1730.169076][T29487] ntrig: probe of 0003:1B96:0010.00B6 failed with error -22
[ 1730.359307][   T20] usb 3-1: USB disconnect, device number 92
[ 1730.433433][T30830] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[ 1730.433433][T30830] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1730.433433][T30830] 
[ 1730.450993][T30830] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1730.462062][T30830] EXT4-fs (loop3): 1 truncate cleaned up
[ 1730.467709][T30830] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1730.575074][T29488] usb 5-1: Cannot set autoneg
[ 1730.579681][T29488] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -61
[ 1730.800890][T29488] usb 5-1: USB disconnect, device number 117
[ 1730.811765][  T762] usb 1-1: USB disconnect, device number 106
[ 1730.836120][T30836] FAULT_INJECTION: forcing a failure.
[ 1730.836120][T30836] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1730.849236][T30836] CPU: 1 PID: 30836 Comm: syz.0.5843 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1730.858915][T30836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1730.868808][T30836] Call Trace:
[ 1730.871942][T30836]  dump_stack_lvl+0x1e2/0x24b
[ 1730.876448][T30836]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1730.881742][T30836]  ? kmem_cache_free+0xa9/0x1e0
[ 1730.886428][T30836]  ? kasan_set_track+0x5d/0x70
[ 1730.891028][T30836]  ? kasan_set_free_info+0x23/0x40
[ 1730.895983][T30836]  dump_stack+0x15/0x17
[ 1730.899972][T30836]  should_fail+0x3c6/0x510
[ 1730.904222][T30836]  should_fail_alloc_page+0x52/0x60
[ 1730.909256][T30836]  __alloc_pages_nodemask+0x1b3/0xaf0
[ 1730.914465][T30836]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1730.919845][T30836]  ? memset+0x35/0x40
[ 1730.923667][T30836]  ? selinux_file_permission+0x2bb/0x560
[ 1730.929132][T30836]  ? fsnotify_perm+0x67/0x4e0
[ 1730.933642][T30836]  get_zeroed_page+0x19/0x40
[ 1730.938069][T30836]  simple_transaction_get+0x4d/0x150
[ 1730.943201][T30836]  selinux_transaction_write+0xb4/0x140
[ 1730.948573][T30836]  ? sel_write_enforce+0x790/0x790
[ 1730.953520][T30836]  vfs_write+0x36a/0xe70
[ 1730.957605][T30836]  ? kmem_cache_free+0xa9/0x1e0
[ 1730.962374][T30836]  ? kernel_write+0x3d0/0x3d0
[ 1730.966885][T30836]  ? __kasan_check_write+0x14/0x20
[ 1730.971832][T30836]  ? mutex_lock+0xa5/0x110
[ 1730.976084][T30836]  ? mutex_trylock+0xa0/0xa0
[ 1730.980513][T30836]  ? __fdget_pos+0x2e7/0x3a0
[ 1730.984945][T30836]  ? ksys_write+0x77/0x2c0
[ 1730.989190][T30836]  ksys_write+0x199/0x2c0
[ 1730.993360][T30836]  ? __ia32_sys_read+0x90/0x90
[ 1730.997957][T30836]  ? debug_smp_processor_id+0x17/0x20
[ 1731.003161][T30836]  __x64_sys_write+0x7b/0x90
[ 1731.007594][T30836]  do_syscall_64+0x34/0x70
[ 1731.011847][T30836]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1731.017570][T30836] RIP: 0033:0x7f32359e3ff9
[ 1731.021823][T30836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1731.041705][T30836] RSP: 002b:00007f323465d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1731.050384][T30836] RAX: ffffffffffffffda RBX: 00007f3235b9bf80 RCX: 00007f32359e3ff9
[ 1731.058197][T30836] RDX: 000000000000005c RSI: 0000000020000280 RDI: 0000000000000006
[ 1731.066002][T30836] RBP: 00007f323465d090 R08: 0000000000000000 R09: 0000000000000000
[ 1731.073811][T30836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1731.081640][T30836] R13: 0000000000000000 R14: 00007f3235b9bf80 R15: 00007ffeb9d50fe8
[ 1731.247816][T30839] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1731.255462][T30839] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1731.275893][T30839] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1731.328182][T30839] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1731.335103][T30839] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1731.409695][T30849] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1731.418766][T30849] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038 (0x7fffffff)
[ 1731.443925][T17740] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1731.453387][T17740] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1731.555039][  T348] usb 2-1: 0:2 : does not exist
[ 1731.561210][  T348] usb 2-1: USB disconnect, device number 102
[ 1731.818934][T30854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1731.826035][T30854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1731.839152][T30854] device bridge_slave_0 entered promiscuous mode
[ 1731.846133][T30854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1731.852301][T30860] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1731.853096][T30854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1731.866548][T30860] EXT4-fs error (device loop1): __ext4_iget:4986: inode #11: block 1: comm syz.1.5848: invalid block
[ 1731.866642][T30860] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5848: couldn't read orphan inode 11 (err -117)
[ 1731.878382][T30854] device bridge_slave_1 entered promiscuous mode
[ 1731.889542][T30860] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1731.932837][T30854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1731.939699][T30854] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1731.946783][T30854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1731.953561][T30854] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1731.974092][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1731.981667][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1731.988970][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1731.999212][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1732.007400][T17740] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1732.014253][T17740] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1732.056646][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1732.069873][T30772] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1732.076734][T30772] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1732.084166][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1732.097055][T30866] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[ 1732.115032][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1732.132594][T30854] device veth0_vlan entered promiscuous mode
[ 1732.139496][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1732.148538][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1732.156671][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1732.163923][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1732.190523][T30854] device veth1_macvtap entered promiscuous mode
[ 1732.196675][  T762] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 1732.211321][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1732.223972][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1732.247649][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1732.289610][    T9] device bridge_slave_1 left promiscuous mode
[ 1732.297882][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.306767][    T9] device bridge_slave_0 left promiscuous mode
[ 1732.310706][   T24] audit: type=1400 audit(1729592689.789:639): avc:  denied  { map } for  pid=30873 comm="syz.3.5850" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1732.312722][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.344429][   T24] audit: type=1400 audit(1729592689.819:640): avc:  denied  { create } for  pid=30865 comm="syz.1.5852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1732.367147][T30864] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1732.384600][    T9] device veth1_macvtap left promiscuous mode
[ 1732.396703][T30864] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1732.397411][    T9] device veth0_vlan left promiscuous mode
[ 1732.411086][T30864] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1732.451625][T30864] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1732.458695][T30864] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1732.467190][  T762] usb 1-1: Using ep0 maxpacket: 16
[ 1732.615208][   T20] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1732.645913][  T762] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1732.830735][  T762] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1732.841779][  T762] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1732.851435][  T762] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1733.025299][  T762] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1733.034218][  T762] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.042004][  T762] usb 1-1: Product: syz
[ 1733.045997][  T762] usb 1-1: Manufacturer: syz
[ 1733.050386][  T762] usb 1-1: SerialNumber: syz
[ 1733.145120][   T20] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f
[ 1733.154030][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1733.162662][   T20] usb 5-1: config 0 descriptor??
[ 1733.185026][T29490] usb 2-1: new full-speed USB device number 103 using dummy_hcd
[ 1733.415094][  T762] usb 1-1: found format II with max.bitrate = 0, frame size=0
[ 1733.423053][T30890] syz.3.5855[30890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1733.423130][T30890] syz.3.5855[30890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1733.435610][  T762] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1733.470230][  T762] usb 1-1: USB disconnect, device number 107
[ 1733.575058][T29490] usb 2-1: config index 0 descriptor too short (expected 65233, got 154)
[ 1733.583417][T29490] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1733.592236][T29490] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1733.602865][T29490] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1733.709653][T30872] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12397 sclass=netlink_route_socket pid=30872 comm=syz.4.5853
[ 1733.722696][T29488] usb 5-1: USB disconnect, device number 118
[ 1733.765077][T29490] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1733.773999][T29490] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.782099][T29490] usb 2-1: Product: syz
[ 1733.786171][T29490] usb 2-1: Manufacturer: syz
[ 1733.790510][T29490] usb 2-1: SerialNumber: syz
[ 1733.946577][T30892] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue
[ 1733.957611][T30892] ext4 filesystem being mounted at /30/bus supports timestamps until 2038 (0x7fffffff)
[ 1733.968827][T30892] FAULT_INJECTION: forcing a failure.
[ 1733.968827][T30892] name failslab, interval 1, probability 0, space 0, times 0
[ 1733.981303][T30892] CPU: 1 PID: 30892 Comm: syz.0.5856 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1733.991101][T30892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1734.000994][T30892] Call Trace:
[ 1734.004129][T30892]  dump_stack_lvl+0x1e2/0x24b
[ 1734.008636][T30892]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1734.013930][T30892]  dump_stack+0x15/0x17
[ 1734.017920][T30892]  should_fail+0x3c6/0x510
[ 1734.022174][T30892]  ? ext4_find_extent+0x370/0xdb0
[ 1734.027035][T30892]  __should_failslab+0xa4/0xe0
[ 1734.031638][T30892]  should_failslab+0x9/0x20
[ 1734.035979][T30892]  __kmalloc+0x60/0x330
[ 1734.039969][T30892]  ext4_find_extent+0x370/0xdb0
[ 1734.044652][T30892]  ? ext4_ext_map_blocks+0x278d/0x6ee0
[ 1734.049948][T30892]  ext4_ext_map_blocks+0x26a/0x6ee0
[ 1734.054992][T30892]  ? bpf_user_rnd_u32+0x92/0xc0
[ 1734.059670][T30892]  ? bpf_trace_run2+0xf4/0x280
[ 1734.064273][T30892]  ? kmem_cache_free+0xa9/0x1e0
[ 1734.068957][T30892]  ? mb_cache_entry_create+0x488/0x750
[ 1734.074263][T30892]  ? ____kasan_slab_free+0x12c/0x160
[ 1734.079374][T30892]  ? mb_cache_entry_create+0x488/0x750
[ 1734.084666][T30892]  ? ext4_ext_release+0x10/0x10
[ 1734.089355][T30892]  ? kmem_cache_free+0x1c0/0x1e0
[ 1734.094124][T30892]  ? mb_cache_entry_create+0x488/0x750
[ 1734.099423][T30892]  ? mb_cache_entry_create+0x488/0x750
[ 1734.104717][T30892]  ? _raw_read_unlock+0x25/0x40
[ 1734.109403][T30892]  ? ext4_es_lookup_extent+0x33b/0x940
[ 1734.114711][T30892]  ext4_map_blocks+0xa65/0x1d10
[ 1734.119401][T30892]  ? ext4_issue_zeroout+0x1b0/0x1b0
[ 1734.124419][T30892]  ? __kasan_check_read+0x11/0x20
[ 1734.129283][T30892]  ext4_alloc_file_blocks+0x3f4/0xcd0
[ 1734.134493][T30892]  ? trace_ext4_fallocate_enter+0x160/0x160
[ 1734.140220][T30892]  ? down_read_killable+0x220/0x220
[ 1734.145250][T30892]  ext4_fallocate+0x81b/0x1ca0
[ 1734.149849][T30892]  ? ext4_ext_truncate+0x200/0x200
[ 1734.154795][T30892]  ? fsnotify_perm+0x67/0x4e0
[ 1734.159316][T30892]  ? security_file_permission+0x7b/0xb0
[ 1734.164691][T30892]  ? preempt_count_add+0x92/0x1a0
[ 1734.169549][T30892]  vfs_fallocate+0x492/0x570
[ 1734.173976][T30892]  __x64_sys_fallocate+0xc0/0x110
[ 1734.178836][T30892]  do_syscall_64+0x34/0x70
[ 1734.183089][T30892]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1734.188817][T30892] RIP: 0033:0x7f32359e3ff9
[ 1734.193071][T30892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1734.212943][T30892] RSP: 002b:00007f323465d038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1734.221189][T30892] RAX: ffffffffffffffda RBX: 00007f3235b9bf80 RCX: 00007f32359e3ff9
[ 1734.229174][T30892] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1734.236982][T30892] RBP: 00007f323465d090 R08: 0000000000000000 R09: 0000000000000000
[ 1734.244793][T30892] R10: 00000000001000f4 R11: 0000000000000246 R12: 0000000000000001
[ 1734.252605][T30892] R13: 0000000000000000 R14: 00007f3235b9bf80 R15: 00007ffeb9d50fe8
[ 1734.385172][T29490] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1734.393403][T29490] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1734.415374][T29490] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1734.423603][T29490] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1734.475023][T29490] usb 2-1: 2:130: cannot set enable PITCH
[ 1734.504523][T29490] usb 2-1: USB disconnect, device number 103
[ 1734.540208][T30900] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1734.553686][T30900] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1734.572225][T30900] F2FS-fs (loop0): invalid crc value
[ 1734.584198][T30900] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1734.652967][T30900] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1734.675073][T30900] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1734.739073][T30904] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1734.769338][T30904] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1734.808226][T30904] F2FS-fs (loop3): invalid crc value
[ 1734.826336][T30918] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1734.839912][T30904] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1734.845045][T30918] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038 (0x7fffffff)
[ 1734.975374][T30904] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1734.994996][T30904] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1735.283779][   T24] audit: type=1400 audit(1729592692.759:641): avc:  denied  { map } for  pid=30903 comm="syz.3.5860" path="/dev/ashmem" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1735.376498][T30915] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1735.385151][T30915] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1735.408385][T30915] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1735.452291][T30915] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1735.459796][T30915] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1736.177122][T30944] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1736.185090][T30944] EXT4-fs error (device loop3): __ext4_iget:4986: inode #11: block 1: comm syz.3.5865: invalid block
[ 1736.195973][T30944] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5865: couldn't read orphan inode 11 (err -117)
[ 1736.207764][T30944] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1736.405025][ T7247] usb 2-1: new full-speed USB device number 104 using dummy_hcd
[ 1736.785220][ T7247] usb 2-1: config index 0 descriptor too short (expected 65233, got 154)
[ 1736.799481][ T7247] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1736.830810][ T7247] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1736.861734][ T7247] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1736.975519][T30955] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1736.983137][T30955] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1736.993537][T30955] F2FS-fs (loop0): invalid crc value
[ 1737.000338][T30955] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1737.035046][ T7247] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1737.043954][ T7247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1737.052538][ T7247] usb 2-1: Product: syz
[ 1737.052586][T30955] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1737.056843][ T7247] usb 2-1: Manufacturer: syz
[ 1737.067995][T30955] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1737.076013][ T7247] usb 2-1: SerialNumber: syz
[ 1737.126544][T30962] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1737.136192][T30962] EXT4-fs error (device loop3): __ext4_iget:4986: inode #11: block 1: comm syz.3.5869: invalid block
[ 1737.147330][T30962] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5869: couldn't read orphan inode 11 (err -117)
[ 1737.159369][T30962] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1737.525381][ T7247] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1737.534023][ T7247] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1737.560460][ T7247] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1737.569970][ T7247] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1737.615135][ T7247] usb 2-1: 2:130: cannot set enable PITCH
[ 1737.662344][T17740] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1737.671092][T17740] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1737.703535][ T7247] usb 2-1: USB disconnect, device number 104
[ 1737.725026][  T348] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1737.966717][T30975] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1737.974829][T30975] EXT4-fs error (device loop4): __ext4_iget:4986: inode #11: block 1: comm syz.4.5872: invalid block
[ 1737.976613][  T348] usb 3-1: Using ep0 maxpacket: 16
[ 1737.985746][T30975] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5872: couldn't read orphan inode 11 (err -117)
[ 1738.002293][T30975] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1738.088284][T30978] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1738.096094][T30978] EXT4-fs error (device loop1): __ext4_iget:4986: inode #11: block 1: comm syz.1.5873: invalid block
[ 1738.106938][T30978] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5873: couldn't read orphan inode 11 (err -117)
[ 1738.115315][  T348] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1738.118840][T30978] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1738.152769][  T685] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 1738.153515][  T348] usb 3-1: config 0 has no interface number 0
[ 1738.187614][  T348] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1738.198507][  T348] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1738.208321][  T348] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1738.219307][  T348] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1738.231911][  T348] usb 3-1: config 0 descriptor??
[ 1738.324996][T18822] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1738.385046][  T685] usb 1-1: Using ep0 maxpacket: 16
[ 1738.505613][  T685] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1738.513504][  T685] usb 1-1: config 0 has no interface number 0
[ 1738.519429][  T685] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1738.530103][  T685] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1738.539653][  T685] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1738.539667][  T685] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1738.554607][  T685] usb 1-1: config 0 descriptor??
[ 1738.574988][T18822] usb 4-1: Using ep0 maxpacket: 16
[ 1738.695024][T18822] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1738.855220][T18822] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1738.874974][T18822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1738.882887][T18822] usb 4-1: Product: syz
[ 1738.887070][T18822] usb 4-1: Manufacturer: syz
[ 1738.891563][T18822] usb 4-1: SerialNumber: syz
[ 1738.900440][T18822] usb 4-1: config 0 descriptor??
[ 1738.935092][  T348] uclogic 0003:28BD:0071.00B7: pen parameters not found
[ 1738.943158][  T348] uclogic 0003:28BD:0071.00B7: interface is invalid, ignoring
[ 1738.955738][T18822] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1738.985119][T18822] usb 4-1: Detected FT232RL
[ 1739.185154][T18822] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1739.268129][  T762] usb 3-1: USB disconnect, device number 93
[ 1739.295319][  T685] uclogic 0003:28BD:0071.00B8: pen parameters not found
[ 1739.302157][  T685] uclogic 0003:28BD:0071.00B8: interface is invalid, ignoring
[ 1739.548955][T29488] usb 1-1: USB disconnect, device number 108
[ 1739.666568][T18822] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[ 1739.674651][T18822] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1739.683876][T18822] usb 4-1: USB disconnect, device number 96
[ 1739.690340][T18822] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1739.700009][T18822] ftdi_sio 4-1:0.0: device disconnected
[ 1739.826687][T31001] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1739.839912][T31001] EXT4-fs (loop4): 1 truncate cleaned up
[ 1739.845512][T31001] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1739.863489][   T24] audit: type=1326 audit(1729592697.339:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1739.896836][   T24] audit: type=1326 audit(1729592697.339:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1739.927729][   T24] audit: type=1326 audit(1729592697.339:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1739.955456][   T24] audit: type=1326 audit(1729592697.339:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1739.979385][   T24] audit: type=1326 audit(1729592697.339:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.003212][   T24] audit: type=1326 audit(1729592697.339:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.026622][   T24] audit: type=1326 audit(1729592697.339:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.050569][   T24] audit: type=1326 audit(1729592697.339:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.074643][   T24] audit: type=1326 audit(1729592697.339:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.098393][   T24] audit: type=1326 audit(1729592697.339:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31000 comm="syz.4.5877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe454a72ff9 code=0x7ffc0000
[ 1740.159513][T31008] EXT4-fs (loop1): Mount option "noacl" will be removed by 3.5
[ 1740.159513][T31008] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1740.159513][T31008] 
[ 1740.177052][T31008] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1740.188348][T31008] EXT4-fs (loop1): 1 truncate cleaned up
[ 1740.194032][T31008] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1740.340593][T31018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1740.347502][T31018] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1740.354692][T31018] device bridge_slave_0 entered promiscuous mode
[ 1740.363921][T31018] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1740.370946][T31018] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1740.378398][T31018] device bridge_slave_1 entered promiscuous mode
[ 1740.550539][T31017] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1740.685118][T31017] EXT4-fs error (device loop0): __ext4_iget:4986: inode #11: block 1: comm syz.0.5885: invalid block
[ 1740.706716][T31017] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5885: couldn't read orphan inode 11 (err -117)
[ 1740.720089][T31017] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1740.883508][T31018] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1740.890423][T31018] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1740.897705][T31018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1740.904561][T31018] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1740.917269][T31029] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1740.928054][T31029] EXT4-fs (loop2): invalid journal inode
[ 1740.933560][T31029] EXT4-fs (loop2): can't get journal size
[ 1740.944819][T31029] EXT4-fs (loop2): 1 truncate cleaned up
[ 1740.950091][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1740.950328][T31029] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,,errors=continue
[ 1740.984153][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.024901][T31014] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1741.047892][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.055286][T31014] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1741.081848][T31014] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1741.088683][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1741.100075][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1741.107051][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1741.114721][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1741.118403][T31014] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1741.123271][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1741.129793][T31014] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1741.136237][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1741.136540][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1741.165530][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1741.207237][T31018] device veth0_vlan entered promiscuous mode
[ 1741.220694][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1741.230081][T31039] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1741.230378][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1741.243817][T31039] EXT4-fs error (device loop2): ext4_ext_check_inode:500: inode #4: comm syz.2.5888: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[ 1741.244153][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1741.270322][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1741.285764][T31039] EXT4-fs error (device loop2): ext4_quota_enable:6426: comm syz.2.5888: Bad quota inode: 4, type: 1
[ 1741.297087][T31039] EXT4-fs warning (device loop2): ext4_enable_quotas:6467: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1741.311743][T31039] EXT4-fs (loop2): Cannot turn on quotas: error -117
[ 1741.318288][T31039] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1741.503244][T17740] device bridge_slave_1 left promiscuous mode
[ 1741.509241][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.526376][T17740] device bridge_slave_0 left promiscuous mode
[ 1741.555074][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.563014][T17740] device veth1_macvtap left promiscuous mode
[ 1741.568910][T17740] device veth0_vlan left promiscuous mode
[ 1741.766802][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1741.778689][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1741.805550][T31018] device veth1_macvtap entered promiscuous mode
[ 1741.856508][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1741.865778][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1741.874682][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1741.895853][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1741.904744][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1742.111924][T31050] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1742.121800][T31050] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1742.130042][T31050] device bridge_slave_0 entered promiscuous mode
[ 1742.137611][T31050] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1742.144494][T31050] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1742.152093][T31050] device bridge_slave_1 entered promiscuous mode
[ 1742.204247][T31050] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1742.211124][T31050] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1742.218226][T31050] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1742.224987][T31050] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1742.245488][T30772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1742.261920][T30772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1742.293578][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1742.303977][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1742.325222][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1742.339554][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1742.354878][T30772] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1742.361757][T30772] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1742.384535][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1742.396727][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1742.407382][T30772] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1742.414230][T30772] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1742.430716][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1742.438641][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1742.447726][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1742.456104][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1742.467964][T31065] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1742.482570][T31065] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1742.493287][T31065] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1742.511209][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1742.519444][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1742.525271][T31065] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1742.527601][  T685] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1742.534173][T31065] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1742.546258][T31050] device veth0_vlan entered promiscuous mode
[ 1742.560182][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1742.567989][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1742.576055][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1742.583418][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1742.593941][T31050] device veth1_macvtap entered promiscuous mode
[ 1742.600565][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1742.608593][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1742.616810][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1742.630311][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1742.638364][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1742.647678][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1742.655969][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1742.795001][  T685] usb 3-1: Using ep0 maxpacket: 16
[ 1742.815084][  T762] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1742.815637][T31075] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1742.831102][T31075] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1742.840015][T17740] device bridge_slave_1 left promiscuous mode
[ 1742.841521][T31075] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1742.846067][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1742.859840][T17740] device bridge_slave_0 left promiscuous mode
[ 1742.865882][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1742.873801][T17740] device veth1_macvtap left promiscuous mode
[ 1742.879847][T17740] device veth0_vlan left promiscuous mode
[ 1742.883378][T31075] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1742.892483][T31075] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1742.962651][  T685] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1743.135355][  T685] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1743.152334][  T685] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1743.185630][  T685] usb 3-1: Product: syz
[ 1743.206776][  T685] usb 3-1: Manufacturer: syz
[ 1743.260748][  T685] usb 3-1: SerialNumber: syz
[ 1743.275441][  T762] usb 1-1: Using ep0 maxpacket: 16
[ 1743.276450][  T685] usb 3-1: config 0 descriptor??
[ 1743.336186][  T685] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[ 1743.343822][  T685] usb 3-1: Detected FT232RL
[ 1743.435179][  T762] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1743.585040][  T685] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1743.645052][  T762] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1743.660332][  T762] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1743.686044][  T762] usb 1-1: Product: syz
[ 1743.700337][  T762] usb 1-1: Manufacturer: syz
[ 1743.709906][  T762] usb 1-1: SerialNumber: syz
[ 1743.775498][  T762] cdc_ether: probe of 1-1:1.0 failed with error -22
[ 1743.775752][T31095] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1743.794585][T31091] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1743.805458][T31091] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1743.823706][T31091] F2FS-fs (loop3): invalid crc value
[ 1743.840654][T31095] EXT4-fs error (device loop1): __ext4_iget:4986: inode #11: block 1: comm syz.1.5896: invalid block
[ 1743.845045][  T685] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[ 1743.851553][T31095] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5896: couldn't read orphan inode 11 (err -117)
[ 1743.870580][  T685] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1743.871593][T31095] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1743.894378][  T685] usb 3-1: USB disconnect, device number 94
[ 1743.912909][  T685] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1743.922295][  T685] ftdi_sio 3-1:0.0: device disconnected
[ 1743.933193][T31091] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1743.986252][T31091] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1743.993101][T31091] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1744.467107][T31103] futex_wake_op: syz.0.5893 tries to shift op by 36; fix this program
[ 1744.848196][T31114] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[ 1744.858336][T31114] SELinux: failed to load policy
[ 1744.897405][T31114] attempt to access beyond end of device
[ 1744.897405][T31114] loop1: rw=0, want=241, limit=128
[ 1744.914035][T17740] attempt to access beyond end of device
[ 1744.914035][T17740] loop1: rw=1, want=1041, limit=128
[ 1744.930092][T31117] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[ 1744.930092][T31117] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1744.930092][T31117] 
[ 1744.950885][T31117] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1744.962173][T31117] EXT4-fs (loop3): 1 truncate cleaned up
[ 1744.967722][T31117] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1745.055152][T29500] usb 5-1: new full-speed USB device number 119 using dummy_hcd
[ 1745.067096][T31123] EXT4-fs error (device loop1) in ext4_do_update_inode:5303: error 27
[ 1745.075664][T31123] EXT4-fs error (device loop1): ext4_dirty_inode:6107: inode #3: comm syz.1.5903: mark_inode_dirty error
[ 1745.087432][T31123] EXT4-fs error (device loop1) in ext4_do_update_inode:5303: error 27
[ 1745.095942][T31123] EXT4-fs error (device loop1): __ext4_ext_dirty:182: inode #3: comm syz.1.5903: mark_inode_dirty error
[ 1745.107465][T31123] __quota_error: 34 callbacks suppressed
[ 1745.107476][T31123] Quota error (device loop1): write_blk: dquota write failed
[ 1745.121233][T31125] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1745.128033][T31123] Quota error (device loop1): qtree_write_dquot: Error -27 occurred while creating quota
[ 1745.138555][T31123] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.5903: Failed to acquire dquot type 0
[ 1745.147859][T31125] EXT4-fs error (device loop2): ext4_fill_super:4955: inode #2: comm syz.2.5901: casefold flag without casefold feature
[ 1745.150707][T31123] EXT4-fs (loop1): 1 orphan inode deleted
[ 1745.162624][T31125] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[ 1745.167825][T31123] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1745.177541][T31125] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1745.197460][T31123] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038 (0x7fffffff)
[ 1746.045242][   T20] usb 1-1: USB disconnect, device number 109
[ 1746.051706][T30164] attempt to access beyond end of device
[ 1746.051706][T30164] loop0: rw=2049, want=45104, limit=40427
[ 1746.115041][T29500] usb 5-1: config index 0 descriptor too short (expected 65233, got 154)
[ 1746.123378][T29500] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1746.142252][T29500] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1746.194191][T29500] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1746.259304][T31149] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1746.269027][T31149] EXT4-fs error (device loop0): __ext4_iget:4986: inode #11: block 1: comm syz.0.5907: invalid block
[ 1746.280701][T31149] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5907: couldn't read orphan inode 11 (err -117)
[ 1746.296567][T31138] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1746.304728][T31147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1746.308000][T31138] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1746.314221][T31147] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1746.320133][T31149] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1746.327199][T31147] device bridge_slave_0 entered promiscuous mode
[ 1746.355342][T31138] F2FS-fs (loop1): invalid crc value
[ 1746.359972][T31147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1746.371518][T31147] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1746.378798][T31147] device bridge_slave_1 entered promiscuous mode
[ 1746.383732][T31138] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1746.444724][T29500] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1746.454119][T29500] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1746.462123][T29500] usb 5-1: Product: syz
[ 1746.465369][T31147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1746.466259][T29500] usb 5-1: Manufacturer: syz
[ 1746.472977][T31147] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1746.477448][T29500] usb 5-1: SerialNumber: syz
[ 1746.484490][T31147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1746.493257][T31138] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1746.495719][T31147] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1746.509849][T31138] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1746.523775][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1746.532726][ T1533] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1746.542301][ T1533] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1746.559112][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1746.567413][ T1533] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1746.574249][ T1533] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1746.581761][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1746.590131][ T1533] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1746.596989][ T1533] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1746.608648][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1746.619478][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1746.632656][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1746.640682][   T20] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1746.644093][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1746.657519][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1746.666416][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1746.842360][T31147] device veth0_vlan entered promiscuous mode
[ 1746.854548][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1746.863516][T31147] device veth1_macvtap entered promiscuous mode
[ 1746.869701][T29500] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1746.878551][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1746.878955][T29500] usb 5-1: found format II with max.bitrate = 0, frame size=2
[ 1746.887449][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1746.896573][   T20] usb 3-1: Using ep0 maxpacket: 16
[ 1746.924762][T29500] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1746.933491][T29500] usb 5-1: found format II with max.bitrate = 0, frame size=2
[ 1746.959280][T31166] FAULT_INJECTION: forcing a failure.
[ 1746.959280][T31166] name failslab, interval 1, probability 0, space 0, times 0
[ 1746.973109][T31166] CPU: 1 PID: 31166 Comm: syz.3.5909 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1746.982896][T31166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1746.992786][T31166] Call Trace:
[ 1746.995923][T31166]  dump_stack_lvl+0x1e2/0x24b
[ 1747.000424][T31166]  ? panic+0x812/0x812
[ 1747.004330][T31166]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1747.009630][T31166]  ? __alloc_pages_nodemask+0x435/0xaf0
[ 1747.015010][T31166]  dump_stack+0x15/0x17
[ 1747.018999][T31166]  should_fail+0x3c6/0x510
[ 1747.023255][T31166]  ? __build_skb+0x2a/0x300
[ 1747.027595][T31166]  __should_failslab+0xa4/0xe0
[ 1747.032193][T31166]  should_failslab+0x9/0x20
[ 1747.036556][T31166]  kmem_cache_alloc+0x3d/0x2e0
[ 1747.041134][T31166]  __build_skb+0x2a/0x300
[ 1747.045295][T31166]  build_skb+0x25/0x1e0
[ 1747.049291][T31166]  tun_get_user+0x1bd6/0x38f0
[ 1747.053803][T31166]  ? _kstrtoull+0x3a0/0x4a0
[ 1747.058144][T31166]  ? tun_do_read+0x1f60/0x1f60
[ 1747.062740][T31166]  ? kstrtouint_from_user+0x20a/0x2a0
[ 1747.067949][T31166]  ? kstrtol_from_user+0x310/0x310
[ 1747.072904][T31166]  ? avc_policy_seqno+0x1b/0x70
[ 1747.077585][T31166]  ? selinux_file_permission+0x2bb/0x560
[ 1747.083051][T31166]  ? fsnotify_perm+0x67/0x4e0
[ 1747.087569][T31166]  tun_chr_write_iter+0x1a8/0x250
[ 1747.092429][T31166]  vfs_write+0xb4c/0xe70
[ 1747.096506][T31166]  ? kernel_write+0x3d0/0x3d0
[ 1747.101026][T31166]  ? __fdget_pos+0x209/0x3a0
[ 1747.105460][T31166]  ? ksys_write+0x77/0x2c0
[ 1747.109715][T31166]  ksys_write+0x199/0x2c0
[ 1747.113888][T31166]  ? __ia32_sys_read+0x90/0x90
[ 1747.118467][T31166]  ? debug_smp_processor_id+0x17/0x20
[ 1747.123672][T31166]  __x64_sys_write+0x7b/0x90
[ 1747.128098][T31166]  do_syscall_64+0x34/0x70
[ 1747.132349][T31166]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1747.138077][T31166] RIP: 0033:0x7f62de9dbadf
[ 1747.142333][T31166] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1747.161771][T31166] RSP: 002b:00007f62dd656000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1747.170030][T31166] RAX: ffffffffffffffda RBX: 00007f62deb94f80 RCX: 00007f62de9dbadf
[ 1747.177832][T31166] RDX: 0000000000000046 RSI: 0000000020000000 RDI: 00000000000000c8
[ 1747.185644][T31166] RBP: 00007f62dd656090 R08: 0000000000000000 R09: 0000000000000000
[ 1747.193455][T31166] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[ 1747.201266][T31166] R13: 0000000000000001 R14: 00007f62deb94f80 R15: 00007ffd7be70d08
[ 1747.226466][T17740] device bridge_slave_1 left promiscuous mode
[ 1747.235037][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1747.241065][T29500] usb 5-1: 2:130: cannot set enable PITCH
[ 1747.249383][T17740] device bridge_slave_0 left promiscuous mode
[ 1747.257825][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1747.285063][   T20] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1747.299792][T29500] usb 5-1: USB disconnect, device number 119
[ 1747.309869][T17740] device veth1_macvtap left promiscuous mode
[ 1747.316222][T17740] device veth0_vlan left promiscuous mode
[ 1747.338559][T31171] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1747.346876][T31171] EXT4-fs error (device loop0): ext4_dirty_inode:6107: inode #3: comm syz.0.5914: mark_inode_dirty error
[ 1747.365488][T31171] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1747.393035][T31171] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #3: comm syz.0.5914: mark_inode_dirty error
[ 1747.405286][T31171] Quota error (device loop0): write_blk: dquota write failed
[ 1747.412512][T31171] Quota error (device loop0): qtree_write_dquot: Error -27 occurred while creating quota
[ 1747.424223][T31171] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.5914: Failed to acquire dquot type 0
[ 1747.436301][T31171] EXT4-fs (loop0): 1 orphan inode deleted
[ 1747.441885][T31171] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1747.451098][   T20] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1747.451546][T31171] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038 (0x7fffffff)
[ 1747.460073][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1747.483694][T31174] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1747.507151][T31181] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[ 1747.507151][T31181] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1747.507151][T31181] 
[ 1747.529457][T31174] EXT4-fs error (device loop3): ext4_fill_super:4955: inode #2: comm syz.3.5915: casefold flag without casefold feature
[ 1747.542654][T31181] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1747.552950][T31174] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1747.553280][   T20] usb 3-1: Product: syz
[ 1747.565816][T31174] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1747.566469][   T20] usb 3-1: Manufacturer: syz
[ 1747.582354][   T20] usb 3-1: SerialNumber: syz
[ 1747.585684][T31181] EXT4-fs (loop4): 1 truncate cleaned up
[ 1747.592666][T31181] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1747.817239][   T20] usb 3-1: config 0 descriptor??
[ 1747.860062][   T20] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[ 1747.869504][   T20] usb 3-1: Detected FT232RL
[ 1747.965009][T29500] usb 2-1: new full-speed USB device number 105 using dummy_hcd
[ 1748.065006][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1748.227718][T31191] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1748.234775][T31191] EXT4-fs error (device loop0): ext4_fill_super:4955: inode #2: comm syz.0.5917: casefold flag without casefold feature
[ 1748.247355][T31191] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[ 1748.257311][T31191] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1748.324207][T31196] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1748.330728][T31196] EXT4-fs error (device loop3): ext4_ext_check_inode:500: inode #4: comm syz.3.5918: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[ 1748.330973][   T20] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[ 1748.355691][T29500] usb 2-1: config index 0 descriptor too short (expected 65233, got 154)
[ 1748.363917][T29500] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1748.381521][T31196] EXT4-fs error (device loop3): ext4_quota_enable:6426: comm syz.3.5918: Bad quota inode: 4, type: 1
[ 1748.393180][T31196] EXT4-fs warning (device loop3): ext4_enable_quotas:6467: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1748.409807][T31196] EXT4-fs (loop3): Cannot turn on quotas: error -117
[ 1748.409931][   T20] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1748.416833][T31196] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1748.436400][T29500] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1748.550119][T29500] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[ 1748.562763][   T20] usb 3-1: USB disconnect, device number 95
[ 1748.570736][   T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1748.581237][   T20] ftdi_sio 3-1:0.0: device disconnected
[ 1748.735163][T29500] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1748.784532][T29500] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1748.792694][T29500] usb 2-1: Product: syz
[ 1748.797029][T29500] usb 2-1: Manufacturer: syz
[ 1748.801567][T29500] usb 2-1: SerialNumber: syz
[ 1749.109914][T31209] 9pnet: Insufficient options for proto=fd
[ 1749.146730][T31205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1749.153657][T31205] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1749.161054][T31205] device bridge_slave_0 entered promiscuous mode
[ 1749.168050][T31205] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1749.174877][T31205] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1749.182004][T29500] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1749.205237][T31205] device bridge_slave_1 entered promiscuous mode
[ 1749.213006][T29500] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1749.223158][T29500] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[ 1749.232057][T29500] usb 2-1: found format II with max.bitrate = 0, frame size=2
[ 1749.270388][T31205] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1749.275089][T29500] usb 2-1: 2:130: cannot set enable PITCH
[ 1749.277254][T31205] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1749.289890][T31205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1749.296688][T31205] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1749.298830][T29500] usb 2-1: USB disconnect, device number 105
[ 1749.330064][T30772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1749.337322][T30772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1749.353878][T31213] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1749.360628][T31215] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[ 1749.360628][T31215] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1749.360628][T31215] 
[ 1749.393693][T31215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1749.405506][T31213] EXT4-fs error (device loop0): __ext4_iget:4986: inode #11: block 1: comm syz.0.5924: invalid block
[ 1749.407629][T31215] EXT4-fs (loop2): 1 truncate cleaned up
[ 1749.423477][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1749.425464][T31213] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.5924: couldn't read orphan inode 11 (err -117)
[ 1749.440816][T31215] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1749.442531][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1749.461708][T31213] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1749.496017][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1749.504214][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1749.517180][ T1533] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1749.524253][ T1533] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1749.583603][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1749.592006][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1749.818441][ T1533] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1749.825311][ T1533] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1749.866098][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1749.873908][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1749.881760][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1749.889998][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1749.904256][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1749.913138][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1749.915535][T31224] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1749.929880][T17740] device bridge_slave_1 left promiscuous mode
[ 1749.932225][T31227] EXT4-fs error (device loop1) in ext4_do_update_inode:5303: error 27
[ 1749.935939][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1749.951589][T31224] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1749.959864][T17740] device bridge_slave_0 left promiscuous mode
[ 1749.965362][T31227] EXT4-fs error (device loop1): ext4_dirty_inode:6107: inode #3: comm syz.1.5928: mark_inode_dirty error
[ 1749.969658][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1749.977568][T31227] EXT4-fs error (device loop1) in ext4_do_update_inode:5303: error 27
[ 1749.992563][T31227] EXT4-fs error (device loop1): __ext4_ext_dirty:182: inode #3: comm syz.1.5928: mark_inode_dirty error
[ 1750.004226][T31227] Quota error (device loop1): write_blk: dquota write failed
[ 1750.004243][T17740] device veth1_macvtap left promiscuous mode
[ 1750.011636][T31227] Quota error (device loop1): qtree_write_dquot: Error -27 occurred while creating quota
[ 1750.026531][T17740] device veth0_vlan left promiscuous mode
[ 1750.027113][T31227] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.5928: Failed to acquire dquot type 0
[ 1750.044563][T31227] EXT4-fs (loop1): 1 orphan inode deleted
[ 1750.050245][T31227] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1750.059329][T31227] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038 (0x7fffffff)
[ 1750.107131][T31224] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1750.193094][T31224] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1750.200032][T31224] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1750.422598][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1750.515346][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1750.566450][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1750.602643][ T1533] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1750.654198][T31205] device veth0_vlan entered promiscuous mode
[ 1750.692004][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1750.700175][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1750.714421][T31205] device veth1_macvtap entered promiscuous mode
[ 1750.721921][T31245] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c01c, mo2=0002]
[ 1750.730291][T31245] System zones: 0-1, 3-36
[ 1750.736007][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1750.736255][T31245] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue
[ 1750.743580][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1750.760760][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1750.769185][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1750.777727][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1750.908703][T31255] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1751.016324][T31255] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #16: comm syz.0.5932: invalid indirect mapped block 4294967295 (level 0)
[ 1751.048621][T31255] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #16: comm syz.0.5932: invalid indirect mapped block 4294967295 (level 1)
[ 1751.074081][T31255] EXT4-fs (loop0): 1 orphan inode deleted
[ 1751.082415][T31255] EXT4-fs (loop0): 1 truncate cleaned up
[ 1751.082451][T31260] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1751.088308][T31255] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=ignore,max_batch_time=0x0000000000000001,debug_want_extra_isize=0x000000000000006e,block_validity,block_validity,init_itable=0x0000000000010000,nolazytime,,errors=continue
[ 1751.095137][T31260] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1751.124847][T31260] device bridge_slave_0 entered promiscuous mode
[ 1751.136305][T31254] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1751.143950][T31254] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1751.152129][T31260] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1751.152846][T31254] F2FS-fs (loop4): invalid crc value
[ 1751.159657][T31260] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1751.168463][T31254] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1751.171730][T31260] device bridge_slave_1 entered promiscuous mode
[ 1751.206698][T31254] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1751.213586][T31254] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1751.234229][T31260] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1751.241143][T31260] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1751.248217][T31260] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1751.254985][T31260] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1751.283270][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1751.291052][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1751.299345][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1751.314069][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1751.323413][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1751.485309][T29946] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 1751.558977][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1751.567264][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1751.579232][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1751.587137][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1751.595321][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1751.603555][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1751.612039][T31260] device veth0_vlan entered promiscuous mode
[ 1751.624117][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1751.632428][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1751.644441][T31260] device veth1_macvtap entered promiscuous mode
[ 1751.655835][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1751.663612][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1751.672015][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1751.691403][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1751.716381][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1751.728649][T31280] 9pnet: Insufficient options for proto=fd
[ 1751.885629][T29946] usb 1-1: config index 0 descriptor too short (expected 65, got 45)
[ 1751.943470][T29946] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1751.992469][T29946] usb 1-1: config 0 has no interfaces?
[ 1752.019657][T29946] usb 1-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00
[ 1752.058627][T29490] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[ 1752.063079][T29946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1752.086567][T29946] usb 1-1: config 0 descriptor??
[ 1752.154604][T31289] FAULT_INJECTION: forcing a failure.
[ 1752.154604][T31289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1752.167690][T31289] CPU: 0 PID: 31289 Comm: syz.4.5938 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1752.177467][T31289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1752.187362][T31289] Call Trace:
[ 1752.190495][T31289]  dump_stack_lvl+0x1e2/0x24b
[ 1752.195011][T31289]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1752.200294][T31289]  dump_stack+0x15/0x17
[ 1752.204289][T31289]  should_fail+0x3c6/0x510
[ 1752.208544][T31289]  should_fail_usercopy+0x1a/0x20
[ 1752.213396][T31289]  _copy_to_user+0x20/0x90
[ 1752.217677][T31289]  simple_read_from_buffer+0xc7/0x150
[ 1752.222858][T31289]  proc_fail_nth_read+0x1a3/0x210
[ 1752.227723][T31289]  ? proc_fault_inject_write+0x390/0x390
[ 1752.233185][T31289]  ? security_file_permission+0x86/0xb0
[ 1752.238570][T31289]  ? rw_verify_area+0x1c3/0x360
[ 1752.243254][T31289]  ? proc_fault_inject_write+0x390/0x390
[ 1752.248724][T31289]  vfs_read+0x200/0xba0
[ 1752.252726][T31289]  ? fsnotify_change+0x1a7/0x220
[ 1752.257490][T31289]  ? shmem_xattr_handler_set+0x60/0x60
[ 1752.262785][T31289]  ? kernel_read+0x70/0x70
[ 1752.267044][T31289]  ? __kasan_check_write+0x14/0x20
[ 1752.271983][T31289]  ? mutex_lock+0xa5/0x110
[ 1752.276236][T31289]  ? mutex_trylock+0xa0/0xa0
[ 1752.280664][T31289]  ? __fdget_pos+0x2e7/0x3a0
[ 1752.285091][T31289]  ? ksys_read+0x77/0x2c0
[ 1752.289254][T31289]  ksys_read+0x199/0x2c0
[ 1752.293332][T31289]  ? vfs_write+0xe70/0xe70
[ 1752.297585][T31289]  ? fput+0x1a/0x20
[ 1752.301232][T31289]  ? debug_smp_processor_id+0x17/0x20
[ 1752.306617][T31289]  __x64_sys_read+0x7b/0x90
[ 1752.310958][T31289]  do_syscall_64+0x34/0x70
[ 1752.315209][T31289]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1752.320936][T31289] RIP: 0033:0x7f37205f7a3c
[ 1752.325189][T31289] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1752.344642][T31289] RSP: 002b:00007f371f251030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1752.352977][T31289] RAX: ffffffffffffffda RBX: 00007f37207b1058 RCX: 00007f37205f7a3c
[ 1752.360778][T31289] RDX: 000000000000000f RSI: 00007f371f2510a0 RDI: 000000000000000a
[ 1752.368586][T31289] RBP: 00007f371f251090 R08: 0000000000000000 R09: 0000000000000000
[ 1752.376392][T31289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1752.384203][T31289] R13: 0000000000000000 R14: 00007f37207b1058 R15: 00007fff7c1df9a8
[ 1752.393513][T31255] EXT4-fs error (device loop0): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1752.455070][T29946] usb 1-1: string descriptor 0 read error: -71
[ 1752.466301][T29946] usb 1-1: USB disconnect, device number 110
[ 1752.493492][T31291] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1752.501118][T31291] EXT4-fs error (device loop4): ext4_fill_super:4955: inode #2: comm syz.4.5940: casefold flag without casefold feature
[ 1752.514167][T31291] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1752.523569][T29490] usb 2-1: Using ep0 maxpacket: 32
[ 1752.531801][T31291] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1752.720898][T31297] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1752.734289][T31297] EXT4-fs (loop3): invalid journal inode
[ 1752.740024][T31297] EXT4-fs (loop3): can't get journal size
[ 1752.745660][T29490] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1752.745682][T29490] usb 2-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1752.745704][T29490] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1752.745715][T29490] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1752.796403][T29490] hub 2-1:4.0: bad descriptor, ignoring hub
[ 1752.808612][T29490] hub: probe of 2-1:4.0 failed with error -5
[ 1752.815101][T31297] EXT4-fs (loop3): 1 truncate cleaned up
[ 1752.820571][T31297] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue
[ 1752.820619][T29490] usbhid 2-1:4.0: couldn't find an input interrupt endpoint
[ 1752.849741][T31306] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[ 1752.859940][T31306] SELinux: failed to load policy
[ 1752.965989][T31309] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1752.973324][T31309] EXT4-fs error (device loop3): ext4_fill_super:4955: inode #2: comm syz.3.5943: casefold flag without casefold feature
[ 1752.986134][T31309] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1752.996023][T31309] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue
[ 1753.095518][T31321] 9pnet: Insufficient options for proto=fd
[ 1753.136081][T31327] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1753.155086][T29490] usb 2-1: USB disconnect, device number 106
[ 1753.163319][T31327] EXT4-fs error (device loop2): __ext4_iget:4986: inode #11: block 1: comm syz.2.5948: invalid block
[ 1753.167181][T31329] kvm: pic: non byte write
[ 1753.186624][T31327] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5948: couldn't read orphan inode 11 (err -117)
[ 1753.202663][T31327] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[ 1753.747937][T31336] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1753.802437][T31336] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1753.814830][T31336] F2FS-fs (loop0): invalid crc value
[ 1753.845046][T31336] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1753.925487][T31336] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1753.934438][T31336] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1754.430609][T31351] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1754.439296][T30772] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1754.443615][T31351] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1754.462231][T30772] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1754.473836][T31356] EXT4-fs error (device loop3) in ext4_do_update_inode:5303: error 27
[ 1754.482584][T31356] EXT4-fs error (device loop3): ext4_dirty_inode:6107: inode #3: comm syz.3.5954: mark_inode_dirty error
[ 1754.494532][T31351] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1754.501317][T31356] EXT4-fs error (device loop3) in ext4_do_update_inode:5303: error 27
[ 1754.509729][T31356] EXT4-fs error (device loop3): __ext4_ext_dirty:182: inode #3: comm syz.3.5954: mark_inode_dirty error
[ 1754.521105][T31356] Quota error (device loop3): write_blk: dquota write failed
[ 1754.528362][T31356] Quota error (device loop3): qtree_write_dquot: Error -27 occurred while creating quota
[ 1754.538064][T31356] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.5954: Failed to acquire dquot type 0
[ 1754.550189][T31356] EXT4-fs (loop3): 1 orphan inode deleted
[ 1754.555800][T31356] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1754.564577][T31356] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038 (0x7fffffff)
[ 1754.662281][T31351] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1754.669292][T31351] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1754.725049][  T348] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[ 1754.974989][   T24] audit: type=1326 audit(1729592712.449:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.1.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e2292ff9 code=0x7ffc0000
[ 1754.999369][   T24] audit: type=1326 audit(1729592712.449:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.1.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e2292ff9 code=0x7ffc0000
[ 1755.023246][   T24] audit: type=1326 audit(1729592712.449:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.1.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f51e2292ff9 code=0x7ffc0000
[ 1755.047086][   T24] audit: type=1326 audit(1729592712.449:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.1.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e2292ff9 code=0x7ffc0000
[ 1755.071406][   T24] audit: type=1326 audit(1729592712.449:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.1.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51e2292ff9 code=0x7ffc0000
[ 1755.106862][T31377] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1755.115082][T31377] EXT4-fs error (device loop0): ext4_dirty_inode:6107: inode #3: comm syz.0.5956: mark_inode_dirty error
[ 1755.124998][  T348] usb 5-1: Using ep0 maxpacket: 16
[ 1755.131541][T31377] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1755.140187][T31377] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #3: comm syz.0.5956: mark_inode_dirty error
[ 1755.152081][T31377] Quota error (device loop0): write_blk: dquota write failed
[ 1755.159700][T31377] Quota error (device loop0): qtree_write_dquot: Error -27 occurred while creating quota
[ 1755.169858][T31377] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.5956: Failed to acquire dquot type 0
[ 1755.182060][T31377] EXT4-fs (loop0): 1 orphan inode deleted
[ 1755.200598][T31377] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1755.235155][T31377] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038 (0x7fffffff)
[ 1755.245193][  T348] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 1755.297378][T31388] SELinux:  policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[ 1755.345042][T31388] SELinux: failed to load policy
[ 1755.445215][  T348] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 1755.466068][T31384] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1755.472241][T31384] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1755.564680][  T348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.572631][  T348] usb 5-1: Product: syz
[ 1755.576677][  T348] usb 5-1: Manufacturer: syz
[ 1755.581090][  T348] usb 5-1: SerialNumber: syz
[ 1755.649257][  T348] usb 5-1: config 0 descriptor??
[ 1755.663800][T31384] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1755.683193][T31388] attempt to access beyond end of device
[ 1755.683193][T31388] loop1: rw=0, want=241, limit=128
[ 1755.695678][  T348] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[ 1755.707852][  T348] usb 5-1: Detected FT232RL
[ 1755.742848][T30772] attempt to access beyond end of device
[ 1755.742848][T30772] loop1: rw=1, want=1041, limit=128
[ 1755.752552][T31384] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1755.760291][T31384] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1756.002104][  T348] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1756.285198][  T348] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[ 1756.294418][  T348] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1756.320151][  T348] usb 5-1: USB disconnect, device number 120
[ 1756.330259][  T348] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1756.351959][   T24] audit: type=1400 audit(1729592713.829:691): avc:  denied  { audit_write } for  pid=31406 comm="syz.0.5965" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1756.434389][  T348] ftdi_sio 5-1:0.0: device disconnected
[ 1756.452666][T29490] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1756.615014][ T1910] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1756.705004][T29490] usb 4-1: Using ep0 maxpacket: 16
[ 1756.825166][T29490] usb 4-1: config 1 has an invalid descriptor of length 135, skipping remainder of the config
[ 1756.835852][T29490] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1756.847098][T31413] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1756.856179][ T1910] usb 3-1: Using ep0 maxpacket: 16
[ 1756.856203][T31413] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1756.871097][T31413] F2FS-fs (loop1): invalid crc value
[ 1756.881258][T31413] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1756.919115][T31413] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1756.926197][T31413] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1756.975025][ T1910] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1756.983017][ T1910] usb 3-1: config 0 has no interface number 0
[ 1756.989580][ T1910] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1757.000364][ T1910] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1757.009894][ T1910] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1757.018932][ T1910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1757.027332][T29490] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1757.036266][T29490] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1757.205395][ T1910] usb 3-1: config 0 descriptor??
[ 1757.243504][T29490] usb 4-1: Product: syz
[ 1757.247557][T29490] usb 4-1: Manufacturer: syz
[ 1757.251941][T29490] usb 4-1: SerialNumber: syz
[ 1757.294310][T17740] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1757.303522][T17740] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1757.304428][T31429] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5968'.
[ 1757.325513][T29490] cdc_ether: probe of 4-1:1.0 failed with error -22
[ 1757.356017][T31429] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5968'.
[ 1757.581377][T31384] overlayfs: failed to resolve './file0': -2
[ 1757.588751][T31384] futex_wake_op: syz.3.5959 tries to shift op by 36; fix this program
[ 1757.598779][T29486] usb 4-1: USB disconnect, device number 97
[ 1757.756836][T31434] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1757.765012][T31434] EXT4-fs error (device loop0): ext4_dirty_inode:6107: inode #3: comm syz.0.5970: mark_inode_dirty error
[ 1757.776738][T31434] EXT4-fs error (device loop0) in ext4_do_update_inode:5303: error 27
[ 1757.784841][T31434] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #3: comm syz.0.5970: mark_inode_dirty error
[ 1757.796446][T31434] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.5970: Failed to acquire dquot type 0
[ 1757.808493][T31434] EXT4-fs (loop0): 1 orphan inode deleted
[ 1757.814010][T31434] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1757.822866][T31434] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038 (0x7fffffff)
[ 1757.868839][ T7247] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[ 1757.895098][ T1910] uclogic 0003:28BD:0071.00B9: pen parameters not found
[ 1757.901883][ T1910] uclogic 0003:28BD:0071.00B9: interface is invalid, ignoring
[ 1758.026280][  T685] usb 5-1: new full-speed USB device number 121 using dummy_hcd
[ 1758.330186][T29946] usb 3-1: USB disconnect, device number 96
[ 1758.345368][ T7247] usb 2-1: Using ep0 maxpacket: 16
[ 1758.391921][T31147] attempt to access beyond end of device
[ 1758.391921][T31147] loop3: rw=2049, want=45120, limit=40427
[ 1758.475100][ T7247] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1758.482984][ T7247] usb 2-1: config 0 has no interface number 0
[ 1758.489236][ T7247] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1758.500346][ T7247] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1758.510096][ T7247] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1758.544685][  T685] usb 5-1: not running at top speed; connect to a high speed hub
[ 1758.553404][ T7247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1758.561786][ T7247] usb 2-1: config 0 descriptor??
[ 1758.635072][  T685] usb 5-1: config 1 has an invalid descriptor of length 126, skipping remainder of the config
[ 1758.645238][  T685] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1758.804972][  T312] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1758.805100][  T685] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1758.822508][  T685] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1758.830875][  T685] usb 5-1: Product: ᬿನᰚ֕⢎밄⑑塂蠳䟻ᆷ遘谜얫ᶗ⬹䪂眾ﱻ젻䩆ꁲ䮆且趼掰꿘Ⴏ㋨ጱ玿ꍣ滸墸຿⨐᥉脨鞥鉈㗗葦すഞⱎ
[ 1758.860435][  T685] usb 5-1: Manufacturer: ю
[ 1758.867854][  T685] usb 5-1: SerialNumber: ࠐ
[ 1758.910361][T31450] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[ 1758.910361][T31450] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1758.910361][T31450] 
[ 1758.932413][T31450] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1758.943649][T31450] EXT4-fs (loop2): 1 truncate cleaned up
[ 1758.949393][T31450] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable,noacl,stripe=0x0000000000000000,,errors=continue
[ 1759.237372][T31437] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1759.245014][T31437] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1759.253964][T31437] F2FS-fs (loop4): invalid crc value
[ 1759.255068][  T312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1759.260985][T31437] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1759.269087][  T312] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1759.283999][  T312] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1759.285186][ T7247] uclogic 0003:28BD:0071.00BA: pen parameters not found
[ 1759.303691][ T7247] uclogic 0003:28BD:0071.00BA: interface is invalid, ignoring
[ 1759.319101][T31437] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1759.325997][T31437] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1759.580332][ T1910] usb 2-1: USB disconnect, device number 107
[ 1759.772017][  T312] usb 4-1: New USB device found, idVendor=0086, idProduct=0b5b, bcdDevice=e1.c5
[ 1759.780926][  T312] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1759.788779][  T312] usb 4-1: Product: syz
[ 1759.792713][  T312] usb 4-1: Manufacturer: syz
[ 1759.797387][  T312] usb 4-1: SerialNumber: syz
[ 1759.807123][  T312] usb 4-1: config 0 descriptor??
[ 1759.855519][  T312] uvcvideo: Found UVC 0.00 device syz (0086:0b5b)
[ 1759.861801][  T312] uvcvideo: No valid video chain found.
[ 1760.079046][   T24] kauditd_printk_skb: 4 callbacks suppressed
[ 1760.085080][   T24] audit: type=1400 audit(1729592717.559:694): avc:  denied  { mounton } for  pid=31470 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1760.113598][T31471] FAULT_INJECTION: forcing a failure.
[ 1760.113598][T31471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1760.126909][T31471] CPU: 1 PID: 31471 Comm: syz.3.5972 Not tainted 5.10.226-syzkaller-00709-ge5e5644ea27f #0
[ 1760.136687][T31471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1760.143685][T31470] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1760.146575][T31471] Call Trace:
[ 1760.146593][T31471]  dump_stack_lvl+0x1e2/0x24b
[ 1760.146604][T31471]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1760.146625][T31471]  dump_stack+0x15/0x17
[ 1760.153564][T31470] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1760.156573][T31471]  should_fail+0x3c6/0x510
[ 1760.156585][T31471]  should_fail_usercopy+0x1a/0x20
[ 1760.156594][T31471]  _copy_from_user+0x20/0xd0
[ 1760.156603][T31471]  kstrtouint_from_user+0xca/0x2a0
[ 1760.156620][T31471]  ? kstrtol_from_user+0x310/0x310
[ 1760.161867][T31470] device bridge_slave_0 entered promiscuous mode
[ 1760.166373][T31471]  ? snprintf+0xd6/0x120
[ 1760.166386][T31471]  ? preempt_schedule+0xd9/0xe0
[ 1760.166396][T31471]  ? __kasan_check_read+0x11/0x20
[ 1760.166404][T31471]  ? preempt_schedule_common+0xbe/0xf0
[ 1760.166412][T31471]  ? preempt_schedule+0xd9/0xe0
[ 1760.166423][T31471]  proc_fail_nth_write+0xa6/0x290
[ 1760.166439][T31471]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[ 1760.171570][T31470] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1760.177225][T31471]  ? proc_fail_nth_read+0x210/0x210
[ 1760.177237][T31471]  ? vfs_write+0x2cf/0xe70
[ 1760.177252][T31471]  ? proc_fail_nth_read+0x210/0x210
[ 1760.181580][T31470] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1760.186332][T31471]  vfs_write+0x36a/0xe70
[ 1760.186344][T31471]  ? kernel_write+0x3d0/0x3d0
[ 1760.186355][T31471]  ? __kasan_check_write+0x14/0x20
[ 1760.186365][T31471]  ? mutex_lock+0xa5/0x110
[ 1760.186373][T31471]  ? mutex_trylock+0xa0/0xa0
[ 1760.186385][T31471]  ? __fdget_pos+0x2e7/0x3a0
[ 1760.186393][T31471]  ? ksys_write+0x77/0x2c0
[ 1760.186401][T31471]  ksys_write+0x199/0x2c0
[ 1760.186411][T31471]  ? __ia32_sys_read+0x90/0x90
[ 1760.186423][T31471]  ? debug_smp_processor_id+0x17/0x20
[ 1760.186432][T31471]  __x64_sys_write+0x7b/0x90
[ 1760.186439][T31471]  do_syscall_64+0x34/0x70
[ 1760.186449][T31471]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1760.186457][T31471] RIP: 0033:0x7f62de9dbadf
[ 1760.186468][T31471] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1760.186475][T31471] RSP: 002b:00007f62dd635030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1760.186488][T31471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f62de9dbadf
[ 1760.186494][T31471] RDX: 0000000000000001 RSI: 00007f62dd6350a0 RDI: 0000000000000009
[ 1760.186500][T31471] RBP: 00007f62dd635090 R08: 0000000000000000 R09: 0000000000000000
[ 1760.186506][T31471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1760.186512][T31471] R13: 0000000000000000 R14: 00007f62deb95058 R15: 00007ffd7be70d08
[ 1760.463781][T31470] device bridge_slave_1 entered promiscuous mode
[ 1760.944356][    T9] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1760.957750][    T9] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1760.985557][  T685] usb 5-1: 0:2 : does not exist
[ 1761.001605][  T685] usb 5-1: USB disconnect, device number 121
[ 1761.081220][T17740] device bridge_slave_1 left promiscuous mode
[ 1761.087424][T17740] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1761.099237][T17740] device bridge_slave_0 left promiscuous mode
[ 1761.105198][T17740] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1761.115121][T17740] device veth1_macvtap left promiscuous mode
[ 1761.121020][T17740] device veth0_vlan left promiscuous mode
[ 1761.157921][   T24] audit: type=1400 audit(1729592718.639:695): avc:  denied  { mount } for  pid=31487 comm="syz.4.5983" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1761.212446][ T1910] usb 4-1: USB disconnect, device number 98
[ 1761.226745][   T20] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 1761.252395][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1761.259791][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1761.297558][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1761.308793][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1761.321081][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1761.327979][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1761.335919][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1761.344482][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1761.352723][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1761.359596][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1761.385069][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1761.393205][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1761.402017][   T24] audit: type=1400 audit(1729592718.879:696): avc:  denied  { accept } for  pid=31508 comm="syz.4.5995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1761.428933][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1761.445470][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1761.453847][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1761.461919][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1761.469409][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1761.477902][T31470] device veth0_vlan entered promiscuous mode
[ 1761.496571][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1761.514968][   T20] usb 1-1: Using ep0 maxpacket: 8
[ 1761.516300][T31470] device veth1_macvtap entered promiscuous mode
[ 1761.645268][   T20] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1761.687964][   T20] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1761.705134][   T20] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1761.724889][   T20] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1761.734703][   T20] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1761.767714][   T20] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1761.778909][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1761.797551][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1761.800511][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1761.955149][   T24] audit: type=1400 audit(1729592719.429:697): avc:  denied  { listen } for  pid=31519 comm="syz.4.5997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1762.075900][   T24] audit: type=1400 audit(1729592719.429:698): avc:  denied  { accept } for  pid=31519 comm="syz.4.5997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1762.845038][  T685] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1762.890837][   T24] audit: type=1400 audit(1729592720.369:699): avc:  denied  { connect } for  pid=31544 comm="syz.2.6004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1763.115017][  T685] usb 4-1: Using ep0 maxpacket: 32
[ 1763.117309][   T24] audit: type=1400 audit(1729592720.599:700): avc:  denied  { create } for  pid=31559 comm="syz.4.6010" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1763.141016][   T24] audit: type=1400 audit(1729592720.609:701): avc:  denied  { read } for  pid=31559 comm="syz.4.6010" name="file0" dev="tmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1763.415374][  T685] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[ 1763.436309][  T685] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1763.438611][   T24] audit: type=1400 audit(1729592720.609:702): avc:  denied  { open } for  pid=31559 comm="syz.4.6010" path="/16/file0" dev="tmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1763.465012][  T685] usb 4-1: Product: syz
[ 1763.466661][   T24] audit: type=1400 audit(1729592720.609:703): avc:  denied  { ioctl } for  pid=31559 comm="syz.4.6010" path="/16/file0" dev="tmpfs" ino=106 ioctlcmd=0x127c scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1763.474787][  T685] usb 4-1: Manufacturer: syz
[ 1763.499359][  T685] usb 4-1: SerialNumber: syz
[ 1763.509438][  T685] usb 4-1: config 0 descriptor??
[ 1763.520591][T31569] kvm [31568]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x40000064
[ 1763.610676][T31582] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6019'.
[ 1763.892376][ T1910] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 1763.963016][   T20] usb 1-1: USB disconnect, device number 111
[ 1764.175324][T31614] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1764.182203][T31614] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1764.190068][T31614] device bridge_slave_0 entered promiscuous mode
[ 1764.208660][T31614] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1764.215583][T31614] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1764.224322][T31614] device bridge_slave_1 entered promiscuous mode
[ 1764.398385][  T685] rtl8150 4-1:0.0: eth1: rtl8150 is detected
[ 1764.402467][T31614] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1764.411110][T31614] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1764.418224][T31614] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1764.424990][T31614] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1764.475072][ T1910] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1764.486529][ T1910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1764.497251][ T1910] usb 5-1: Product: syz
[ 1764.501481][ T1910] usb 5-1: Manufacturer: syz
[ 1764.502794][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1764.516792][ T1910] usb 5-1: SerialNumber: syz
[ 1764.517039][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1764.533553][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1764.680170][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1764.682203][ T1910] usb 4-1: USB disconnect, device number 99
[ 1764.741538][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1764.818505][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1764.840284][    T9] device bridge_slave_1 left promiscuous mode
[ 1764.848362][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1764.878916][    T9] device bridge_slave_0 left promiscuous mode
[ 1764.885442][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1764.897131][    T9] device veth1_macvtap left promiscuous mode
[ 1764.909848][    T9] device veth0_vlan left promiscuous mode
[ 1765.032692][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1765.041462][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1765.056438][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1765.065777][T31614] device veth0_vlan entered promiscuous mode
[ 1765.088964][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1765.097773][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1765.107296][   T24] kauditd_printk_skb: 14 callbacks suppressed
[ 1765.107308][   T24] audit: type=1326 audit(1729592722.589:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31654 comm="syz.2.6041" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa0e3936ff9 code=0x0
[ 1765.110126][T31614] device veth1_macvtap entered promiscuous mode
[ 1765.150163][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1765.162271][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1765.171002][T17740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1765.184619][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1765.201450][T30772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1767.145199][   T24] audit: type=1326 audit(1729592724.189:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31687 comm="syz.1.6048" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3f3925bff9 code=0x0
[ 1768.895330][T29500] usb 5-1: USB disconnect, device number 122
[ 1769.195014][ T7247] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1769.235555][   T24] audit: type=1400 audit(1729592726.709:720): avc:  denied  { mount } for  pid=31730 comm="syz.3.6063" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1769.288173][   T24] audit: type=1400 audit(1729592726.739:721): avc:  denied  { unmount } for  pid=31147 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1769.355065][T29500] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1769.366576][T31740] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1769.452207][ T7247] usb 2-1: Using ep0 maxpacket: 32
[ 1769.454085][   T24] audit: type=1400 audit(1729592726.929:722): avc:  denied  { name_bind } for  pid=31741 comm="syz.3.6068" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 1769.694534][T29500] usb 5-1: Using ep0 maxpacket: 16
[ 1769.699932][ T7247] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1769.710169][ T7247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1769.720565][ T7247] usb 2-1: config 0 descriptor??
[ 1770.272950][   T24] audit: type=1400 audit(1729592727.719:723): avc:  denied  { getopt } for  pid=31752 comm="syz.2.6072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1770.293016][T29500] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1770.362663][T29500] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1770.815516][T29500] usb 5-1: Product: syz
[ 1770.819540][T29500] usb 5-1: Manufacturer: syz
[ 1770.823997][T29500] usb 5-1: SerialNumber: syz
[ 1770.833079][T29500] usb 5-1: config 0 descriptor??
[ 1770.898636][T29500] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[ 1770.914891][T29500] usb 5-1: Detected FT232H
[ 1771.115220][T29500] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1771.115253][   T20] usb 1-1: new low-speed USB device number 112 using dummy_hcd
[ 1771.505070][T29500] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[ 1771.512289][T29500] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1771.520437][   T20] usb 1-1: No LPM exit latency info found, disabling LPM.
[ 1771.541392][T29500] usb 5-1: USB disconnect, device number 123
[ 1771.549887][T29500] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1771.559760][T29500] ftdi_sio 5-1:0.0: device disconnected
[ 1771.615250][   T20] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1771.865283][   T20] usb 1-1: string descriptor 0 read error: -22
[ 1771.871681][   T20] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1771.880680][   T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1771.931817][T31786] usb 2-1: USB disconnect, device number 108
[ 1771.939488][   T20] cdc_ether: probe of 1-1:1.0 failed with error -22
[ 1772.142148][   T20] usb 1-1: USB disconnect, device number 112
[ 1772.312178][   T24] audit: type=1400 audit(1729592729.789:724): avc:  denied  { write } for  pid=31792 comm="syz.2.6084" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[ 1772.415412][T29488] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[ 1772.675114][T29488] usb 5-1: Using ep0 maxpacket: 8
[ 1772.805065][T29488] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1772.814396][T29488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1772.867595][T29488] usb 5-1: config 0 descriptor??
[ 1772.974949][   T24] audit: type=1400 audit(1729592730.449:725): avc:  denied  { connect } for  pid=31809 comm="syz.2.6090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1772.997671][   T24] audit: type=1400 audit(1729592730.449:726): avc:  denied  { write } for  pid=31809 comm="syz.2.6090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1773.537859][T31826] netlink: 104 bytes leftover after parsing attributes in process `syz.3.6094'.
[ 1773.981573][   T24] audit: type=1400 audit(1729592731.319:727): avc:  denied  { setattr } for  pid=31825 comm="syz.3.6094" name="NETLINK" dev="sockfs" ino=109779 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1774.056176][T29486] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1774.835268][T29486] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1774.844874][T29486] usb 2-1: can't read configurations, error -61
[ 1775.015034][T29486] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1775.215507][   T24] audit: type=1400 audit(1729592732.699:728): avc:  denied  { mount } for  pid=31842 comm="syz.3.6099" name="/" dev="configfs" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1775.238349][   T24] audit: type=1400 audit(1729592732.699:729): avc:  denied  { setattr } for  pid=31842 comm="syz.3.6099" name="/" dev="configfs" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1775.260712][   T24] audit: type=1400 audit(1729592732.699:730): avc:  denied  { unmount } for  pid=31147 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1775.429594][T31847] request_module fs-gfs2meta succeeded, but still no fs?
[ 1775.453730][  T762] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1775.476437][   T24] audit: type=1400 audit(1729592732.919:731): avc:  denied  { ioctl } for  pid=31844 comm="syz.3.6100" path="/dev/usbmon0" dev="devtmpfs" ino=134 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1775.545044][T29486] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1775.552437][T29486] usb 2-1: can't read configurations, error -61
[ 1775.558758][T29486] usb usb2-port1: attempt power cycle
[ 1775.913597][  T762] usb 1-1: config 0 has no interfaces?
[ 1775.918976][  T762] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1775.928021][  T762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1775.943531][  T762] usb 1-1: config 0 descriptor??
[ 1776.024622][T31857] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6104'.
[ 1776.295020][T31836] udc-core: couldn't find an available UDC or it's busy
[ 1776.345646][T31836] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1776.373885][T22216] usb 1-1: USB disconnect, device number 113
[ 1776.385028][T29488] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1776.397932][T29488] asix: probe of 5-1:0.0 failed with error -71
[ 1776.407727][T29488] usb 5-1: USB disconnect, device number 124
[ 1776.510799][T31863] bridge0: port 3(erspan0) entered blocking state
[ 1776.517228][T31863] bridge0: port 3(erspan0) entered disabled state
[ 1776.523934][T31863] device erspan0 entered promiscuous mode
[ 1776.529656][T31863] bridge0: port 3(erspan0) entered blocking state
[ 1776.535894][T31863] bridge0: port 3(erspan0) entered forwarding state
[ 1776.854996][T22216] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 1777.165039][T22216] usb 1-1: Using ep0 maxpacket: 16
[ 1777.305421][T22216] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1777.361230][T22216] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1777.775109][T22216] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1777.789764][T22216] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1777.798748][T22216] usb 1-1: Product: syz
[ 1777.802765][T22216] usb 1-1: Manufacturer: syz
[ 1777.807972][T22216] usb 1-1: SerialNumber: syz
[ 1777.955621][T31902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6117'.
[ 1777.964467][T31902] device bridge_slave_1 left promiscuous mode
[ 1777.970831][T31902] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1777.979573][T31902] device bridge_slave_0 left promiscuous mode
[ 1777.986051][T31902] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1778.012226][T31905] EXT4-fs (sda1): shut down requested (2)
[ 1778.018127][T31905] Aborting journal on device sda1-8.
[ 1778.105996][T31910] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6120'.
[ 1778.192696][ T7367] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1778.205860][T31916] netlink: 165 bytes leftover after parsing attributes in process `syz.4.6119'.
[ 1778.476915][T31918] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6122'.
[ 1778.589901][T31923] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6124'.
[ 1778.610441][T31923] device bridge_slave_1 left promiscuous mode
[ 1778.616745][T31923] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1778.626491][T31923] bridge1: port 1(bridge_slave_1) entered blocking state
[ 1778.633409][T31923] bridge1: port 1(bridge_slave_1) entered disabled state
[ 1778.641998][T31923] device bridge_slave_1 entered promiscuous mode
[ 1778.705100][ T7367] usb 2-1: Using ep0 maxpacket: 16
[ 1778.710224][T22216] usb 1-1: 0:2 : does not exist
[ 1778.835080][ T7367] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[ 1778.843369][ T7367] usb 2-1: config 0 has no interface number 0
[ 1778.849545][ T7367] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1778.859369][ T7367] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1778.869150][ T7367] usb 2-1: config 0 interface 41 has no altsetting 0
[ 1779.024982][T18822] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1779.137829][T31928] kvm: emulating exchange as write
[ 1779.195660][ T7367] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1779.212911][ T7367] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1779.236999][ T7367] usb 2-1: Product: syz
[ 1779.241091][ T7367] usb 2-1: Manufacturer: syz
[ 1779.246424][ T7367] usb 2-1: SerialNumber: syz
[ 1779.271740][ T7367] usb 2-1: config 0 descriptor??
[ 1779.295781][T31900] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1779.333581][T31900] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1779.385047][T18822] usb 4-1: Using ep0 maxpacket: 8
[ 1779.545022][T18822] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1779.554648][T18822] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1779.558028][T31900] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1779.564163][T18822] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1779.571360][T31900] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1779.580674][T18822] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1779.600243][T18822] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1779.605065][T22216] usb 1-1: 5:0: bogus dB values (-12244/-10556), disabling dB reporting
[ 1779.609049][T18822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1779.618006][T22216] usb 1-1: Warning! Unlikely big volume range (=4321), cval->res is probably wrong.
[ 1779.634732][T22216] usb 1-1: [5] FU [Feature 5 Playback Volume] ch = 1, val = -31346/-27025/1
[ 1779.865002][T22216] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1780.291780][   T24] audit: type=1400 audit(1729592737.769:732): avc:  denied  { call } for  pid=31960 comm="syz.2.6137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1780.311025][   T24] audit: type=1400 audit(1729592737.769:733): avc:  denied  { transfer } for  pid=31960 comm="syz.2.6137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1780.465147][T22216] usb 1-1: 5:0: cannot get min/max values for control 5 (id 5)
[ 1781.886680][   T24] audit: type=1400 audit(1729592739.349:734): avc:  denied  { create } for  pid=31984 comm="syz.4.6147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1781.907163][T31786] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1781.914647][T22216] usb 1-1: 5:0: cannot get min/max values for control 8 (id 5)
[ 1781.922170][   T24] audit: type=1400 audit(1729592739.359:735): avc:  denied  { write } for  pid=31984 comm="syz.4.6147" path="socket:[110051]" dev="sockfs" ino=110051 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1781.945241][ T7367] CoreChips: probe of 2-1:0.41 failed with error -71
[ 1781.948202][   T24] audit: type=1400 audit(1729592739.359:736): avc:  denied  { nlmsg_write } for  pid=31984 comm="syz.4.6147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1781.957114][ T7367] usb 2-1: USB disconnect, device number 112
[ 1781.986187][T22216] usb 1-1: USB disconnect, device number 114
[ 1783.082857][T32005] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6149'.
[ 1783.097971][T31786] usb 3-1: device descriptor read/64, error -71
[ 1783.219212][T32008] usb 4-1: USB disconnect, device number 100
[ 1783.322295][T32001] kvm [32000]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xbe702111
[ 1783.361073][   T24] audit: type=1400 audit(1729592740.809:737): avc:  denied  { nlmsg_read } for  pid=32016 comm="syz.0.6155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1784.358786][T18822] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 1784.885648][T18822] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1784.904658][T18822] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
SYZFAIL: posix_spawn failed
 (errno 5: Input/output error)
[ 1784.947294][T18822] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1784.977195][T18822] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.045268][T18822] usb 1-1: config 0 descriptor??
[ 1785.099085][T18822] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1785.420490][T18822] usb 1-1: USB disconnect, device number 115
[ 1785.466257][T30772] device bridge_slave_1 left promiscuous mode
[ 1785.472170][T30772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1785.479500][T30772] device bridge_slave_0 left promiscuous mode
[ 1785.485565][T30772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1785.492992][T30772] device veth1_macvtap left promiscuous mode
[ 1785.498841][T30772] device veth0_vlan left promiscuous mode
[ 1786.945612][T30772] device bridge_slave_1 left promiscuous mode
[ 1786.951532][T30772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1786.958898][T30772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1786.966771][T30772] device veth1_macvtap left promiscuous mode
[ 1786.972560][T30772] device veth0_vlan left promiscuous mode
[ 1786.978354][T30772] device veth1_macvtap left promiscuous mode