last executing test programs:

20.905461068s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f000086fff4))
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r2)

20.670229954s ago: executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000401c1b3e1b00000000000109026a00010000000009040000010300000009210000000122050009058103"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x4, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x6, 0x5, 0x0, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000280)='jbd2_update_log_tail\x00', r9}, 0x10)
ioctl$TUNSETOFFLOAD(r8, 0x40086607, 0x20001419)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r10 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r10, 0x107, 0x12, &(0x7f0000000140), 0x4)
recvmmsg(0xffffffffffffffff, 0x0, 0xffffffffffffffc6, 0x0, &(0x7f0000000000)={0x7fffffffffffffff, 0x3ff})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000002500)=@mangle={'mangle\x00', 0x1f, 0x6, 0x5d8, 0xf0, 0x318, 0x0, 0x318, 0x438, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@mcast1, @private2, [], [], 'bridge_slave_1\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@remote, @ipv6=@mcast2}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@ah={{0x30}}]}, @inet=@TOS={0x28}}, {{@ipv6={@private0, @private1, [], [], 'veth0_to_hsr\x00', 'macvtap0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@srh={{0x30}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE3={0x28}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@ipv6={@dev, @private0, [], [], 'vlan1\x00', 'bridge_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x638)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r11, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/27, 0x1b}}, 0x120)
readv(r11, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x2)
socket$netlink(0x10, 0x3, 0x0)
connect$packet(r10, &(0x7f0000000040)={0x11, 0x17, 0x0, 0x1, 0x3f, 0x6, @broadcast}, 0x14)
write$UHID_DESTROY(r11, &(0x7f0000000080), 0x4)

18.20196515s ago: executing program 2:
prlimit64(0x0, 0x9, &(0x7f0000000040), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

18.115325703s ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002000f20600000000120000f1850000007d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000340)='ext4_remove_blocks\x00', r1}, 0x10)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[], 0xffe6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)

17.953689948s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8f41c288d409ef0e169a340295f36d4b4", &(0x7f0000000380), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f00000000c0), 0x12)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}})

17.264546543s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000001000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@bridge_getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg0\x00'}]}, 0x34}}, 0x0)

17.204717391s ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
pipe(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r5, 0x29, 0x40, &(0x7f0000000140)=@dstopts, 0x8)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)={[{@usrjquota_path={'usrjquota', 0x3d, './bus'}}, {@dioread_nolock}]}, 0x0, 0x797, &(0x7f0000000c00)="$eJzs3MFrJFkdB/Bv1aQ3OzNZE8GDehBhBReW6SSby87JeBEvCwsLXseQdEJIJz2kO+skLmzGs7BOLgqCKB71pldhWf8ALyILCt4F0TUKi5eW7nR6Jpt07Myk00Pm84Gaeu91Vf9+v67iTRfkdYAX1lc7/xTJVJK3k0z3xsskL3VbLyf7R8cdfvLecmcr0m6/84+ic1oO29P99yp6+9vpnpIvJvmokrz+g9Nxm7t7G0v1em27159tbd6fbe7u3VnfXFqrrdW25hfuzr25sPDm3MKl1fq179y9+egP3zo4+NNvWx98ZeJOkcVu3enVdmmBnnD0mVSy+Gn7xPjWKIKNUTHEMRNXkAcAAOfrfM+/0ftuVsl0bviWBgAAANdOe7INAAAAXHtFxp0BAAAAMFrHfwdwvLZ3VOtgB/n7N5PMnBV/oruGOHk5lSS3DotM9FYkp7fedOYqE+Va2n+Y5MPFM+6/onf/Pb25z/SHWSPN1fqwM/8sJof/SXLi+pf9+Sf9+eexiePfTnhGg+e/x/FvnBG/6G7D3VG/+9mXKgPjP0y+PHFW/KIfvxgQ/7tD1vjBwQ8fDXqt/Yvk62f+/9OvrXsBzvl9iNnV9fq5H8RH/33t4/Pqv3UqflF04xfn139/yPq/f/ivjUFzSSf+a6+ef/2P4k+eOK9zT/yol0eZ5FFv3+kffCbGq5t//v3pyMX+cfyVAZ//2df/2/2zfz5k/X/99eSDIQ8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArjLJVIqy2m+XZbWa3E7yhdwq641m6/XVxs7WSue1ZCaVcnW9XptLMn3ULzr9+d+8kpkn+m9024/7C0k+/5eb3ZiV9Xqtutyor4y7eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpuJ5lKUVaTlEn+PV2W1eq4swIAAAAu3cy4EwAAAABGzvM/AAAAXH9P+/xfXHIeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLX29ltvdbb24SfvLXf6K+/u7mw03r2zUmtuVDd3lqvLje371bVGY61eqy43Nv/f+5VJ5u9m58Fsq9ZszTZ39+5tNna2WvfWN5fWavdqlSupCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIua6m5FWU1SptIffyXJTCrF6nq9Npfkc0k+nq5MdvrzY80YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUWju7m0s1eu17dE1imd/n4w2w+e48auce0yK5HlJ9aka+1d3H464kVzkrPdzqRfuj5df15gnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxqK5u7exVK/XtpvjzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDxKv9WJLk54NWXik+nu/sk3/vpOz9+sNRqbc93xv/ZH2/9pDf+xhMnvn8lyQMAAMCL4hsXObj7nD7R28+PLikAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD6ae7ubSzV67Xt40aR5OTIUI1KkkHH5OHpuL9cGUe1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADARfwvAAD//3UdvXI=")

9.188687342s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000280)='jbd2_update_log_tail\x00', r4}, 0x10)
ioctl$TUNSETOFFLOAD(r3, 0x40086607, 0x20001419)

9.171857574s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x1000, &(0x7f0000000280)={[{@mblk_io_submit}, {@nodelalloc}, {@grpjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@block_validity}, {@quota}]}, 0x3, 0x43e, &(0x7f0000000340)="$eJzs27tvHEUYAPBv9+yEvLAJ4ZEHYAgIi4cdOwFS0IBAogAJiSaUxnaikEuMYiORKIKAUChRJHpEicRfQAUNAiokWuhRpAilIVAd2rtd38N3ju2cvYH7/aTNzezOZea72bmb3fEGMLDGsn+SiN0R8VtEjDSy7QXGGi83b1ya/fvGpdkkarW3/kzq5f66cWm2KFq8b1eeGU8j0k+TONil3sULF8/MVKvz5/P85NLZ9yYXL1x89vTZmVPzp+bPTR8/fuzo1AvPTz/Xlzjvydp64MOFQ/tfe/vqG7Mnrr7z0zdJEX9HHH0yttrBJ2q1PldXrj0t6WSoxIawLpWIyLpruD7+R6ISzc4biVc/KbVxwKaq5XocvlwD/seSKLsFQDmKH/rs+rfYtm72Ub7rLzUugLK4b+Zb48hQpHmZ4Y7r234ai4gTl//5Mttic+5DAAC0+S6b/zzTbf6Xxv0t5e7O14ZG87WUvRFxb0Tsi4j7IuplH4iIB9dZf+ciycr5T3ptQ4GtUTb/ezFf22qf/xWzvxit5Lk99fiHk5Onq/NH8s9kPIa3Z/mpVer4/pVfP+91rHX+l21Z/cVcMG/HtaHt7e+Zm1mauZ2YW13/OOLAULf4k+WVgCQi9kfEgQ3Wcfqprw/1Onbr+FfRh3Wm2lcRTzb6/3J0xF9IVl+fnLwrqvNHJouzYqWff7nyZq/6byv+Psj6f2fX8385/tGkdb12cf11XPn9s57XNBMbOv+bO7blrx/MLC2dn4rYlrzeaHTr/unme4t8UT6Lf/xw9/G/N5qfxMGIyE7ihyLi4Yh4JO+7RyPisYg4vEr8P778+Lu9jt0J/T/X0f+j7UU6+r+Z2Bade7onKmd++Lb9f2wm1/b9d6yeGs/3rOX7by3t2tjZDAAAAP89aUTsjiSdWE6n6cRE42/498XOtLqwuPT0yYX3z801nhEYjeG0uNM10nI/dCq/rC/y0x35o/l94y8qO+r5idmF6lzZwcOA29Vj/Gf+qJTdOmDTeV4LBpfxD4PL+IfBZfzD4Ooy/neU0Q5g63X7/f+ohHYAW69j/Fv2gwHi+h8Gl/EPg6t1/CcltgPYUos74tYPyUtIrEhEekc0oz+JZJNHwe6yA1x/ouxvJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP74NwAA//+7Iehw")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000380), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
setgroups(0xefff, 0x0)

9.170034784s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
set_robust_list(&(0x7f0000000080), 0x18)

9.154094197s ago: executing program 1:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000600)={0x0, <r1=>0x0})
ptrace$cont(0x20, r1, 0x0, 0xb88)

9.153999407s ago: executing program 2:
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448df, &(0x7f00000003c0))

1.261790519s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0x43400)

1.242746871s ago: executing program 0:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x5, 0x2}, 0x48)

1.224440394s ago: executing program 0:
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x2000402)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
readahead(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)

1.169614053s ago: executing program 0:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000028500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='mm_page_free_batched\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x24bdb)
write$cgroup_freezer_state(r3, &(0x7f0000000000)='FROZEN\x00', 0xe000)

1.017737466s ago: executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)='system_u:object_r:selinux_config_t:s0\x00', 0x26, 0x0)
preadv(r0, &(0x7f0000001c40)=[{&(0x7f0000001600)=""/8, 0x8}], 0x1, 0x0, 0x0)

1.008648597s ago: executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000240)=ANY=[@ANYBLOB='1-1,'], 0x31)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r8}})
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f00000001c0)=ANY=[@ANYRES16=r8], 0x168)
write$FUSE_BMAP(r8, 0x0, 0x0)

423.033856ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x8, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f000019e000/0x4000)=nil, 0x200000, 0x9)

341.007629ms ago: executing program 3:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0x1, 0x0, 0x0)

299.221725ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000080)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0xc, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)

285.912707ms ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000008000008500000050000000a50000009700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r2)

283.807628ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000005c0), 0x6, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

270.985399ms ago: executing program 3:
r0 = gettid()
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000200)={0x1})
epoll_pwait(r2, &(0x7f0000000040)=[{}], 0x1, 0xfffffff5, 0x0, 0x0)
tkill(r0, 0x7)

239.718014ms ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'geneve1\x00', 0x2})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x2, 0x7fdf, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000980)=ANY=[])

206.393859ms ago: executing program 3:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='timerslack_ns\x00')

198.48843ms ago: executing program 3:
r0 = socket(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r0, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)

191.113361ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000400)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

178.656934ms ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

0s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
r4 = socket$inet(0x2, 0xa, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='5\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r4}]}, 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

1.108416][  T608] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.120856][  T608] device bridge_slave_0 left promiscuous mode
[  331.130455][  T608] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.144980][  T608] device veth1_macvtap left promiscuous mode
[  331.155045][  T608] device veth0_vlan left promiscuous mode
[  331.529070][T10497] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  331.552272][   T24] audit: type=1400 audit(2000000076.860:25822): avc:  denied  { create } for  pid=10496 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  331.840425][T10060] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  331.930410][T10061] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  331.999936][T10503] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  332.270409][T10060] usb 1-1: Using ep0 maxpacket: 16
[  332.390656][T10060] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  332.398540][T10060] usb 1-1: config 0 has no interface number 0
[  332.404452][T10060] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  332.470533][T10061] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  332.481551][T10061] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  332.492348][T10061] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.501895][T10061] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  332.514701][T10061] usb 2-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00
[  332.523743][T10061] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.531662][T10060] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  332.540849][T10060] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  332.548828][T10061] usb 2-1: config 0 descriptor??
[  332.553717][T10060] usb 1-1: Product: syz
[  332.557684][T10060] usb 1-1: SerialNumber: syz
[  332.562840][T10060] usb 1-1: config 0 descriptor??
[  332.580496][T10497] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  332.709938][   T24] audit: type=1400 audit(2000000078.010:25823): avc:  denied  { bind } for  pid=10506 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  332.711363][T10507] 9pnet: Insufficient options for proto=fd
[  333.020396][  T330] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  333.031212][T10061] thrustmaster 0003:044F:B653.003A: unbalanced delimiter at end of report description
[  333.040881][T10061] thrustmaster 0003:044F:B653.003A: parse failed
[  333.047061][T10061] thrustmaster: probe of 0003:044F:B653.003A failed with error -22
[  333.233525][T10061] usb 2-1: USB disconnect, device number 43
[  333.430432][  T330] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  333.440495][  T330] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99
[  333.449362][  T330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.457874][  T330] usb 5-1: config 0 descriptor??
[  333.740505][  T330] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[  333.953953][T10061] usb 5-1: USB disconnect, device number 37
[  334.022232][T10532] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  334.029286][T10532] IPv6: NLM_F_CREATE should be set when creating new route
[  334.036425][T10532] IPv6: NLM_F_CREATE should be set when creating new route
[  334.238229][T10536] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  335.070352][  T314] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  335.120544][  T330] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  335.310399][  T314] usb 5-1: Using ep0 maxpacket: 8
[  335.350463][   T25] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  335.430532][  T314] usb 5-1: config 0 has an invalid descriptor of length 14, skipping remainder of the config
[  335.440887][  T314] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  335.453605][  T314] usb 5-1: New USB device found, idVendor=046d, idProduct=c22d, bcdDevice= 0.00
[  335.462567][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.471279][  T314] usb 5-1: config 0 descriptor??
[  335.480872][  T330] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.490839][  T330] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  335.499540][  T330] usb 3-1: too many endpoints for config 1 interface 1 altsetting 255: 255, using maximum allowed: 30
[  335.510591][  T330] usb 3-1: config 1 interface 1 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  335.523650][  T330] usb 3-1: config 1 interface 1 has no altsetting 0
[  335.680440][  T330] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  335.689387][  T330] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.697169][  T330] usb 3-1: Product: syz
[  335.701136][  T330] usb 3-1: Manufacturer: syz
[  335.705504][  T330] usb 3-1: SerialNumber: syz
[  335.710542][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  335.721816][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  335.722339][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.731418][   T25] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  335.731431][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.732205][   T25] usb 2-1: config 0 descriptor??
[  335.747777][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.767674][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.774912][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.782249][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.789455][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.797049][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.804261][ T1787] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  335.811525][ T1787] hid-generic 0000:0000:0000.003B: item fetching failed at offset 8/43
[  335.819804][ T1787] hid-generic: probe of 0000:0000:0000.003B failed with error -22
[  336.040496][  T330] usb 3-1: 0:2 : does not exist
[  336.046732][  T330] usb 3-1: USB disconnect, device number 16
[  336.110454][  T314] usb 5-1: string descriptor 0 read error: -71
[  336.116855][  T314] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  336.124497][  T314] usb 5-1: USB disconnect, device number 38
[  336.210845][T10581] udc-core: couldn't find an available UDC or it's busy
[  336.217718][T10581] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  336.699618][T10618] EXT4-fs warning (device sda1): ext4_group_extend:1805: can't shrink FS - resize aborted
[  337.251494][   T25] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.003C/input/input55
[  337.264329][   T25] uclogic 0003:256C:006D.003C: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  337.330403][  T314] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  337.455985][T10061] usb 2-1: USB disconnect, device number 44
[  337.570380][  T314] usb 5-1: Using ep0 maxpacket: 8
[  337.740632][  T314] usb 5-1: config 0 has an invalid descriptor of length 14, skipping remainder of the config
[  337.751124][  T314] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  337.766053][  T314] usb 5-1: New USB device found, idVendor=046d, idProduct=c22d, bcdDevice= 0.00
[  337.775321][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.787254][  T314] usb 5-1: config 0 descriptor??
[  337.931128][T10060] usb 1-1: invalid MIDI in EP 0
[  337.936109][T10060] snd-usb-audio: probe of 1-1:0.2 failed with error -22
[  337.946018][   T25] usb 1-1: USB disconnect, device number 47
[  338.041394][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.071190][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.178578][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.186427][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.193901][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.201794][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.209205][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.217051][T10060] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  338.243339][T10642] cgroup: No subsys list or none specified
[  338.249579][T10060] hid-generic 0000:0000:0000.003D: item fetching failed at offset 8/43
[  338.263521][T10060] hid-generic: probe of 0000:0000:0000.003D failed with error -22
[  338.576713][T10647] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10647 comm=syz-executor.2
[  338.770643][  T314] usb 5-1: string descriptor 0 read error: -71
[  338.782045][  T314] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  338.871860][  T314] usb 5-1: USB disconnect, device number 39
[  339.126179][T10663] xt_CT: You must specify a L4 protocol and not use inversions on it
[  339.365009][   T24] audit: type=1326 audit(2000000084.670:25824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10664 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  339.399612][   T24] audit: type=1326 audit(2000000084.670:25825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10664 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  339.423691][   T24] audit: type=1326 audit(2000000084.670:25826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10664 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  339.522000][  T324] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  339.640440][T10060] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  339.739166][T10682] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  340.122220][T10688] F2FS-fs (loop1): invalid crc value
[  340.128591][T10688] F2FS-fs (loop1): Found nat_bits in checkpoint
[  340.135011][  T324] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  340.145071][  T324] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99
[  340.153959][  T324] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.167291][  T324] usb 4-1: config 0 descriptor??
[  340.171095][T10688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  340.240365][ T1787] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  340.290432][T10060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.301214][T10060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  340.310798][T10060] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  340.319693][T10060] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.340144][T10060] usb 3-1: config 0 descriptor??
[  340.359383][   T24] audit: type=1400 audit(2000000085.660:25827): avc:  denied  { setattr } for  pid=10687 comm="syz-executor.1" name="file0" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  340.440576][  T324] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[  340.540314][ T1787] usb 1-1: Using ep0 maxpacket: 8
[  340.644795][T10698] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10698 comm=syz-executor.4
[  340.696595][   T25] usb 4-1: USB disconnect, device number 31
[  340.850432][ T1787] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  340.872267][T10442] attempt to access beyond end of device
[  340.872267][T10442] loop1: rw=2049, want=45104, limit=40427
[  340.880888][T10667] udc-core: couldn't find an available UDC or it's busy
[  340.890136][T10667] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  341.020464][ T1787] usb 1-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  341.029460][ T1787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.037309][ T1787] usb 1-1: Product: syz
[  341.041442][ T1787] usb 1-1: Manufacturer: syz
[  341.045855][ T1787] usb 1-1: SerialNumber: syz
[  341.055506][ T1787] usb 1-1: config 0 descriptor??
[  341.314145][   T24] audit: type=1326 audit(2000000086.620:25828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.340430][   T25] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  341.524391][   T24] audit: type=1326 audit(2000000086.620:25829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.588143][   T24] audit: type=1326 audit(2000000086.630:25830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.615959][   T24] audit: type=1326 audit(2000000086.630:25831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.640620][   T24] audit: type=1326 audit(2000000086.630:25832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.650169][   T25] usb 2-1: Using ep0 maxpacket: 8
[  341.665355][   T24] audit: type=1326 audit(2000000086.630:25833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10683 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4536878ea9 code=0x7ffc0000
[  341.730675][ T1787] uvcvideo: Found UVC 0.00 device syz (8086:0b03)
[  341.737057][ T1787] uvcvideo: No valid video chain found.
[  341.742975][ T1787] usb 1-1: USB disconnect, device number 48
[  341.810424][   T25] usb 2-1: config 0 has an invalid descriptor of length 14, skipping remainder of the config
[  341.820489][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  341.833228][   T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c22d, bcdDevice= 0.00
[  341.842106][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.850719][   T25] usb 2-1: config 0 descriptor??
[  341.871476][T10060] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.003E/input/input56
[  341.884967][T10060] uclogic 0003:256C:006D.003E: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  342.089665][T10060] usb 3-1: USB disconnect, device number 17
[  342.125909][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.134778][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.142196][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.151503][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.159344][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.166735][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.174010][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.181258][  T324] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  342.188617][  T324] hid-generic 0000:0000:0000.003F: item fetching failed at offset 8/43
[  342.196994][  T324] hid-generic: probe of 0000:0000:0000.003F failed with error -22
[  342.365724][T10733] input: syz0 as /devices/virtual/input/input57
[  342.490379][   T25] usb 2-1: string descriptor 0 read error: -71
[  342.496865][   T25] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  342.525264][   T25] usb 2-1: USB disconnect, device number 45
[  342.915834][T10749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10749 comm=syz-executor.2
[  343.230374][   T25] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  343.371377][T10766] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  343.470340][   T25] usb 3-1: Using ep0 maxpacket: 8
[  343.590902][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  343.770440][   T25] usb 3-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  343.794123][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.818070][   T25] usb 3-1: Product: syz
[  343.826357][   T25] usb 3-1: Manufacturer: syz
[  343.873730][   T25] usb 3-1: SerialNumber: syz
[  343.878885][   T25] usb 3-1: config 0 descriptor??
[  344.383496][   T24] kauditd_printk_skb: 49 callbacks suppressed
[  344.383511][   T24] audit: type=1326 audit(2000000089.670:25883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.414496][T10805] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  344.414652][   T24] audit: type=1326 audit(2000000089.670:25884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.448936][   T24] audit: type=1326 audit(2000000089.670:25885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.460412][   T25] uvcvideo: Found UVC 0.00 device syz (8086:0b03)
[  344.473118][   T24] audit: type=1326 audit(2000000089.670:25886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.508550][   T25] uvcvideo: No valid video chain found.
[  344.510491][   T24] audit: type=1326 audit(2000000089.670:25887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.521808][   T25] usb 3-1: USB disconnect, device number 18
[  344.563355][   T24] audit: type=1326 audit(2000000089.670:25888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.587586][   T24] audit: type=1326 audit(2000000089.670:25889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.680578][   T24] audit: type=1326 audit(2000000089.670:25890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.717505][   T24] audit: type=1326 audit(2000000089.680:25891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.756149][   T24] audit: type=1326 audit(2000000089.680:25892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  344.851578][T10824] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10824 comm=syz-executor.3
[  345.210030][T10828] fuse: Bad value for 'fd'
[  345.990358][  T324] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  346.250341][  T324] usb 4-1: Using ep0 maxpacket: 32
[  346.370418][  T324] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.391021][  T324] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.540442][  T324] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  346.549470][  T324] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  346.557934][  T324] usb 4-1: Product: syz
[  346.562019][  T324] usb 4-1: Manufacturer: syz
[  346.580712][T10881] fuse: Bad value for 'fd'
[  346.611349][  T324] hub 4-1:4.0: USB hub found
[  346.870407][  T324] hub 4-1:4.0: config failed, hub has too many ports! (err -19)
[  347.036340][T10885] syz-executor.4[10885] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.036411][T10885] syz-executor.4[10885] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.073351][T10889] syz-executor.4[10889] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.085549][T10889] syz-executor.4[10889] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.100079][T10889] fuse: Bad value for 'fd'
[  347.174400][T10902] syz-executor.1[10902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.174467][T10902] syz-executor.1[10902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  347.190425][  T314] usb 4-1: USB disconnect, device number 32
[  347.270126][T10904] netlink: 41378 bytes leftover after parsing attributes in process `syz-executor.2'.
[  347.580376][T10060] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  348.207858][T10060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  348.218659][T10060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.228261][T10060] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  348.237083][T10060] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.237612][T10932] netlink: 41378 bytes leftover after parsing attributes in process `syz-executor.3'.
[  348.254826][T10060] usb 3-1: config 0 descriptor??
[  348.921886][T10910] udc-core: couldn't find an available UDC or it's busy
[  348.937923][T10910] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  349.167797][T10963] kernel profiling enabled (shift: 11)
[  349.222323][T10967] syz-executor.3[10967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  349.222391][T10967] syz-executor.3[10967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  349.403459][T10976] device pim6reg1 entered promiscuous mode
[  349.524380][   T24] kauditd_printk_skb: 81 callbacks suppressed
[  349.524405][   T24] audit: type=1326 audit(2000000094.830:25974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fab75b40ea9 code=0x0
[  349.934380][T10998] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  349.951620][T10060] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0040/input/input58
[  349.991482][T10060] uclogic 0003:256C:006D.0040: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  350.207580][   T25] usb 3-1: USB disconnect, device number 19
[  350.346672][T11017] fuse: Bad value for 'fd'
[  350.622471][T11023] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  350.657329][T11027] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  350.895817][   T24] audit: type=1326 audit(2000000096.200:25975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  350.920911][   T24] audit: type=1326 audit(2000000096.200:25976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  350.945085][   T24] audit: type=1326 audit(2000000096.220:25977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  350.984742][   T24] audit: type=1326 audit(2000000096.230:25978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  351.008774][   T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  351.027427][   T24] audit: type=1326 audit(2000000096.230:25979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  351.059116][   T24] audit: type=1326 audit(2000000096.270:25980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5aaaf2ea9 code=0x7ffc0000
[  351.360442][   T25] usb 4-1: Using ep0 maxpacket: 32
[  351.490655][   T25] usb 4-1: config 0 has no interfaces?
[  351.496243][   T25] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  351.525475][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.541098][   T25] usb 4-1: config 0 descriptor??
[  352.051602][T10060] usb 4-1: USB disconnect, device number 33
[  352.802913][T11090] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  354.451313][T11098] F2FS-fs (loop3): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  354.459649][T11098] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  354.481310][T11098] F2FS-fs (loop3): invalid crc value
[  354.521293][T11098] F2FS-fs (loop3): Found nat_bits in checkpoint
[  354.611103][T11131] syz-executor.1[11131] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  354.611168][T11131] syz-executor.1[11131] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  354.640761][T11098] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  354.665426][T11098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  355.200243][T11141] incfs: ino conflict with backing FS 4
[  355.220041][T11141] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  355.271191][T11138] incfs: ino conflict with backing FS 6
[  355.343835][   T24] audit: type=1400 audit(2000000100.580:25981): avc:  denied  { link } for  pid=11097 comm="syz-executor.3" name="file1" dev="incremental-fs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  355.591267][   T24] audit: type=1400 audit(2000000100.580:25982): avc:  denied  { link } for  pid=11097 comm="syz-executor.3" name="file1" dev="loop3" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  356.206021][T11151] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.226609][T11151] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.247541][T11151] device bridge_slave_0 entered promiscuous mode
[  356.266689][T11151] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.281045][T11151] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.296672][T11151] device bridge_slave_1 entered promiscuous mode
[  356.861128][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  356.868627][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  356.885345][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  356.894482][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  356.902822][  T635] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.909706][  T635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  356.917487][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  356.925793][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  356.933983][  T635] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.940850][  T635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.954744][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  356.962445][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  356.970468][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  356.988252][  T362] device bridge_slave_1 left promiscuous mode
[  356.995813][  T362] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.012266][  T362] device bridge_slave_0 left promiscuous mode
[  357.025339][  T362] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.043733][  T362] device veth1_macvtap left promiscuous mode
[  357.055777][  T362] device veth0_vlan left promiscuous mode
[  357.270706][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  357.284735][T11151] device veth0_vlan entered promiscuous mode
[  357.293025][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  357.301303][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  357.309777][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  357.325323][T11151] device veth1_macvtap entered promiscuous mode
[  357.336237][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  357.353345][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  357.362623][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  357.420586][T11208] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  357.430438][T11208] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.3'.
[  357.450194][T11208] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  357.459842][T11208] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.3'.
[  357.588973][T11223] overlayfs: conflicting lowerdir path
[  358.380646][T11238] overlayfs: statfs failed on './file0'
[  360.240387][ T1787] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  360.366734][T11275] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  360.700162][   T24] audit: type=1326 audit(2000000106.000:25983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  360.744232][   T24] audit: type=1326 audit(2000000106.040:25984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  360.769811][   T24] audit: type=1326 audit(2000000106.040:25985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  360.800563][   T24] audit: type=1326 audit(2000000106.040:25986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  360.824835][   T24] audit: type=1326 audit(2000000106.040:25987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11276 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  360.910412][ T1787] usb 3-1: Using ep0 maxpacket: 16
[  361.030414][ T1787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.050334][ T1787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.068175][ T1787] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  361.112455][ T1787] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  361.128508][ T1787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.145395][ T1787] usb 3-1: config 0 descriptor??
[  361.610417][ T1787] usbhid 3-1:0.0: can't add hid device: -71
[  361.616353][ T1787] usbhid: probe of 3-1:0.0 failed with error -71
[  361.630944][ T1787] usb 3-1: USB disconnect, device number 20
[  362.130910][T11316] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[  362.141182][T11314] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  362.242307][   T24] audit: type=1326 audit(2000000107.550:25988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11324 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  362.281652][   T24] audit: type=1326 audit(2000000107.550:25989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11324 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  362.332502][   T24] audit: type=1326 audit(2000000107.580:25990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11324 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  362.398880][   T24] audit: type=1326 audit(2000000107.580:25991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11324 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  362.423393][   T24] audit: type=1326 audit(2000000107.580:25992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11324 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  362.825901][T11370] 9pnet: Unknown protocol version 9p2000.ڴ>;1��gˏӟ?�u
[  364.893971][T11438] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  364.903768][T11438] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  364.912894][T11438] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  364.922069][T11438] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  364.930002][T11438] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  365.066066][T11460] overlayfs: invalid origin (0000)
[  365.118862][T11465] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  365.128138][T11465] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  365.154262][T11465] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  365.163055][T11465] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  365.175001][T11465] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  365.281853][T11488] overlayfs: invalid origin (0000)
[  365.912869][T11509] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  366.150333][  T314] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  366.262480][T11532] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  366.520419][  T314] usb 4-1: config 0 has no interfaces?
[  366.525805][  T314] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  366.544732][  T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.561122][  T314] usb 4-1: config 0 descriptor??
[  366.821536][  T325] usb 4-1: USB disconnect, device number 34
[  366.872135][T11535] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  367.067628][   T24] kauditd_printk_skb: 179 callbacks suppressed
[  367.067643][   T24] audit: type=1326 audit(2000000112.370:26172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.106352][   T24] audit: type=1326 audit(2000000112.370:26173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.150412][   T24] audit: type=1326 audit(2000000112.410:26174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.182669][   T24] audit: type=1326 audit(2000000112.410:26175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.227266][   T24] audit: type=1326 audit(2000000112.410:26176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.272913][   T24] audit: type=1326 audit(2000000112.410:26177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.323457][   T24] audit: type=1326 audit(2000000112.410:26178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c6e8bea9 code=0x7ffc0000
[  367.382534][   T24] audit: type=1326 audit(2000000112.410:26179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc3c6e89627 code=0x7ffc0000
[  367.406661][   T24] audit: type=1326 audit(2000000112.410:26180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc3c6e4f309 code=0x7ffc0000
[  367.430833][   T24] audit: type=1326 audit(2000000112.410:26181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11552 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc3c6e89627 code=0x7ffc0000
[  367.545805][  T362] tipc: Disabling bearer <udp:syz2>
[  367.551176][  T362] tipc: Left network mode
[  367.966959][T11570] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.979900][T11570] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.987701][T11570] device bridge_slave_0 entered promiscuous mode
[  367.995852][T11570] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.002885][T11570] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.011158][T11570] device bridge_slave_1 entered promiscuous mode
[  368.069417][T11570] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.076307][T11570] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.083415][T11570] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.090165][T11570] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.119204][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  368.128260][  T394] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.136110][  T394] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.151887][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  368.160108][  T325] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.167010][  T325] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.175020][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  368.188759][  T325] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.195663][  T325] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.227090][T11594] 9pnet: Unknown protocol version 9p2000.ڴ>;1��gˏӟ?�u
[  368.570222][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  368.580915][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  368.602842][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  368.611035][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  368.626030][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  368.635265][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  368.643619][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  368.651862][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  368.661010][T11570] device veth0_vlan entered promiscuous mode
[  368.668334][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  368.676405][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  368.692249][T11570] device veth1_macvtap entered promiscuous mode
[  368.701241][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  368.709592][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  368.788878][  T325] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  368.803776][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  368.813007][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  368.821378][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  368.829530][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  368.884356][  T362] device bridge_slave_1 left promiscuous mode
[  368.898410][  T362] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.179926][  T362] device bridge_slave_0 left promiscuous mode
[  369.193371][  T362] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.205779][  T362] device veth1_macvtap left promiscuous mode
[  369.216335][  T362] device veth0_vlan left promiscuous mode
[  370.641435][T11666] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11666 comm=syz-executor.2
[  370.742120][T11674] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  371.153730][T11684] incfs: Can't find or create .index dir in ./file0
[  371.160252][T11684] incfs: mount failed -14
[  371.166196][T11684] incfs_lookup_dentry err:-14
[  371.170971][T11684] incfs: Can't find or create .index dir in ./file0
[  371.177688][T11684] incfs: mount failed -14
[  371.223300][T11688] futex_wake_op: syz-executor.0 tries to shift op by -1; fix this program
[  371.244833][T11691] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  371.254426][T11691] netlink: 'syz-executor.0': attribute type 15 has an invalid length.
[  371.368147][T11696] syz-executor.3[11696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.368530][T11696] syz-executor.3[11696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.432075][T11696] 9pnet: Insufficient options for proto=fd
[  371.734012][T11708] netem: change failed
[  371.767217][T11713] futex_wake_op: syz-executor.2 tries to shift op by -1; fix this program
[  371.896067][T11734] syz-executor.0[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.896112][T11734] syz-executor.0[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.950619][T11742] syz-executor.0[11742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.962913][T11742] syz-executor.0[11742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.995947][T11744] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  372.032918][T11744] bridge1: port 1(gretap1) entered blocking state
[  372.039337][T11744] bridge1: port 1(gretap1) entered disabled state
[  372.046918][T11744] device gretap1 entered promiscuous mode
[  372.497527][   T24] kauditd_printk_skb: 83 callbacks suppressed
[  372.497540][   T24] audit: type=1400 audit(2000000117.800:26265): avc:  denied  { bind } for  pid=11756 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  372.533218][   T24] audit: type=1326 audit(2000000117.840:26266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.557584][   T24] audit: type=1326 audit(2000000117.840:26267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.591005][   T24] audit: type=1326 audit(2000000117.840:26268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.619280][   T24] audit: type=1326 audit(2000000117.840:26269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.624066][T11762] fuse: Bad value for 'fd'
[  372.646727][   T24] audit: type=1326 audit(2000000117.840:26270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.673058][   T24] audit: type=1326 audit(2000000117.840:26271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.698298][   T24] audit: type=1326 audit(2000000117.840:26272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.725878][   T24] audit: type=1326 audit(2000000117.840:26273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.750323][   T24] audit: type=1326 audit(2000000117.840:26274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  372.833618][T11775] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  372.932347][T11784] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  372.995516][T11785] syz-executor.2[11785] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  372.995902][T11785] syz-executor.2[11785] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  373.049353][T11785] 9pnet: Insufficient options for proto=fd
[  373.119852][T11784] bridge1: port 1(gretap1) entered blocking state
[  373.127102][T11784] bridge1: port 1(gretap1) entered disabled state
[  373.139452][T11784] device gretap1 entered promiscuous mode
[  373.544231][T11788] fuse: Bad value for 'fd'
[  373.686162][T11795] 9pnet: Insufficient options for proto=fd
[  373.781562][T11805] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  373.887728][T11816] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11816 comm=syz-executor.3
[  374.650966][T11831] syz-executor.4[11831] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  374.651233][T11831] syz-executor.4[11831] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  374.693096][T11831] 9pnet: Insufficient options for proto=fd
[  374.904376][T11838] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11838 comm=syz-executor.3
[  375.339233][   T25] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[  375.865986][T11863] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11863 comm=syz-executor.0
[  376.030775][   T25] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  376.042433][   T25] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  376.050507][   T25] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  376.059474][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  376.441512][   T25] usb 3-1: string descriptor 0 read error: -22
[  376.448539][   T25] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  376.457718][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.505818][   T25] usb 3-1: config 0 descriptor??
[  376.511830][T11877] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11877 comm=syz-executor.3
[  376.540462][T11839] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  376.577971][   T25] hub 3-1:0.0: bad descriptor, ignoring hub
[  376.584980][   T25] hub: probe of 3-1:0.0 failed with error -5
[  376.593097][   T25] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input59
[  376.902829][   T25] usb 3-1: USB disconnect, device number 21
[  378.239425][   T24] kauditd_printk_skb: 41 callbacks suppressed
[  378.239440][   T24] audit: type=1326 audit(2000000123.540:26316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.284286][   T24] audit: type=1326 audit(2000000123.560:26317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.308419][   T24] audit: type=1326 audit(2000000123.560:26318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.332492][   T24] audit: type=1326 audit(2000000123.570:26319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.356588][   T24] audit: type=1326 audit(2000000123.580:26320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.380748][   T24] audit: type=1326 audit(2000000123.580:26321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  378.404806][   T24] audit: type=1326 audit(2000000123.580:26322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6c9b3b8627 code=0x7ffc0000
[  378.428892][   T24] audit: type=1326 audit(2000000123.580:26323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6c9b37e309 code=0x7ffc0000
[  378.455286][   T24] audit: type=1326 audit(2000000123.580:26324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6c9b3b8627 code=0x7ffc0000
[  378.460365][   T25] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  378.479970][   T24] audit: type=1326 audit(2000000123.580:26325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11940 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6c9b37e309 code=0x7ffc0000
[  378.545639][T11952] syz-executor.0[11952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.545704][T11952] syz-executor.0[11952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.558826][T11952] syz-executor.0[11952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.571172][T11952] syz-executor.0[11952] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  378.850410][   T25] usb 4-1: Using ep0 maxpacket: 8
[  379.020441][   T25] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  379.032435][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.049664][   T25] usb 4-1: config 0 descriptor??
[  379.346674][T11992] syz-executor.0[11992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  379.346737][T11992] syz-executor.0[11992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  379.377855][T11999] xt_bpf: check failed: parse error
[  379.790618][   T25] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  380.066905][T12019] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  380.086649][T12019] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.093673][T12019] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.179455][T12025] syz-executor.2[12025] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  380.179504][T12025] syz-executor.2[12025] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  380.259122][T12031] xt_bpf: check failed: parse error
[  380.373956][T12039] device pim6reg1 entered promiscuous mode
[  380.501070][T12057] device veth0_vlan left promiscuous mode
[  380.508088][T12057] device veth0_vlan entered promiscuous mode
[  380.520464][   T25] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  380.530616][   T25] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  380.540992][   T25] asix: probe of 4-1:0.0 failed with error -71
[  380.548014][   T25] usb 4-1: USB disconnect, device number 35
[  381.470233][T12171] xt_bpf: check failed: parse error
[  381.555035][T12177] 9pnet: Unknown protocol version 9p2000.ڴ>;1��gˏӟ?�u
[  381.854396][T12182] incfs: Can't find or create .index dir in ./file0
[  381.860974][T12182] incfs: mount failed -14
[  381.902753][T12193] syz-executor.3[12193] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  381.902813][T12193] syz-executor.3[12193] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  382.487690][T12211] fuse: Bad value for 'fd'
[  382.681042][T12216] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.687907][T12216] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.698292][T12216] device bridge_slave_0 entered promiscuous mode
[  382.710810][T12216] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.717994][T12216] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.729226][T12216] device bridge_slave_1 entered promiscuous mode
[  383.079394][T12216] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.086293][T12216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.093408][T12216] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.100174][T12216] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.126879][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  383.134871][  T394] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.142952][  T394] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.160931][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  383.168934][  T394] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.175802][  T394] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.183334][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  383.191372][  T394] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.198239][  T394] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.206253][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  383.214135][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  383.234340][T12236] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.241221][T12236] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.248764][T12216] device veth0_vlan entered promiscuous mode
[  383.255042][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  383.263421][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  383.271716][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  383.279285][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  383.292413][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  383.301563][T12216] device veth1_macvtap entered promiscuous mode
[  383.315867][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  383.324899][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  383.408937][ T1856] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  383.571293][  T330] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  383.628816][T12253] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'.
[  383.712175][ T1856] usb 1-1: Using ep0 maxpacket: 8
[  383.864068][ T1856] usb 1-1: config 0 has an invalid descriptor of length 14, skipping remainder of the config
[  383.874133][ T1856] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  383.887097][ T1856] usb 1-1: New USB device found, idVendor=046d, idProduct=c22d, bcdDevice= 0.00
[  383.895963][ T1856] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.904505][ T1856] usb 1-1: config 0 descriptor??
[  384.004708][  T330] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  384.015467][  T330] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  384.024985][  T330] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  384.033822][  T330] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.042341][  T330] usb 4-1: config 0 descriptor??
[  384.189591][T12232] udc-core: couldn't find an available UDC or it's busy
[  384.196569][T12232] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  384.394265][T12257] bpf_get_probe_write_proto: 4 callbacks suppressed
[  384.394276][T12257] syz-executor.4[12257] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.401049][T12257] syz-executor.4[12257] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  384.414297][   T24] kauditd_printk_skb: 122 callbacks suppressed
[  384.414313][   T24] audit: type=1326 audit(2000000129.615:26448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.462670][T12256] device pim6reg1 entered promiscuous mode
[  384.470133][   T24] audit: type=1326 audit(2000000129.615:26449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.535554][   T24] audit: type=1326 audit(2000000129.615:26450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.559617][   T24] audit: type=1326 audit(2000000129.615:26451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.585706][   T24] audit: type=1326 audit(2000000129.615:26452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.610164][   T24] audit: type=1326 audit(2000000129.615:26453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.635191][   T24] audit: type=1326 audit(2000000129.615:26454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  384.660360][   T24] audit: type=1326 audit(2000000129.615:26455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.687454][   T24] audit: type=1326 audit(2000000129.633:26456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12255 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  384.904120][  T330] usb 4-1: language id specifier not provided by device, defaulting to English
[  385.032802][T12279] syz-executor.4[12279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.032877][T12279] syz-executor.4[12279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.048731][T12279] syz-executor.4[12279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.060474][T12279] syz-executor.4[12279] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.153327][  T330] uclogic 0003:256C:006D.0041: failed retrieving Huion firmware version: -71
[  385.177524][  T330] uclogic 0003:256C:006D.0041: failed probing parameters: -71
[  385.184943][  T330] uclogic: probe of 0003:256C:006D.0041 failed with error -71
[  385.198400][  T330] usb 4-1: USB disconnect, device number 36
[  385.338522][T12289] overlayfs: statfs failed on './file0'
[  385.752415][T12299] device pim6reg1 entered promiscuous mode
[  385.873933][T12307] overlayfs: statfs failed on './file0'
[  385.941945][T12313] syz-executor.4[12313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.942002][T12313] syz-executor.4[12313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.955455][T12313] syz-executor.4[12313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  385.967294][T12313] syz-executor.4[12313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  386.377395][ T1856] usb 1-1: string descriptor 0 read error: -71
[  386.416103][ T1856] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  386.429329][ T1856] usb 1-1: USB disconnect, device number 49
[  386.651750][   T24] audit: type=1326 audit(2000000131.682:26457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12363 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  387.573106][T12387] overlayfs: failed to clone upperpath
[  387.861681][    T5] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  388.479278][    T5] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  388.652606][    T5] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  388.661675][    T5] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.669611][    T5] usb 3-1: Product: syz
[  388.673726][    T5] usb 3-1: Manufacturer: syz
[  388.678208][    T5] usb 3-1: SerialNumber: syz
[  388.683409][    T5] usb 3-1: config 0 descriptor??
[  388.706761][T12385] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  389.077403][    T5] usb 3-1: USB disconnect, device number 22
[  390.036761][T12470] futex_wake_op: syz-executor.4 tries to shift op by 32; fix this program
[  390.200801][T12488] bpf_get_probe_write_proto: 4 callbacks suppressed
[  390.200809][T12488] syz-executor.4[12488] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  390.207593][T12488] syz-executor.4[12488] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  390.221121][T12488] SELinux:  Context @ is not valid (left unmapped).
[  390.239366][   T24] kauditd_printk_skb: 25 callbacks suppressed
[  390.239379][   T24] audit: type=1400 audit(2000000134.996:26483): avc:  denied  { relabelto } for  pid=12487 comm="syz-executor.4" name="cgroup.controllers" dev="sda1" ino=2106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  390.270381][ T1856] usb 1-1: new low-speed USB device number 50 using dummy_hcd
[  390.281495][   T24] audit: type=1400 audit(2000000135.033:26484): avc:  denied  { unlink } for  pid=9559 comm="syz-executor.4" name="cgroup.controllers" dev="sda1" ino=2106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  390.320114][T12492] fuse: Bad value for 'fd'
[  390.343358][T12496] futex_wake_op: syz-executor.4 tries to shift op by 32; fix this program
[  390.440247][    T5] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  390.483960][   T25] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  390.689442][ T1856] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  390.697531][ T1856] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  390.705455][ T1856] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  390.714176][ T1856] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  390.732759][    T5] usb 3-1: device descriptor read/64, error -71
[  390.906243][   T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  390.921659][T12508] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.928921][T12508] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.936101][T12508] device bridge_slave_0 entered promiscuous mode
[  390.945313][T12508] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.952289][T12508] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.959566][T12508] device bridge_slave_1 entered promiscuous mode
[  391.002173][T12508] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.009046][T12508] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.016132][T12508] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.022908][T12508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.030261][ T1856] usb 1-1: string descriptor 0 read error: -22
[  391.036725][ T1856] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  391.045614][ T1856] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.054735][ T1856] usb 1-1: config 0 descriptor??
[  391.060454][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.067666][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.079437][T12467] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  391.101194][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  391.101469][ T1856] hub 1-1:0.0: bad descriptor, ignoring hub
[  391.108619][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  391.114121][   T25] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  391.130156][ T1856] hub: probe of 1-1:0.0 failed with error -5
[  391.134885][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  391.136040][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.144226][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  391.152905][ T1856] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input60
[  391.160297][    T5] usb 3-1: device descriptor read/64, error -71
[  391.170940][   T25] usb 4-1: Product: syz
[  391.170951][   T25] usb 4-1: Manufacturer: syz
[  391.170961][   T25] usb 4-1: SerialNumber: syz
[  391.171799][   T25] usb 4-1: config 0 descriptor??
[  391.180056][T10060] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.201881][T10060] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.209126][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  391.209491][T12486] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  391.217468][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  391.232012][T10060] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.238853][T10060] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.246405][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  391.254464][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  391.262298][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  391.270272][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  391.293759][T12508] device veth0_vlan entered promiscuous mode
[  391.300152][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  391.308906][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  391.317165][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  391.327086][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  391.343908][T12508] device veth1_macvtap entered promiscuous mode
[  391.351104][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  391.358497][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  391.366429][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  391.366781][  T314] usb 1-1: USB disconnect, device number 50
[  391.374823][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  391.388094][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  391.414960][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  391.424026][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  391.433032][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  391.442105][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  391.469493][    T5] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  391.482946][   T25] usb 4-1: USB disconnect, device number 37
[  391.535534][T12526] futex_wake_op: syz-executor.1 tries to shift op by 32; fix this program
[  391.689256][  T362] device bridge_slave_0 left promiscuous mode
[  391.695356][  T362] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.703532][  T362] device veth1_macvtap left promiscuous mode
[  391.714057][  T362] device veth0_vlan left promiscuous mode
[  391.736164][T12543] fuse: Bad value for 'fd'
[  391.761993][    T5] usb 3-1: device descriptor read/64, error -71
[  392.455337][    T5] usb 3-1: device descriptor read/64, error -71
[  392.585465][    T5] usb usb3-port1: attempt power cycle
[  393.032695][T12574] fuse: Bad value for 'fd'
[  393.078469][   T24] audit: type=1326 audit(2000000137.617:26485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12577 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  393.109505][    T5] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  393.132365][   T24] audit: type=1326 audit(2000000137.617:26486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12577 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  393.156547][   T24] audit: type=1326 audit(2000000137.617:26487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12577 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  393.181730][   T24] audit: type=1326 audit(2000000137.617:26488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12577 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  393.205884][   T24] audit: type=1326 audit(2000000137.617:26489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12577 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  393.252777][T12592] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  393.262092][   T24] audit: type=1400 audit(2000000137.774:26490): avc:  denied  { setopt } for  pid=12590 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  393.313691][    T5] usb 3-1: device descriptor read/8, error -71
[  393.323524][T12596] EXT4-fs (loop0): Test dummy encryption mode enabled
[  393.332612][T12596] EXT4-fs error (device loop0): __ext4_iget:4958: inode #11: block 1: comm syz-executor.0: invalid block
[  393.345273][T12596] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz-executor.0: couldn't read orphan inode 11 (err -117)
[  393.357537][T12596] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue
[  393.387464][T12596] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  393.396722][T12596] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[  393.922750][    T5] usb 3-1: device descriptor read/8, error -71
[  393.969334][T12615] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  393.984618][T12615] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  393.996006][T12615] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  394.376392][T12644] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  394.414925][T12644] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  394.437994][T12644] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  394.773665][   T24] audit: type=1326 audit(2000000139.177:26491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12657 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  394.893974][   T24] audit: type=1326 audit(2000000139.205:26492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12657 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  395.364677][T12679] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12679 comm=syz-executor.1
[  395.377694][T12679] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  395.557864][T12700] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  395.769502][T12689] 9pnet: Insufficient options for proto=fd
[  395.889934][  T314] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  396.339360][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.350254][  T314] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  396.359283][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.371244][  T314] usb 1-1: config 0 descriptor??
[  396.460750][T12725] device wg2 entered promiscuous mode
[  396.746551][   T24] kauditd_printk_skb: 3 callbacks suppressed
[  396.746563][   T24] audit: type=1107 audit(2000000141.004:26496): pid=12699 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='O'
[  396.769763][   T24] audit: type=1326 audit(2000000141.014:26497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12727 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  396.805533][T12734] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12734 comm=syz-executor.4
[  396.829241][   T24] audit: type=1326 audit(2000000141.023:26498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12727 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  396.853312][   T24] audit: type=1326 audit(2000000141.023:26499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12727 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facb882fea9 code=0x7ffc0000
[  396.890125][T12739] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  396.995644][  T314] keytouch 0003:0926:3333.0042: fixing up Keytouch IEC report descriptor
[  397.005191][  T314] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0042/input/input61
[  397.089106][T12755] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[  397.105552][  T314] keytouch 0003:0926:3333.0042: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  397.155310][T12762] fuse: Bad value for 'fd'
[  397.186614][T12767] fuse: Bad value for 'fd'
[  397.192206][ T9575] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  397.784018][T12787] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  397.809746][    T5] usb 1-1: USB disconnect, device number 51
[  398.316786][ T9575] usb 4-1: language id specifier not provided by device, defaulting to English
[  398.479947][ T9575] usb 4-1: New USB device found, idVendor=04b0, idProduct=0301, bcdDevice= 0.10
[  398.500326][ T9575] usb 4-1: New USB device strings: Mfr=1, Product=24, SerialNumber=3
[  398.522544][ T9575] usb 4-1: Product: syz
[  398.526540][ T9575] usb 4-1: Manufacturer: ഹ⼕ᯛ뇴񐞶
[  398.532094][ T9575] usb 4-1: SerialNumber: syz
[  398.538080][ T9575] usb 4-1: config 0 descriptor??
[  398.577209][ T9575] usb-storage 4-1:0.0: USB Mass Storage device detected
[  398.585086][ T9575] usb-storage 4-1:0.0: Quirks match for vid 04b0 pid 0301: 80
[  398.630694][   T24] audit: type=1400 audit(2000000142.730:26500): avc:  denied  { unlink } for  pid=12807 comm="syz-executor.2" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  398.665106][T12814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12814 comm=syz-executor.2
[  398.678493][T12814] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  398.684655][T12816] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12816 comm=syz-executor.0
[  398.708857][T12818] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  398.742215][   T24] audit: type=1400 audit(2000000142.841:26501): avc:  denied  { watch } for  pid=12826 comm="syz-executor.0" path="/root/syzkaller-testdir2498177628/syzkaller.6Hn1Sd/95/file0/file0" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  399.342668][T12858] xt_ecn: cannot match TCP bits for non-tcp packets
[  400.052627][  T394] usb 4-1: USB disconnect, device number 38
[  400.142157][T12872] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  400.151824][T12870] exfat: Deprecated parameter 'namecase'
[  400.226045][T12870] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  400.380448][T12874] overlayfs: './file0' not a directory
[  400.409594][T12887] fuse: Bad value for 'fd'
[  400.933529][T12908] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  400.951139][T12910] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  401.059433][   T24] audit: type=1400 audit(2000000144.983:26502): avc:  denied  { create } for  pid=12914 comm="syz-executor.3" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:fusefs_t tclass=chr_file permissive=1
[  401.110602][   T24] audit: type=1326 audit(2000000145.010:26503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  401.147891][   T24] audit: type=1326 audit(2000000145.019:26504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  401.219530][   T24] audit: type=1326 audit(2000000145.019:26505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  401.881471][T12947] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.888416][T12947] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.903505][T12947] device bridge_slave_0 entered promiscuous mode
[  401.911979][T12947] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.919278][T12947] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.926736][T12947] device bridge_slave_1 entered promiscuous mode
[  401.972018][T12947] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.978889][T12947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.986153][T12947] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.993113][T12947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.014804][ T1787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  402.022485][ T1787] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.029642][ T1787] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.039030][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  402.047758][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.054613][ T9575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.082324][T12956] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  402.098729][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  402.163950][ T9575] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.170797][ T9575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.196466][   T24] kauditd_printk_skb: 8 callbacks suppressed
[  402.196478][   T24] audit: type=1107 audit(2000000146.035:26514): pid=12961 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='�D'
[  402.217562][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  402.225761][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  402.233799][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  402.284390][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  402.376004][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  402.385980][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  402.400180][T12947] device veth0_vlan entered promiscuous mode
[  402.559585][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  402.567919][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  402.580470][T12947] device veth1_macvtap entered promiscuous mode
[  402.593954][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  402.601832][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  402.610185][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  402.623846][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  402.632213][ T9575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  403.489056][T13002] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  403.666820][T13004] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.679689][T13004] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.780353][T13004] device bridge_slave_0 entered promiscuous mode
[  403.788233][    T7] device bridge_slave_1 left promiscuous mode
[  403.794502][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.802404][    T7] device bridge_slave_0 left promiscuous mode
[  403.808617][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.817100][    T7] device veth1_macvtap left promiscuous mode
[  403.819174][T13016] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  403.823744][    T7] device veth0_vlan left promiscuous mode
[  404.002593][T13004] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.010125][T13004] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.017642][T13004] device bridge_slave_1 entered promiscuous mode
[  404.421427][T13004] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.428314][T13004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.435493][T13004] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.442288][T13004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.443833][T13046] xt_bpf: check failed: parse error
[  404.451548][T10061] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  404.485687][ T9941] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.487333][T13052] syz-executor.4[13052] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  404.493867][ T9941] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.495450][T13052] syz-executor.4[13052] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  404.514417][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  404.533524][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  404.550779][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  404.562296][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.569179][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.585037][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  404.594635][  T635] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.601545][  T635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.609245][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  404.631788][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  404.656287][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  404.722751][T13004] device veth0_vlan entered promiscuous mode
[  404.733470][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  404.743101][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  404.750658][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  404.773340][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  405.057346][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  405.078952][T13004] device veth1_macvtap entered promiscuous mode
[  405.090170][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  405.098424][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  405.099213][T10061] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.108083][  T635] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  405.117465][T10061] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  405.134227][T10061] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.149430][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  405.157935][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  405.158119][T10061] usb 1-1: config 0 descriptor??
[  405.270228][T13077] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.277542][T13077] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.284797][T13077] device bridge_slave_0 entered promiscuous mode
[  405.296851][T13077] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.304011][T13077] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.312276][T13077] device bridge_slave_1 entered promiscuous mode
[  405.385545][    T7] device gretap1 left promiscuous mode
[  405.390909][    T7] bridge1: port 1(gretap1) entered disabled state
[  405.401154][T13077] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.408022][T13077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  405.415116][T13077] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.421889][T13077] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.431013][   T24] audit: type=1107 audit(2000000149.016:26515): pid=13014 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='O'
[  405.465938][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  405.474044][T10060] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.481892][T10060] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.499314][T13101] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  405.510366][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  405.519158][ T9941] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.526042][ T9941] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.533865][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  405.542350][ T9941] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.549231][ T9941] bridge0: port 2(bridge_slave_1) entered forwarding state
[  405.556482][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  405.577250][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  405.587087][ T9941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  405.614295][T13077] device veth0_vlan entered promiscuous mode
[  405.625303][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  405.634285][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  405.642296][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  405.658661][T13077] device veth1_macvtap entered promiscuous mode
[  405.671952][T10061] keytouch 0003:0926:3333.0043: fixing up Keytouch IEC report descriptor
[  405.681102][   T24] audit: type=1400 audit(2000000149.247:26516): avc:  denied  { getopt } for  pid=13108 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  405.702248][T10061] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0043/input/input63
[  405.714636][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  405.730694][    T7] device bridge_slave_1 left promiscuous mode
[  405.740867][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.748751][    T7] device bridge_slave_0 left promiscuous mode
[  405.761882][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.786171][    T7] device veth1_macvtap left promiscuous mode
[  405.789578][T10061] keytouch 0003:0926:3333.0043: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  405.792010][    T7] device veth0_vlan left promiscuous mode
[  405.862432][T13117] syz-executor.2[13117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.862479][T13117] syz-executor.2[13117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.877390][   T24] audit: type=1400 audit(2000000149.422:26517): avc:  denied  { getopt } for  pid=13116 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  406.033451][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  406.042134][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  406.050256][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  406.059501][T10061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  406.110166][T13121] syz-executor.1[13121] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.110247][T13121] syz-executor.1[13121] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.143540][T13115] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.163310][T13115] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.170668][T13115] device bridge_slave_0 entered promiscuous mode
[  406.177909][T13115] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.185762][T13115] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.193418][T13115] device bridge_slave_1 entered promiscuous mode
[  406.276092][T13115] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.283003][T13115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.290268][T13115] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.297156][T13115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.518557][ T1856] usb 1-1: USB disconnect, device number 52
[  406.546360][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  406.624272][ T3976] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.657514][ T3976] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.982055][T13137] device veth0_vlan left promiscuous mode
[  406.988197][T13137] device veth0_vlan entered promiscuous mode
[  407.005791][ T1856] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  407.015475][ T1856] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.022332][ T1856] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.034402][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  407.057264][ T3976] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.064147][ T3976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.079032][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  407.144303][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  407.155482][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  407.180711][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  407.189162][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  407.548591][T13115] device veth0_vlan entered promiscuous mode
[  407.556028][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  407.563992][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  407.577430][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  407.587409][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  407.619215][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  407.724763][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  407.864964][T13115] device veth1_macvtap entered promiscuous mode
[  407.876851][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  407.884545][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  407.892656][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  407.905465][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  407.913949][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  408.372842][T13191] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  408.397956][   T24] audit: type=1400 audit(2000000151.757:26518): avc:  denied  { wake_alarm } for  pid=13193 comm="syz-executor.3" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  409.204780][    T7] device bridge_slave_1 left promiscuous mode
[  409.238591][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.284707][    T7] device bridge_slave_0 left promiscuous mode
[  409.337088][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.442930][    T7] device bridge_slave_1 left promiscuous mode
[  409.451080][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.460039][    T7] device bridge_slave_0 left promiscuous mode
[  409.489790][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.507348][    T7] device veth1_macvtap left promiscuous mode
[  409.518001][    T7] device veth0_vlan left promiscuous mode
[  409.524040][    T7] device veth1_macvtap left promiscuous mode
[  409.530134][    T7] device veth0_vlan left promiscuous mode
[  409.692700][ T3976] Bluetooth: hci0: command 0x1003 tx timeout
[  409.698618][T13152] Bluetooth: hci0: sending frame failed (-49)
[  409.890564][T13233] syz-executor.3[13233] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.890625][T13233] syz-executor.3[13233] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  410.140747][T13247] incfs_lookup_dentry err:-14
[  410.157188][T13247] incfs: Can't find or create .incomplete dir in ./file0
[  410.168548][T13247] incfs: mount failed -14
[  410.431548][   T24] audit: type=1326 audit(2000000153.631:26519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13252 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  410.456079][   T24] audit: type=1326 audit(2000000153.631:26520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13252 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  410.493397][T13258] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  410.496155][   T24] audit: type=1326 audit(2000000153.631:26521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13252 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  410.526553][T13258] device bridge_slave_1 left promiscuous mode
[  410.532967][   T24] audit: type=1326 audit(2000000153.631:26522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13252 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  410.557428][T13258] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.566223][T13258] device bridge_slave_0 left promiscuous mode
[  410.572388][   T24] audit: type=1326 audit(2000000153.659:26523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13252 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  410.596738][T13258] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.492746][   T24] audit: type=1326 audit(2000000154.609:26524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13286 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548d8b5ea9 code=0x7ffc0000
[  411.517150][   T24] audit: type=1326 audit(2000000154.609:26525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13286 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548d8b5ea9 code=0x7ffc0000
[  411.541906][   T24] audit: type=1326 audit(2000000154.609:26526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13286 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f548d8b5ea9 code=0x7ffc0000
[  411.566054][   T24] audit: type=1326 audit(2000000154.609:26527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13286 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548d8b5ea9 code=0x7ffc0000
[  411.946385][T13257] Bluetooth: hci0: command 0x1001 tx timeout
[  411.952611][T13152] Bluetooth: hci0: sending frame failed (-49)
[  411.967971][  T590] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  412.135531][T13321] syz-executor.1[13321] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.135591][T13321] syz-executor.1[13321] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.373295][T13348] syz-executor.1[13348] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.385409][T13348] syz-executor.1[13348] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.444630][  T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  412.474880][  T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  412.489653][  T590] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  412.498545][  T590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.507350][  T590] usb 5-1: config 0 descriptor??
[  412.899783][  T590] usbhid 5-1:0.0: can't add hid device: -71
[  412.905712][  T590] usbhid: probe of 5-1:0.0 failed with error -71
[  412.913011][  T590] usb 5-1: USB disconnect, device number 40
[  413.109150][  T394] kernel read not supported for file root/syzkaller-testdir2957978268/syzkaller.aFM99Y/103 (pid: 394 comm: kworker/0:5)
[  413.235401][ T3976] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  413.320361][T13407] device wireguard0 entered promiscuous mode
[  413.928840][ T3976] usb 2-1: language id specifier not provided by device, defaulting to English
[  413.940093][T13257] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  414.058827][ T3976] usb 2-1: New USB device found, idVendor=04b0, idProduct=0301, bcdDevice= 0.10
[  414.067782][ T3976] usb 2-1: New USB device strings: Mfr=1, Product=24, SerialNumber=3
[  414.075965][ T3976] usb 2-1: Product: syz
[  414.080005][ T3976] usb 2-1: Manufacturer: ഹ⼕ᯛ뇴񐞶
[  414.085720][ T3976] usb 2-1: SerialNumber: syz
[  414.090811][ T3976] usb 2-1: config 0 descriptor??
[  414.135103][ T3976] usb-storage 2-1:0.0: USB Mass Storage device detected
[  414.145088][ T3976] usb-storage 2-1:0.0: Quirks match for vid 04b0 pid 0301: 80
[  414.199735][T13254] Bluetooth: hci0: command 0x1009 tx timeout
[  414.263260][T13459] device syzkaller0 entered promiscuous mode
[  414.351407][T13257] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.362932][T13257] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  414.373211][T13257] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  414.382121][T13257] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.390619][T13257] usb 4-1: config 0 descriptor??
[  414.397677][   T24] kauditd_printk_skb: 35 callbacks suppressed
[  414.397691][   T24] audit: type=1326 audit(2000000157.295:26563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13460 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x0
[  414.806444][T13257] usbhid 4-1:0.0: can't add hid device: -71
[  414.812334][T13257] usbhid: probe of 4-1:0.0 failed with error -71
[  414.819165][T13257] usb 4-1: USB disconnect, device number 39
[  415.369942][T13482] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  415.379298][T13482] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  415.519925][   T24] audit: type=1326 audit(2000000158.320:26564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f548d8b5ea9 code=0x0
[  415.832567][   T24] audit: type=1326 audit(2000000158.615:26565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.857018][   T24] audit: type=1326 audit(2000000158.615:26566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.881635][   T24] audit: type=1326 audit(2000000158.615:26567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.905923][   T24] audit: type=1326 audit(2000000158.643:26568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.930035][   T24] audit: type=1326 audit(2000000158.643:26569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.954459][   T24] audit: type=1326 audit(2000000158.643:26570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  415.978576][   T24] audit: type=1326 audit(2000000158.661:26571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f576d9ea9 code=0x7ffc0000
[  416.002507][   T24] audit: type=1326 audit(2000000158.661:26572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13509 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f576d7627 code=0x7ffc0000
[  416.037438][T13513] syz-executor.2[13513] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.037480][T13513] syz-executor.2[13513] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.142952][  T394] usb 2-1: USB disconnect, device number 46
[  416.375158][T13521] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  416.767388][T13254] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  416.778310][  T394] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  417.027386][T13254] usb 3-1: Using ep0 maxpacket: 16
[  417.168292][  T394] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.179075][  T394] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.188668][  T394] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  417.190012][T13254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.197590][  T394] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.208755][T13254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.216980][  T394] usb 4-1: config 0 descriptor??
[  417.225768][T13254] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  417.243078][T13254] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  417.251945][T13254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.260482][T13254] usb 3-1: config 0 descriptor??
[  417.743968][  T394] logitech 0003:046D:C24F.0044: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.3-1/input0
[  417.755414][  T394] logitech 0003:046D:C24F.0044: no inputs found
[  417.764913][T13254] microsoft 0003:045E:07DA.0045: unknown main item tag 0x0
[  417.771984][T13254] microsoft 0003:045E:07DA.0045: unbalanced collection at end of report description
[  417.781589][T13254] microsoft 0003:045E:07DA.0045: parse failed
[  417.787564][T13254] microsoft: probe of 0003:045E:07DA.0045 failed with error -22
[  417.961826][T13257] usb 4-1: USB disconnect, device number 40
[  417.983371][T13254] usb 3-1: USB disconnect, device number 27
[  418.082116][T13552] F2FS-fs (loop4): invalid crc value
[  418.089077][T13552] F2FS-fs (loop4): Found nat_bits in checkpoint
[  418.128556][T13552] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  418.135364][T13552] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  418.238018][T13572] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  418.315257][T13575] attempt to access beyond end of device
[  418.315257][T13575] loop4: rw=2049, want=45112, limit=40427
[  418.559745][T13580] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  419.072545][T13604] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  419.093916][T13601] device wireguard0 entered promiscuous mode
[  419.357282][T13631] SELinux:  Context ( is not valid (left unmapped).
[  419.364413][T13635] incfs: Options parsing error. -22
[  419.370991][T13635] incfs: mount failed -22
[  419.398032][T13641] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  419.499032][T13641] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.505971][T13641] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.245132][ T3976] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  420.432638][T13686] netlink: 'syz-executor.3': attribute type 27 has an invalid length.
[  420.450402][T13686] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.457417][T13686] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.511302][T13688] cgroup: name respecified
[  420.635250][ T3976] usb 2-1: config index 0 descriptor too short (expected 106, got 36)
[  420.643756][ T3976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.920412][ T3976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.930190][ T3976] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  420.939113][ T3976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.947641][ T3976] usb 2-1: config 0 descriptor??
[  421.209568][T13703] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  421.921959][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x1
[  421.931362][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.938792][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.957236][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.964479][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.971677][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.979133][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x4
[  421.986434][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  421.987327][   T24] kauditd_printk_skb: 72 callbacks suppressed
[  421.987341][   T24] audit: type=1400 audit(2000000164.292:26645): avc:  denied  { connect } for  pid=13652 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  421.993756][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x2
[  422.027044][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.034364][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.041706][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.101620][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.109348][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x4
[  422.116617][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.124190][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.131690][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.138888][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.146132][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.153308][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.160646][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.167990][T13254] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  422.175986][T13254] hid-generic 0000:0000:0000.0046: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  422.271211][ T3976] usbhid 2-1:0.0: can't add hid device: -71
[  422.277081][ T3976] usbhid: probe of 2-1:0.0 failed with error -71
[  422.284202][ T3976] usb 2-1: USB disconnect, device number 47
[  431.260712][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  431.612832][T13800] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  431.635185][T13802] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13802 comm=syz-executor.4
[  431.722628][T13804] input: syz0 as /devices/virtual/input/input66
[  431.980277][T13810] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  432.628027][   T24] audit: type=1400 audit(2000000174.112:26646): avc:  denied  { create } for  pid=13822 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  432.651562][   T24] audit: type=1400 audit(2000000174.122:26647): avc:  denied  { ioctl } for  pid=13822 comm="syz-executor.0" path="socket:[76843]" dev="sockfs" ino=76843 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  432.685150][T13823] tipc: Started in network mode
[  432.689856][T13823] tipc: Own node identity aaaaaaaaaa32, cluster identity 4711
[  432.697289][T13823] tipc: Enabled bearer <eth:vlan0>, priority 10
[  432.705089][T13823] tipc: Disabling bearer <eth:vlan0>
[  432.792421][   T24] audit: type=1326 audit(2000000174.242:26648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  432.816810][   T24] audit: type=1326 audit(2000000174.242:26649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  432.856298][   T24] audit: type=1326 audit(2000000174.242:26650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  432.929810][T13843] syz-executor.3[13843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  432.930170][T13843] syz-executor.3[13843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  433.108018][   T24] audit: type=1326 audit(2000000174.242:26651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  433.143581][   T24] audit: type=1326 audit(2000000174.242:26652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  433.167695][   T24] audit: type=1326 audit(2000000174.242:26653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  433.197328][   T24] audit: type=1326 audit(2000000174.242:26654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  433.227149][   T24] audit: type=1326 audit(2000000174.242:26655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13832 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12086eea9 code=0x7ffc0000
[  433.550363][T13852] input: syz0 as /devices/virtual/input/input67
[  433.699843][  T394] Bluetooth: hci0: command 0x1003 tx timeout
[  433.705986][T13152] Bluetooth: hci0: sending frame failed (-49)
[  433.855312][T13860] overlayfs: statfs failed on './file0'
[  434.434048][T13867] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  434.565860][T13874] syz-executor.3[13874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.566101][T13874] syz-executor.3[13874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.584266][T13874] syz-executor.3[13874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.596636][T13874] syz-executor.3[13874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.720522][T13879] syz-executor.3[13879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.732594][T13879] syz-executor.3[13879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.895240][T13883] overlayfs: failed to resolve './file1': -2
[  435.213607][T13891] syz-executor.3[13891] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  435.214161][T13891] syz-executor.3[13891] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  435.622669][T13899] input: syz0 as /devices/virtual/input/input68
[  435.955271][T10061] Bluetooth: hci0: command 0x1001 tx timeout
[  435.961262][T13152] Bluetooth: hci0: sending frame failed (-49)
[  438.147895][T13951] serio: Serial port pts1
[  438.208276][T13257] Bluetooth: hci0: command 0x1009 tx timeout
[  438.229420][T13954] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=overlay ino=77078
[  438.238667][T13954] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=overlay ino=77078
[  438.623836][T13970] incfs: Can't find or create .index dir in ./file0
[  438.630313][T13970] incfs: mount failed -14
[  438.717561][T13974] SELinux:  Context system_u:object_r:selinux_config_t:s0 is not valid (left unmapped).
[  438.727457][   T24] kauditd_printk_skb: 34 callbacks suppressed
[  438.727474][   T24] audit: type=1400 audit(2000000179.743:26690): avc:  denied  { relabelto } for  pid=13973 comm="syz-executor.0" name="file0" dev="sda1" ino=2146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:selinux_config_t:s0"
[  438.764875][   T24] audit: type=1400 audit(2000000179.780:26691): avc:  denied  { rmdir } for  pid=11570 comm="syz-executor.0" name="file0" dev="sda1" ino=2146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:selinux_config_t:s0"
[  439.203461][   T24] audit: type=1326 audit(2000000180.186:26692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.228014][   T24] audit: type=1326 audit(2000000180.186:26693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.253248][   T24] audit: type=1326 audit(2000000180.195:26694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.277381][   T24] audit: type=1326 audit(2000000180.195:26695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.301610][   T24] audit: type=1326 audit(2000000180.195:26696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.327463][   T24] audit: type=1326 audit(2000000180.195:26697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.352762][   T24] audit: type=1326 audit(2000000180.195:26698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.376811][   T24] audit: type=1326 audit(2000000180.195:26699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13996 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c9b3baea9 code=0x7ffc0000
[  439.703538][  T394] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  439.843875][T14017] SELinux: security_context_str_to_sid(s) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  439.923048][T14023] EXT4-fs (sda1): Unrecognized mount option "�" or missing value
[  439.963436][  T394] usb 1-1: Using ep0 maxpacket: 32
[  440.004384][T14031] bpf_get_probe_write_proto: 2 callbacks suppressed
[  440.004391][T14031] syz-executor.4[14031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  440.011440][T14031] syz-executor.4[14031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  440.191153][T14048] geneve1: tun_chr_ioctl cmd 1074025681
[  440.267006][  T394] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  440.275859][  T394] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.283702][  T394] usb 1-1: Product: syz
[  440.295109][  T394] usb 1-1: Manufacturer: syz
[  440.299562][  T394] usb 1-1: SerialNumber: syz
[  440.310313][  T394] usb 1-1: config 0 descriptor??
[  440.332814][T14058] EXT4-fs (loop4): Ignoring removed orlov option
[  440.339040][T14058] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  440.355870][T14058] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  440.389507][T14058] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.4: corrupt xattr in inline inode
[  440.403272][T14058] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2204: inode #12: comm syz-executor.4: corrupted in-inode xattr
[  440.422676][T13115] ==================================================================
[  440.430712][T13115] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc67/0xc80
[  440.438482][T13115] Read of size 4 at addr ffff88813c323000 by task syz-executor.4/13115
[  440.446550][T13115] 
[  440.448730][T13115] CPU: 1 PID: 13115 Comm: syz-executor.4 Tainted: G        W         5.10.214-syzkaller-00187-ge6f44899ce5d #0
[  440.460266][T13115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  440.470163][T13115] Call Trace:
[  440.473299][T13115]  dump_stack_lvl+0x1e2/0x24b
[  440.477802][T13115]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  440.483097][T13115]  ? panic+0x80b/0x80b
[  440.487008][T13115]  ? ext4_mark_iloc_dirty+0x2c23/0x3e60
[  440.492386][T13115]  print_address_description+0x81/0x3b0
[  440.497765][T13115]  kasan_report+0x179/0x1c0
[  440.502101][T13115]  ? __ext4_journal_ensure_credits+0x470/0x470
[  440.508088][T13115]  ? ext4_xattr_delete_inode+0xc67/0xc80
[  440.513561][T13115]  ? ext4_xattr_delete_inode+0xc67/0xc80
[  440.519034][T13115]  __asan_report_load4_noabort+0x14/0x20
[  440.524495][T13115]  ext4_xattr_delete_inode+0xc67/0xc80
[  440.529789][T13115]  ? sb_end_intwrite+0x110/0x110
[  440.534568][T13115]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  440.540476][T13115]  ? __kasan_check_read+0x11/0x20
[  440.545329][T13115]  ext4_evict_inode+0x1095/0x1730
[  440.550188][T13115]  ? ext4_inode_is_fast_symlink+0x360/0x360
[  440.555928][T13115]  ? inode_io_list_del_locked+0x1ad/0x210
[  440.561474][T13115]  ? _raw_spin_unlock+0x4d/0x70
[  440.566156][T13115]  ? ext4_inode_is_fast_symlink+0x360/0x360
[  440.571883][T13115]  evict+0x2a3/0x6c0
[  440.575620][T13115]  iput+0x632/0x7e0
[  440.579282][T13115]  vfs_rmdir+0x271/0x3f0
[  440.583343][T13115]  do_rmdir+0x2cf/0x5c0
[  440.587352][T13115]  ? d_delete_notify+0xd0/0xd0
[  440.591938][T13115]  ? strncpy_from_user+0x18e/0x2d0
[  440.596900][T13115]  ? getname_flags+0x1fd/0x520
[  440.601481][T13115]  __x64_sys_unlinkat+0xdf/0xf0
[  440.606172][T13115]  do_syscall_64+0x34/0x70
[  440.610436][T13115]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  440.616148][T13115] RIP: 0033:0x7fb12086e687
[  440.620407][T13115] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  440.639840][T13115] RSP: 002b:00007ffdf7218bc8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  440.648084][T13115] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fb12086e687
[  440.655897][T13115] RDX: 0000000000000200 RSI: 00007ffdf7219d70 RDI: 00000000ffffff9c
[  440.663706][T13115] RBP: 00007fb1208cb636 R08: 0000000000000000 R09: 0000000000000000
[  440.671516][T13115] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffdf7219d70
[  440.679328][T13115] R13: 00007fb1208cb636 R14: 000000000006a698 R15: 0000000000000007
[  440.687141][T13115] 
[  440.689305][T13115] The buggy address belongs to the page:
[  440.694804][T13115] page:ffffea0004f0c8c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x13c323
[  440.704849][T13115] flags: 0x4000000000000000()
[  440.709367][T13115] raw: 4000000000000000 ffffea000511b188 ffffea000500ea08 0000000000000000
[  440.717787][T13115] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  440.726199][T13115] page dumped because: kasan: bad access detected
[  440.732456][T13115] page_owner tracks the page as freed
[  440.737668][T13115] page last allocated via order 0, migratetype Movable, gfp_mask 0x8100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x8000000), pid 14057, ts 440378250701, free_ts 440419595950
[  440.754155][T13115]  prep_new_page+0x166/0x180
[  440.758577][T13115]  get_page_from_freelist+0x2d8c/0x2f30
[  440.763955][T13115]  __alloc_pages_nodemask+0x435/0xaf0
[  440.769167][T13115]  wp_page_copy+0x201/0x1940
[  440.773679][T13115]  do_wp_page+0x71b/0xca0
[  440.777841][T13115]  handle_pte_fault+0x1685/0x3e30
[  440.782703][T13115]  __handle_speculative_fault+0x13a6/0x1ec0
[  440.788429][T13115]  exc_page_fault+0x234/0x5b0
[  440.792955][T13115]  asm_exc_page_fault+0x1e/0x30
[  440.797623][T13115] page last free stack trace:
[  440.802149][T13115]  free_unref_page_prepare+0x2ae/0x2d0
[  440.807440][T13115]  free_unref_page_list+0x122/0xb20
[  440.812500][T13115]  release_pages+0xea0/0xef0
[  440.816899][T13115]  free_pages_and_swap_cache+0x8a/0xa0
[  440.822198][T13115]  tlb_finish_mmu+0x177/0x320
[  440.826708][T13115]  exit_mmap+0x312/0x5c0
[  440.830784][T13115]  __mmput+0x95/0x2d0
[  440.834602][T13115]  mmput+0x59/0x170
[  440.838247][T13115]  do_exit+0xbda/0x2a50
[  440.842240][T13115]  do_group_exit+0x141/0x310
[  440.846688][T13115]  get_signal+0x10a0/0x1410
[  440.851008][T13115]  arch_do_signal_or_restart+0xbd/0x17c0
[  440.856476][T13115]  exit_to_user_mode_loop+0x9b/0xd0
[  440.861510][T13115]  syscall_exit_to_user_mode+0xc5/0x1d0
[  440.866892][T13115]  do_syscall_64+0x40/0x70
[  440.871142][T13115]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  440.876867][T13115] 
[  440.879029][T13115] Memory state around the buggy address:
2033/05/18 03:36:21 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  440.884505][T13115]  ffff88813c322f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  440.892402][T13115]  ffff88813c322f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  440.900302][T13115] >ffff88813c323000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  440.908194][T13115]                    ^
[  440.912104][T13115]  ffff88813c323080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  440.920000][T13115]  ffff88813c323100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  440.927898][T13115] ==================================================================
[  440.935799][T13115] Disabling lock debugging due to kernel taint