last executing test programs:

16.087315131s ago: executing program 2 (id=628):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800002, 0x14)

15.995661498s ago: executing program 2 (id=631):
sigaltstack(0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f00000000c0)='@', 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000c00)=""/4111, 0x100f}], 0x1}}], 0x1, 0x122, 0x0)

15.766315137s ago: executing program 2 (id=636):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)

15.612834201s ago: executing program 2 (id=639):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f00000005c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debug,usefree,tz=UTC,flush,nodots,\x00'], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file7\x00')
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x4ba, 0x0, 0x0, 0x0, 0x0, 0x1, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x48)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0)

15.607797531s ago: executing program 0 (id=642):
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000500)="1dd3071f4234371758683a62e88cc6ec85ff498f7e8ff7ad216f828a61ace81fbc"}, 0x20)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)={0x3a4, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_NODE={0x334, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x32a, 0x3, "8e42fd1d2329b145e12cd57d9d7dd1ccfa3e9b73de032fb7841220a74bddef4bdadd89759fe3b9fcf03a2214932e4ac0c7bef23467226db81a59b25114d663251f22358d6789665cac6bd3d8bd9db0ef4de3a18bfaf3782d86c1de7515cd680583e72c9bd4267e21ee00fa61412f5da6cce23bbb33e4263e731d025cbf494cff72e8312e823b2569e3f1727ef5b59dfe313253ab9d77884a8c93567c11ab36b2d509fc0d0b87826981d622d7d5f494ef21031f3434a04fc0184fc89f8f1066514878205ae6b649f93ca3be9a3e3c0d57bd435f1be2a98d7620be218dbb5e36726eda3a253194764d7566b2cccd649aa558793b3a9e84482760ebb9f90d103b9a36fc2a6743bfaf9de974c216aac6d23c73334afac9019f29d5f94d305f4404f0e67d20c086ea9193b97467e19079619c94ce2b30b1b0007a9d7e7075154a73ed7a551d4bc24e66769cdd659f8a7853aeb649d4d62147aba0008edae131814efe830938a14e0b7e03df975dde088d120167752efe7d8f7317bdfb774e91b1470c4e8f22c66ff6db6ec36e848775f982558bf60c1d55856d0e0ba959d2915c7abc15cf93f486825164becb9e2dd988e5380fb972b3eaa2b4de10ff753c1fefae597c8c7501d6ddbb388c9788d6054d7f85d0292efc15002e79f1daa55af63a2ffa94ecc5c3004949c1152bb769caa3322a9edbe402070f570bce38d59014e2f9a102024978c2b211af9c43f893a0dea2d2a5fb3af6196c32bb55f8786fbbf498b2e3a16b42195f17ec48ca4e885f80731dfa51c816505299f77611830c33e3c9b1b3bdac07d5930f90918a2b23c6588166437f7f52875cc66d19283c6c42984ee2f1b467f700d38d8dccd50c785f034e493d1e7d16a57ec30316003ea8bbf8d8eddff1ebcde2368c6352e0100a7ddb710fca41c489e9dcaff5c875bf995ed91fa177c08373a6bce21a7ade82166f414cc79fb75b8ee7feafd8259d40b3fa428d68203c5446d969c3a3df0b61b66b7c957a3bb748a9e6fc1c2e568ff4481f514df26e0258b1373a69116a64589a109338602de798633b8994d6556ca8c814005507349ae8f08a8a78d8e1f00faa85a8d11aa521377d1812732aff65e287a4062feb4ac55521ac62"}]}]}, 0x3a4}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000004c0)=0x68)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.208758775s ago: executing program 2 (id=644):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r4 = dup(r1)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})

15.205871215s ago: executing program 0 (id=647):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001440)={{r0}, &(0x7f00000013c0), &(0x7f0000001400)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

15.174205458s ago: executing program 2 (id=648):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000600)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x18, &(0x7f0000000440)={@ptr={0x70742a85, 0x0, 0x0}, @fda={0x66646185, 0x0, 0x1}, @flat=@weak_binder}, &(0x7f0000000240)={0x0, 0x28, 0x48}}}], 0x0, 0x0, 0x0})

15.086150205s ago: executing program 0 (id=650):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x7}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="1201000000000040d90470a000000000000109022400010000000009040000020300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0022080000000403"], 0x0}, 0x0)

12.722598775s ago: executing program 0 (id=664):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kvm_fpu\x00', r4}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11.912766713s ago: executing program 0 (id=667):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

11.00432468s ago: executing program 0 (id=671):
ptrace(0x10, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000380)={0x0, <r3=>0x0})
ptrace$getenv(0x4204, r3, 0x201, &(0x7f0000000000))

8.880067029s ago: executing program 4 (id=679):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

7.670546482s ago: executing program 1 (id=680):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

7.669970752s ago: executing program 3 (id=681):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x3, 0x6, 0xa5, 0x0, 0x9, 0x13, 0x2, 0x7, 0x2, 0x1, 0xb, 0x8, 0x0, 0x9, 0x9, 0x0, 0x8, 0x7b, 0x3, '\x00', 0x1, 0x4})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000070000040"])

7.669494522s ago: executing program 4 (id=682):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$MSR(0x0, 0x7, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r1, 0x40187013, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a400fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040400007203ffffffd00000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6.360836992s ago: executing program 1 (id=683):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_es_find_extent_range_exit\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000100), 0x1001)

6.360299502s ago: executing program 3 (id=684):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={0xffffffffffffffff, 0x18000000000002a0, 0xe40, 0x0, &(0x7f00000002c0)="f6ea090003000060009ba538a44cc2", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00220f000000a3"], 0x0}, 0x0)

6.360025652s ago: executing program 4 (id=685):
openat(0xffffffffffffffff, 0x0, 0x2402, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0)
r1 = dup(r0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r2, 0xee72)
r3 = io_uring_setup(0x7d1, &(0x7f0000000580)={0x0, 0xddf9, 0x2, 0xfffffffe, 0x183})
close_range(r3, r3, 0x0)
io_submit(0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8000fffffffe)

4.918626824s ago: executing program 1 (id=686):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000480)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000400)=""/32, 0x20, 0x0, 0x4ad}}, 0x120)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r1, 0x4004480d, 0x0)
socket(0x10, 0x803, 0x2)
ppoll(&(0x7f0000000040)=[{r1}], 0x1, 0x0, &(0x7f0000000140)={[0x7]}, 0x8)

4.918222504s ago: executing program 4 (id=687):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000180)={0x0, 0x0, 0x2, "8144"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000540)={0x0, 0x0, 0x2, "cd74"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.406389312s ago: executing program 3 (id=688):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bridge_slave_1\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x2, 0xe, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @rand_addr=0x2}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast2, @in=@empty}}]}, 0x80}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

1.799221068s ago: executing program 1 (id=689):
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x95d})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000039000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000440)="8fe848ee06380f01d10f21f83500000d000f23f8b8f83aa9970f23d80f21f835800000f00f23f80f01c866bad104b0d1eec4e3b96802ff0f97fe0f0010660f63c4360f78b9fc000000", 0x49}], 0x1, 0x52, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="650f8a020066b9030100c00f32f20f320fc7a9406366b8005000000f23d00f21f866353000000d0f23f8f3260f32b805008ed8b800088ec80f01c40fdf840b00", 0x40}], 0x1, 0x41, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)={0x1, 0x0, [{0x80000001, 0x3, 0x0, 0x1, 0x4}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.798354848s ago: executing program 3 (id=690):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r4}, &(0x7f00000008c0), &(0x7f0000000900)=r3}, 0x20)

1.797438088s ago: executing program 4 (id=691):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

81.925323ms ago: executing program 1 (id=693):
r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r0, 0x541b, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r3, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
clock_gettime(0x1, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)

81.099413ms ago: executing program 3 (id=694):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000080000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl(r3, 0x7fffffff, 0x0)

80.655583ms ago: executing program 4 (id=695):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000002c0)={0x0, 0x0, 0x4, r2})
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

42.156706ms ago: executing program 1 (id=696):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='ext4_sync_file_exit\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000018c0)={&(0x7f0000001880)='ext4_sync_file_exit\x00', r1}, 0x10)
write$cgroup_pid(r3, &(0x7f0000000980), 0x12)

0s ago: executing program 3 (id=697):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'wlan1\x00', 0x400})
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000002eeed88696", @ANYRES32=r3], 0x20}}, 0x0)

kernel console output (not intermixed with test programs):

m syz.3.322: corrupted inode contents
[   42.852933][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.861119][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.861850][ T1180] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #3: comm syz.3.322: mark_inode_dirty error
[   42.867998][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.868775][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.885531][ T1180] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #3: comm syz.3.322: corrupted inode contents
[   42.888597][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.900675][ T1180] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.322: mark_inode_dirty error
[   42.905224][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.913037][ T1180] Quota error (device loop3): write_blk: dquota write failed
[   42.936963][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.945295][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.953039][ T1180] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   42.954956][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.965221][   T28] audit: type=1400 audit(1729041249.473:258): avc:  denied  { bind } for  pid=1184 comm="syz.0.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   42.972354][ T1180] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.322: Failed to acquire dquot type 0
[   42.995249][ T1161] device veth0_vlan entered promiscuous mode
[   43.008764][ T1180] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.322: corrupted inode contents
[   43.009008][   T28] audit: type=1400 audit(1729041249.523:259): avc:  denied  { setopt } for  pid=1184 comm="syz.0.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.021702][ T1180] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #16: comm syz.3.322: mark_inode_dirty error
[   43.041784][   T28] audit: type=1400 audit(1729041249.553:260): avc:  denied  { ioctl } for  pid=1184 comm="syz.0.324" path="socket:[21999]" dev="sockfs" ino=21999 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   43.052522][ T1180] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.322: corrupted inode contents
[   43.092536][   T24] usb 3-1: USB disconnect, device number 6
[   43.093506][ T1180] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.322: mark_inode_dirty error
[   43.109571][ T1180] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.322: corrupted inode contents
[   43.110806][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.121965][ T1180] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   43.129930][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.144527][ T1180] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.322: corrupted inode contents
[   43.157029][ T1180] EXT4-fs error (device loop3): ext4_truncate:4302: inode #16: comm syz.3.322: mark_inode_dirty error
[   43.157608][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.168208][ T1180] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   43.184369][ T1180] EXT4-fs (loop3): 1 truncate cleaned up
[   43.190041][ T1180] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   43.199163][ T1180] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038 (0x7fffffff)
[   43.199874][   T28] audit: type=1400 audit(1729041249.713:261): avc:  denied  { listen } for  pid=1186 comm="syz.1.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   43.265141][ T1180] EXT4-fs error (device loop3): ext4_resize_begin:62: comm syz.3.322: resize_inode disabled but reserved GDT blocks non-zero
[   43.267629][ T1161] device veth1_macvtap entered promiscuous mode
[   43.285655][ T1191] netlink: 4 bytes leftover after parsing attributes in process `syz.1.326'.
[   43.298063][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   43.306108][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.311538][ T1180] syz.3.322 (1180) used greatest stack depth: 19912 bytes left
[   43.320928][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   43.321722][  T292] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   43.349062][ T1191] netlink: 12 bytes leftover after parsing attributes in process `syz.1.326'.
[   43.356887][  T292] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2926: inode #18: comm syz-executor: corrupted xattr block 41
[   43.370340][  T292] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -74)
[   43.380034][  T292] EXT4-fs warning (device loop3): ext4_dirblock_csum_set:426: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   43.400585][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   43.409659][  T292] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz-executor: corrupted xattr block 19
[   43.421831][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.438751][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   43.447344][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.455488][  T292] SELinux: inode_doinit_use_xattr:  getxattr returned 74 for dev=loop3 ino=15
[   43.467105][  T292] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz-executor: corrupted xattr block 19
[   43.494113][  T292] SELinux: inode_doinit_use_xattr:  getxattr returned 74 for dev=loop3 ino=15
[   43.503298][  T292] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz-executor: corrupted xattr block 19
[   43.534169][  T292] SELinux: inode_doinit_use_xattr:  getxattr returned 74 for dev=loop3 ino=15
[   43.543650][  T292] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz-executor: Failed to acquire dquot type 1
[   43.550207][ T1205] loop4: detected capacity change from 0 to 1024
[   43.571997][ T1205] EXT4-fs: Ignoring removed orlov option
[   43.580595][ T1205] EXT4-fs (loop4): Test dummy encryption mode enabled
[   43.601916][ T1205] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   43.612916][  T292] EXT4-fs (loop3): unmounting filesystem.
[   43.788804][  T328] device bridge_slave_1 left promiscuous mode
[   43.795240][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.806704][  T328] device bridge_slave_0 left promiscuous mode
[   43.841798][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.964211][  T328] device bridge_slave_1 left promiscuous mode
[   44.024626][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.081609][  T328] device bridge_slave_0 left promiscuous mode
[   44.089955][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.102534][  T328] device veth1_macvtap left promiscuous mode
[   44.109871][  T328] device veth0_vlan left promiscuous mode
[   44.118554][  T328] device veth1_macvtap left promiscuous mode
[   44.128096][  T328] device veth0_vlan left promiscuous mode
[   44.217971][ T1234] loop2: detected capacity change from 0 to 1024
[   44.224458][ T1234] EXT4-fs: Ignoring removed orlov option
[   44.230829][ T1234] EXT4-fs: Ignoring removed nomblk_io_submit option
[   44.248679][ T1234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   44.278561][ T1234] loop2: detected capacity change from 1024 to 64
[   44.295681][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.309177][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.322718][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.336101][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.349659][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.363450][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.377042][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.393065][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.411891][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.425595][ T1068] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[   44.440260][ T1161] EXT4-fs (loop4): unmounting filesystem.
[   44.515239][ T1243] loop4: detected capacity change from 0 to 2048
[   44.533747][ T1243] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c018, mo2=0002]
[   44.541849][ T1251] loop1: detected capacity change from 0 to 128
[   44.549206][ T1243] System zones: 0-7
[   44.551449][ T1068] EXT4-fs (loop2): unmounting filesystem.
[   44.553461][ T1243] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   44.578313][ T1235] kmmpd-loop2: attempt to access beyond end of device
[   44.578313][ T1235] loop2: rw=14337, sector=128, nr_sectors = 2 limit=64
[   44.578611][ T1161] EXT4-fs (loop4): unmounting filesystem.
[   44.597303][ T1235] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[   44.636155][ T1232] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.644957][ T1232] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.653154][ T1232] device bridge_slave_0 entered promiscuous mode
[   44.660533][ T1232] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.681095][ T1232] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.699204][ T1232] device bridge_slave_1 entered promiscuous mode
[   44.732535][ T1265] loop4: detected capacity change from 0 to 256
[   44.740292][   T19] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[   44.748909][   T19] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[   44.757336][   T19] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   44.831072][ T1265] Disabled LAPIC found during irq injection
[   44.901748][ T1232] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.908628][ T1232] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.915728][ T1232] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.922524][ T1232] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.963085][ T1272] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.970116][ T1272] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.978025][ T1272] device bridge_slave_0 entered promiscuous mode
[   44.985370][ T1272] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.993910][ T1272] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.006434][ T1272] device bridge_slave_1 entered promiscuous mode
[   45.034005][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.042471][  T662] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.050367][  T662] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.072463][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.080580][  T662] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.086468][   T19] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   45.087440][  T662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.102085][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.110436][  T662] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.117309][  T662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.155821][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.164204][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.183073][ T1295] syz.4.368[1295] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.183199][ T1295] syz.4.368[1295] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.217125][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.256075][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.263945][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   45.271400][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   45.280052][ T1232] device veth0_vlan entered promiscuous mode
[   45.295729][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.319252][ T1232] device veth1_macvtap entered promiscuous mode
[   45.326592][   T19] usb 2-1: Using ep0 maxpacket: 32
[   45.353045][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.366476][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   45.441446][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.464990][ T1304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.339'.
[   45.474131][  T314] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   45.478089][ T1304] device syz_tun entered promiscuous mode
[   45.487827][ T1304] device macsec1 entered promiscuous mode
[   45.494962][ T1304] device syz_tun left promiscuous mode
[   45.516472][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.524954][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.533379][  T225] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.540295][  T225] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.547963][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.557096][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.565138][  T225] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.572037][  T225] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.580349][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   45.611006][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   45.618726][   T19] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   45.618766][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   45.618786][   T19] usb 2-1: Product: syz
[   45.628883][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.647208][   T19] usb 2-1: Manufacturer: syz
[   45.648323][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   45.651640][   T19] usb 2-1: SerialNumber: syz
[   45.660239][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.682253][   T19] usb 2-1: config 0 descriptor??
[   45.703683][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   45.712310][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.726928][  T314] usb 5-1: Using ep0 maxpacket: 32
[   45.730516][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   45.740130][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.755807][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   45.764070][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   45.772350][ T1272] device veth0_vlan entered promiscuous mode
[   45.792000][ T1272] device veth1_macvtap entered promiscuous mode
[   45.799338][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   45.807504][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.816327][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   45.829237][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   45.839570][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.852206][  T328] device bridge_slave_1 left promiscuous mode
[   45.861379][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.868304][  T314] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   45.877125][  T328] device bridge_slave_0 left promiscuous mode
[   45.877239][  T314] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   45.883103][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.894065][  T314] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   45.910589][  T314] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   45.925152][  T328] device bridge_slave_1 left promiscuous mode
[   45.931565][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.940161][  T328] device bridge_slave_0 left promiscuous mode
[   45.953685][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.970190][  T328] device veth1_macvtap left promiscuous mode
[   45.976208][  T328] device veth0_vlan left promiscuous mode
[   45.982778][  T328] device veth1_macvtap left promiscuous mode
[   45.988791][  T328] device veth0_vlan left promiscuous mode
[   46.126538][  T314] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   46.135961][  T314] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   46.144475][  T314] usb 5-1: Product: syz
[   46.149161][  T314] usb 5-1: Manufacturer: syz
[   46.153632][  T314] usb 5-1: SerialNumber: syz
[   46.321420][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.329804][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.377862][   T19] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[   46.386591][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   46.410906][ T1327] device pim6reg1 entered promiscuous mode
[   46.476604][  T314] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[   46.488933][  T314] usb 5-1: found format II with max.bitrate = 0, frame size=0
[   46.510222][  T314] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[   46.526423][  T314] usb 5-1: found format II with max.bitrate = 0, frame size=0
[   46.587958][  T662] usb 2-1: USB disconnect, device number 5
[   46.606464][  T140] net eth1: rx_urb submit failed: -19
[   46.606496][  T314] usb 5-1: failed to enable PITCH for EP 0x82
[   46.636516][  T321] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   46.643079][  T314] usb 5-1: USB disconnect, device number 6
[   46.747434][ T1349] loop2: detected capacity change from 0 to 40427
[   46.757405][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   46.769646][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   46.770378][ T1349] F2FS-fs (loop2): invalid crc value
[   46.785839][   T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[   46.786930][ T1349] F2FS-fs (loop2): Found nat_bits in checkpoint
[   46.795053][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.812811][   T24] usb 4-1: config 0 descriptor??
[   46.835134][ T1349] F2FS-fs (loop2): Start checkpoint disabled!
[   46.842085][ T1349] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   46.855205][ T1349] syz.2.383: attempt to access beyond end of device
[   46.855205][ T1349] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   46.855422][   T28] kauditd_printk_skb: 19 callbacks suppressed
[   46.855439][   T28] audit: type=1400 audit(1729041253.363:279): avc:  denied  { map } for  pid=1348 comm="syz.2.383" path="/4/bus/bus" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   46.870084][ T1349] syz.2.383: attempt to access beyond end of device
[   46.870084][ T1349] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   46.876523][   T28] audit: type=1400 audit(1729041253.363:280): avc:  denied  { execute } for  pid=1348 comm="syz.2.383" path="/4/bus/bus" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   46.896992][  T321] usb 1-1: Using ep0 maxpacket: 8
[   46.915701][ T1348] syz.2.383: attempt to access beyond end of device
[   46.915701][ T1348] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   46.950521][ T1348] syz.2.383: attempt to access beyond end of device
[   46.950521][ T1348] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   46.964363][ T1348] syz.2.383: attempt to access beyond end of device
[   46.964363][ T1348] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   46.976631][ T1367] loop4: detected capacity change from 0 to 2048
[   46.978050][ T1349] syz.2.383: attempt to access beyond end of device
[   46.978050][ T1349] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   46.998382][ T1349] syz.2.383: attempt to access beyond end of device
[   46.998382][ T1349] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   47.012459][ T1349] syz.2.383: attempt to access beyond end of device
[   47.012459][ T1349] loop2: rw=0, sector=45096, nr_sectors = 8 limit=40427
[   47.014299][ T1367] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   47.051171][ T1367] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   47.065529][ T1367] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #12: comm syz.4.384: corrupted inode contents
[   47.066661][  T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   47.090091][  T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   47.093015][ T1367] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #12: comm syz.4.384: corrupted inode contents
[   47.100461][  T321] usb 1-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[   47.120934][  T321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   47.130829][ T1367] EXT4-fs error (device loop4): ext4_try_add_inline_entry:1346: inode #12: comm syz.4.384: mark_inode_dirty error
[   47.158726][  T321] usb 1-1: config 0 descriptor??
[   47.161558][ T1371] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 5: comm syz.4.384: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=68 fake=0
[   47.196952][ T1371] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #12: comm syz.4.384: corrupted inode contents
[   47.227249][ T1371] EXT4-fs error (device loop4): ext4_try_add_inline_entry:1346: inode #12: comm syz.4.384: mark_inode_dirty error
[   47.268871][ T1381] loop1: detected capacity change from 0 to 512
[   47.272525][ T1161] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /11/file0: bad entry in directory: inode out of bounds - offset=92, inode=32784, rec_len=16, size=2048 fake=0
[   47.280356][ T1383] loop2: detected capacity change from 0 to 1024
[   47.302121][ T1383] EXT4-fs: Ignoring removed orlov option
[   47.305670][ T1161] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 32: padding at end of block bitmap is not set
[   47.323982][ T1161] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6173: Corrupt filesystem
[   47.324492][ T1383] EXT4-fs (loop2): Test dummy encryption mode enabled
[   47.334196][   T24] logitech-hidpp-device 0003:046D:C086.0013: item fetching failed at offset 4/5
[   47.340230][ T1161] EXT4-fs error (device loop4): ext4_read_inline_dir:1589: inode #12: block 5: comm syz-executor: path /11/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=80, inode=0, rec_len=0, size=148 fake=0
[   47.349027][   T24] logitech-hidpp-device 0003:046D:C086.0013: hidpp_probe:parse failed
[   47.378259][   T24] logitech-hidpp-device: probe of 0003:046D:C086.0013 failed with error -22
[   47.381798][ T1383] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   47.401291][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.390: corrupted inode contents
[   47.417344][ T1381] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #3: comm syz.1.390: mark_inode_dirty error
[   47.426646][   T28] audit: type=1400 audit(1729041253.933:281): avc:  denied  { write } for  pid=1382 comm="syz.2.385" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   47.431605][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.390: corrupted inode contents
[   47.451097][   T28] audit: type=1400 audit(1729041253.933:282): avc:  denied  { add_name } for  pid=1382 comm="syz.2.385" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   47.462542][ T1381] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.390: mark_inode_dirty error
[   47.495341][ T1272] EXT4-fs (loop2): unmounting filesystem.
[   47.497102][ T1381] Quota error (device loop1): write_blk: dquota write failed
[   47.508447][ T1381] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   47.512302][ T1161] EXT4-fs (loop4): unmounting filesystem.
[   47.518432][ T1381] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.390: Failed to acquire dquot type 0
[   47.544611][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.390: corrupted inode contents
[   47.557652][ T1381] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #16: comm syz.1.390: mark_inode_dirty error
[   47.581695][  T662] usb 4-1: USB disconnect, device number 7
[   47.589451][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.390: corrupted inode contents
[   47.604068][ T1381] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.390: mark_inode_dirty error
[   47.618508][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.390: corrupted inode contents
[   47.630992][ T1381] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   47.641805][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.649810][ T1381] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.390: corrupted inode contents
[   47.650618][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.661749][ T1381] EXT4-fs error (device loop1): ext4_truncate:4302: inode #16: comm syz.1.390: mark_inode_dirty error
[   47.680241][ T1381] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   47.690572][ T1381] EXT4-fs (loop1): 1 truncate cleaned up
[   47.696146][ T1381] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   47.696270][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.712392][ T1381] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038 (0x7fffffff)
[   47.736127][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.754603][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.764683][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.779544][  T321] playstation 0003:054C:0CE6.0014: unknown main item tag 0x0
[   47.802432][  T321] playstation 0003:054C:0CE6.0014: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.0-1/input0
[   47.841982][ T1395] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.849021][ T1395] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.859661][ T1395] device bridge_slave_0 entered promiscuous mode
[   47.871149][ T1395] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.878466][ T1395] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.889590][ T1395] device bridge_slave_1 entered promiscuous mode
[   47.956532][   T28] audit: type=1400 audit(1729041254.453:283): avc:  denied  { mounton } for  pid=1380 comm="syz.1.390" path="/18/file1/file0" dev="loop1" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   48.160293][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   48.166512][  T321] playstation 0003:054C:0CE6.0014: Invalid byte count transferred, expected 20 got 0
[   48.175842][  T321] playstation 0003:054C:0CE6.0014: Failed to retrieve DualSense pairing info: -22
[   48.185233][  T321] playstation 0003:054C:0CE6.0014: Failed to get MAC address from DualSense
[   48.194791][  T321] playstation 0003:054C:0CE6.0014: Failed to create dualsense.
[   48.204397][  T321] playstation: probe of 0003:054C:0CE6.0014 failed with error -22
[   48.232357][ T1401] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   48.244339][   T28] audit: type=1400 audit(1729041254.753:284): avc:  denied  { execute } for  pid=1408 comm="syz.1.397" path="/19/file0/bus" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   48.355141][ T1412] loop3: detected capacity change from 0 to 1024
[   48.364109][ T1395] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.371035][ T1395] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.378147][ T1395] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.380349][ T1412] EXT4-fs: Ignoring removed orlov option
[   48.385024][ T1395] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.407209][ T1412] EXT4-fs (loop3): Test dummy encryption mode enabled
[   48.414186][  T358] usb 1-1: USB disconnect, device number 6
[   48.432084][ T1412] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   48.461133][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.471495][  T225] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.481874][   T28] audit: type=1400 audit(1729041254.993:285): avc:  denied  { setattr } for  pid=1411 comm="syz.3.400" name="work" dev="loop3" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   48.503663][   T28] audit: type=1400 audit(1729041254.993:286): avc:  denied  { remove_name } for  pid=1411 comm="syz.3.400" name="#16" dev="loop3" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   48.526013][  T225] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.544501][  T359] device bridge_slave_1 left promiscuous mode
[   48.551288][  T359] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.558913][ T1232] EXT4-fs (loop3): unmounting filesystem.
[   48.567384][  T359] device bridge_slave_0 left promiscuous mode
[   48.579315][  T359] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.590412][ T1417] loop3: detected capacity change from 0 to 512
[   48.597965][  T359] device veth1_macvtap left promiscuous mode
[   48.604286][  T359] device veth0_vlan left promiscuous mode
[   48.620324][ T1417] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.401: casefold flag without casefold feature
[   48.646418][  T321] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   48.657704][ T1417] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.401: missing EA_INODE flag
[   48.688255][ T1417] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.401: error while reading EA inode 12 err=-117
[   48.715887][ T1417] EXT4-fs (loop3): 1 orphan inode deleted
[   48.729055][ T1417] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   48.772079][ T1232] EXT4-fs (loop3): unmounting filesystem.
[   48.798234][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.814033][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.820975][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.833621][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.842129][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.849078][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.856707][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.889248][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   48.897702][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.905571][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.914278][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.955754][ T1395] device veth0_vlan entered promiscuous mode
[   48.964637][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.987475][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   49.011160][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   49.018687][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   49.027527][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.039439][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   49.047660][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.057854][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   49.059808][ T1426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1426 comm=syz.0.404
[   49.067798][ T1395] device veth1_macvtap entered promiscuous mode
[   49.084375][  T321] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   49.104640][  T321] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   49.113825][  T321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.122679][  T321] usb 2-1: config 0 descriptor??
[   49.128429][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   49.135954][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   49.146197][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   49.154920][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   49.164981][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   49.438639][ T1454] skb len=10605 headroom=200 headlen=10605 tailroom=21579
[   49.438639][ T1454] mac=(224,-24) net=(200,20) trans=220
[   49.438639][ T1454] shinfo(txflags=0 nr_frags=0 gso(size=0 type=0 segs=0))
[   49.438639][ T1454] csum(0x350e2a35 ip_summed=3 complete_sw=0 valid=0 level=0)
[   49.438639][ T1454] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[   49.471453][ T1454] dev name=ip6gre0 feat=0x00000006401d7869
[   49.477083][ T1454] skb linear:   00000000: 45 02 29 6d e8 df 00 00 0f 2f f9 54 ac 14 14 14
[   49.485386][ T1454] skb linear:   00000010: e0 00 00 03 00 00 08 00 bd 0b 29 55 10 82 0c 52
[   49.493761][ T1454] skb linear:   00000020: 0f 06 d4 e0 fd 00 00 00 00 a4 fe 94 2a 31 f4 85
[   49.502073][ T1454] skb linear:   00000030: 97 e3 6e 03 9b 1c 59 9d b6 e4 66 74 9c 2d 05 f6
[   49.510411][ T1454] skb linear:   00000040: 4c 83 03 a0 f7 fb da 34 fb 88 25 f8 02 00 e3 e4
[   49.518737][ T1454] skb linear:   00000050: 63 04 f7 ff 00 ff ff ca 88 00 00 00 29 6c 00 00
[   49.527074][ T1454] skb linear:   00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.535377][ T1454] skb linear:   00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.543745][ T1454] skb linear:   00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.552063][ T1454] skb linear:   00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.560422][ T1454] skb linear:   000000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.568725][ T1454] skb linear:   000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.577068][ T1454] skb linear:   000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.585368][ T1454] skb linear:   000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.593744][ T1454] skb linear:   000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.602060][ T1454] skb linear:   000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.610401][ T1454] skb linear:   00000100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   49.618724][ T1454] ------------[ cut here ]------------
[   49.623989][ T1454] offset (10605) >= skb_headlen() (10605)
[   49.629788][ T1454] WARNING: CPU: 0 PID: 1454 at net/core/dev.c:3313 skb_checksum_help+0x626/0x750
[   49.638797][ T1454] Modules linked in:
[   49.642516][ T1454] CPU: 0 PID: 1454 Comm: syz.4.416 Not tainted 6.1.99-syzkaller-00014-g4d8187d2c8fa #0
[   49.651997][ T1454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.661883][ T1454] RIP: 0010:skb_checksum_help+0x626/0x750
[   49.667446][ T1454] Code: fc ff df 48 8b 4d b8 0f b6 04 01 84 c0 0f 85 d6 00 00 00 48 8b 45 d0 2b 18 48 c7 c7 80 96 1b 86 44 89 fe 89 da e8 2a 8d 3a fd <0f> 0b bb ea ff ff ff e9 55 fd ff ff e8 f9 94 6b fd c6 05 59 69 85
[   49.686910][ T1454] RSP: 0018:ffffc9000bb66c80 EFLAGS: 00010246
[   49.692752][ T1454] RAX: c6b24b22ea4f5300 RBX: 000000000000296d RCX: 0000000000040000
[   49.700608][ T1454] RDX: ffffc900052fa000 RSI: 0000000000004ffb RDI: 0000000000004ffc
[   49.708403][ T1454] RBP: ffffc9000bb66cf0 R08: ffffffff81449dee R09: fffff5200176cce9
[   49.716198][ T1454] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000002a35
[   49.724038][ T1454] R13: ffff8881238ec780 R14: 000000000000296d R15: 000000000000296d
[   49.731838][ T1454] FS:  00007fa0997156c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   49.740611][ T1454] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   49.747038][ T1454] CR2: 000000002000e000 CR3: 000000012b73c000 CR4: 00000000003506b0
[   49.754815][ T1454] DR0: 0000000000000005 DR1: 000000000000000a DR2: 0000000000000002
[   49.762660][ T1454] DR3: 0000000000000010 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   49.770464][ T1454] Call Trace:
[   49.773556][ T1454]  <TASK>
[   49.776338][ T1454]  ? show_regs+0x58/0x60
[   49.780421][ T1454]  ? __warn+0x160/0x3d0
[   49.784406][ T1454]  ? skb_checksum_help+0x626/0x750
[   49.789394][ T1454]  ? report_bug+0x4d5/0x7d0
[   49.793694][ T1454]  ? skb_checksum_help+0x626/0x750
[   49.798679][ T1454]  ? handle_bug+0x41/0x70
[   49.802807][ T1454]  ? exc_invalid_op+0x1b/0x50
[   49.807363][ T1454]  ? asm_exc_invalid_op+0x1b/0x20
[   49.812186][ T1454]  ? __warn_printk+0x28e/0x350
[   49.816830][ T1454]  ? skb_checksum_help+0x626/0x750
[   49.821733][ T1454]  ip_do_fragment+0x18d/0x1a90
[   49.826330][ T1454]  ? ip_fragment+0x210/0x210
[   49.830754][ T1454]  ? ip_frag_next+0xa40/0xa40
[   49.835275][ T1454]  ? ipt_do_table+0x2ff/0x17c0
[   49.839917][ T1454]  ? ipt_alloc_initial_table+0x5a0/0x5a0
[   49.845344][ T1454]  ? ipt_do_table+0x2ff/0x17c0
[   49.849975][ T1454]  ip_fragment+0x123/0x210
[   49.854200][ T1454]  __ip_finish_output+0x29c/0x370
[   49.859086][ T1454]  ip_finish_output+0x31/0x2a0
[   49.863652][ T1454]  ? ip_output+0x3e1/0x420
[   49.867933][ T1454]  ip_output+0x1d6/0x420
[   49.871985][ T1454]  ? ip_finish_output+0x2a0/0x2a0
[   49.876870][ T1454]  ? ip_mc_finish_output+0x4b0/0x4b0
[   49.881969][ T1454]  ip_local_out+0x92/0xb0
[   49.886130][ T1454]  iptunnel_xmit+0x53f/0x9c0
[   49.890593][ T1454]  ip_tunnel_xmit+0x2188/0x2ac0
[   49.895256][ T1454]  ? tnl_update_pmtu+0xba0/0xba0
[   49.900045][ T1454]  ? debug_smp_processor_id+0x17/0x20
[   49.905225][ T1454]  ? kasan_quarantine_put+0x34/0x1a0
[   49.910382][ T1454]  ? gre_build_header+0x260/0x8c0
[   49.915210][ T1454]  ipgre_xmit+0x8c1/0xc80
[   49.919401][ T1454]  dev_hard_start_xmit+0x1de/0x630
[   49.924325][ T1454]  __dev_queue_xmit+0x18a4/0x36e0
[   49.929218][ T1454]  ? __dev_queue_xmit+0x2a6/0x36e0
[   49.934127][ T1454]  ? netdev_core_pick_tx+0x350/0x350
[   49.939279][ T1454]  ? virtio_net_hdr_to_skb+0x6db/0x1220
[   49.944642][ T1454]  dev_queue_xmit+0x17/0x20
[   49.949000][ T1454]  packet_sendmsg+0x48dd/0x6510
[   49.953657][ T1454]  ? avc_denied+0x1b0/0x1b0
[   49.958050][ T1454]  ? preempt_schedule+0xd9/0xe0
[   49.962685][ T1454]  ? avc_has_perm_noaudit+0x430/0x430
[   49.967916][ T1454]  ? preempt_schedule+0xd9/0xe0
[   49.972583][ T1454]  ? selinux_socket_accept+0x5b0/0x5b0
[   49.977903][ T1454]  ? packet_getsockopt+0xea0/0xea0
[   49.982824][ T1454]  ? security_socket_sendmsg+0x82/0xb0
[   49.988139][ T1454]  ? packet_getsockopt+0xea0/0xea0
[   49.993061][ T1454]  ____sys_sendmsg+0x5d3/0x9a0
[   49.997694][ T1454]  ? __sys_sendmsg_sock+0x40/0x40
[   50.002526][ T1454]  __sys_sendmsg+0x2a9/0x390
[   50.006970][ T1454]  ? ____sys_sendmsg+0x9a0/0x9a0
[   50.011735][ T1454]  ? fpregs_restore_userregs+0x130/0x290
[   50.017217][ T1454]  __x64_sys_sendmsg+0x7f/0x90
[   50.021799][ T1454]  x64_sys_call+0x16a/0x9a0
[   50.026127][ T1454]  do_syscall_64+0x3b/0xb0
[   50.030432][ T1454]  ? clear_bhb_loop+0x55/0xb0
[   50.034894][ T1454]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   50.040645][ T1454] RIP: 0033:0x7fa09897dff9
[   50.044874][ T1454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.064364][ T1454] RSP: 002b:00007fa099715038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.072592][ T1454] RAX: ffffffffffffffda RBX: 00007fa098b35f80 RCX: 00007fa09897dff9
[   50.080407][ T1454] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000006
[   50.088228][ T1454] RBP: 00007fa0989f0296 R08: 0000000000000000 R09: 0000000000000000
[   50.096086][ T1454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   50.103224][ T1460] loop3: detected capacity change from 0 to 512
[   50.103928][ T1454] R13: 0000000000000000 R14: 00007fa098b35f80 R15: 00007ffe810f4618
[   50.117821][ T1454]  </TASK>
[   50.120646][ T1454] ---[ end trace 0000000000000000 ]---
[   50.121424][ T1460] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.133933][  T321] acrux 0003:1A34:0802.0015: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[   50.147260][  T321] acrux 0003:1A34:0802.0015: no inputs found
[   50.155441][ T1460] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2810: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   50.162764][  T321] acrux 0003:1A34:0802.0015: Failed to enable force feedback support, error: -19
[   50.170432][ T1460] EXT4-fs (loop3): 1 truncate cleaned up
[   50.182904][ T1460] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   50.243087][ T1232] EXT4-fs (loop3): unmounting filesystem.
[   50.249578][  T321] usb 2-1: USB disconnect, device number 6
[   50.407217][ T1480] device veth0_vlan left promiscuous mode
[   50.413020][ T1480] device veth0_vlan entered promiscuous mode
[   50.420057][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.428597][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   50.435968][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   50.581446][ T1506] device veth0_vlan left promiscuous mode
[   50.587560][ T1506] device veth0_vlan entered promiscuous mode
[   50.667907][ T1518] loop2: detected capacity change from 0 to 1024
[   50.674479][ T1518] EXT4-fs: Ignoring removed orlov option
[   50.681062][ T1518] EXT4-fs (loop2): Test dummy encryption mode enabled
[   50.692636][ T1518] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   51.218695][ T1532] loop1: detected capacity change from 0 to 256
[   51.259889][ T1536] loop4: detected capacity change from 0 to 256
[   51.280921][ T1536] exfat: Deprecated parameter 'utf8'
[   51.288386][ T1536] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   51.406419][   T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   51.421252][ T1538] loop1: detected capacity change from 0 to 40427
[   51.436423][  T321] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   51.448473][ T1538] F2FS-fs (loop1): fault_injection options not supported
[   51.455344][ T1538] F2FS-fs (loop1): Image doesn't support compression
[   51.462361][ T1538] F2FS-fs (loop1): Image doesn't support compression
[   51.469102][ T1538] F2FS-fs (loop1): fault_type options not supported
[   51.479296][ T1538] F2FS-fs (loop1): invalid crc value
[   51.485518][ T1538] F2FS-fs (loop1): Found nat_bits in checkpoint
[   51.533422][ T1272] EXT4-fs (loop2): unmounting filesystem.
[   51.580505][ T1538] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   51.623294][ T1125] bio_check_eod: 2 callbacks suppressed
[   51.623311][ T1125] syz-executor: attempt to access beyond end of device
[   51.623311][ T1125] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   51.644375][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.651264][ T1542] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.658614][ T1542] device bridge_slave_0 entered promiscuous mode
[   51.665994][ T1542] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.672920][   T24] usb 4-1: Using ep0 maxpacket: 16
[   51.678294][ T1542] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.687197][ T1542] device bridge_slave_1 entered promiscuous mode
[   51.796468][  T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   51.797028][   T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.817706][  T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   51.845339][   T24] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[   51.849280][  T321] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   51.855680][ T1542] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.871156][  T321] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   51.871578][ T1542] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.894352][  T321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.894386][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.909001][ T1542] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.916803][   T24] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   51.920987][  T321] usb 1-1: config 0 descriptor??
[   51.930311][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   51.943944][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.956530][ T1528] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   51.976468][ T1526] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   51.997286][   T24] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[   52.033745][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.041834][  T662] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.049293][  T662] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.067388][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.075948][  T662] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.083050][  T662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.096837][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.105927][  T662] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.107078][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.112810][  T662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.125372][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.137819][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.145052][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.145364][  T328] device bridge_slave_1 left promiscuous mode
[   52.152348][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.158683][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.165442][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.179649][  T328] device bridge_slave_0 left promiscuous mode
[   52.180607][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.185684][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.192968][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.206979][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.214213][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.214319][  T328] device veth1_macvtap left promiscuous mode
[   52.221446][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.228258][   T24] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[   52.234732][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.240465][  T328] device veth0_vlan left promiscuous mode
[   52.247562][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.254700][   T24] usb 4-1: USB disconnect, device number 8
[   52.260324][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.272955][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.280117][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.287306][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.294481][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.301741][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.308934][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.316102][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.323373][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.330696][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.337965][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.345653][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.352960][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.360192][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.367449][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.374762][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.382052][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.389196][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.396392][  T382] hid-generic 0000:04AD:0000.0016: unknown main item tag 0x0
[   52.407344][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.414656][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.426874][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.428523][  T382] hid-generic 0000:04AD:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   52.441648][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.444681][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.470436][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.473770][ T1350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   52.478293][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.490837][ T1350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.499435][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.505712][ T1542] device veth0_vlan entered promiscuous mode
[   52.508216][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.515612][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   52.521040][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.533901][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.535666][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.550490][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.550522][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.558235][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   52.565368][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.572565][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   52.579439][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.587979][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.594337][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.603380][ T1542] device veth1_macvtap entered promiscuous mode
[   52.609282][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.622575][  T321] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[   52.623375][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   52.630283][  T321] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[   52.638231][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   52.647449][  T321] plantronics 0003:047F:FFFF.0017: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   52.652790][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.673707][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   52.682591][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   52.721490][ T1583] loop4: detected capacity change from 0 to 256
[   52.728701][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.743783][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.750755][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.757994][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.764742][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.771706][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.778369][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.784948][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.792114][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.798927][ T1583] FAT-fs (loop4): Directory bread(block 1285) failed
[   52.816462][   T19] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   52.823081][ T1585] netlink: 4 bytes leftover after parsing attributes in process `syz.4.469'.
[   52.833433][ T1585] netlink: 12 bytes leftover after parsing attributes in process `syz.4.469'.
[   52.861330][ T1587] loop4: detected capacity change from 0 to 512
[   52.878956][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #3: comm syz.4.470: corrupted inode contents
[   52.891038][ T1587] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #3: comm syz.4.470: mark_inode_dirty error
[   52.902460][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #3: comm syz.4.470: corrupted inode contents
[   52.914251][ T1587] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.470: mark_inode_dirty error
[   52.925564][ T1587] __quota_error: 47 callbacks suppressed
[   52.925577][ T1587] Quota error (device loop4): write_blk: dquota write failed
[   52.938323][  T225] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   52.945392][ T1587] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   52.956330][ T1587] EXT4-fs error (device loop4): ext4_acquire_dquot:6764: comm syz.4.470: Failed to acquire dquot type 0
[   52.968258][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.470: corrupted inode contents
[   52.980263][ T1587] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #16: comm syz.4.470: mark_inode_dirty error
[   52.991736][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.470: corrupted inode contents
[   53.003781][ T1587] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.470: mark_inode_dirty error
[   53.015053][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.470: corrupted inode contents
[   53.027024][ T1587] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   53.035558][ T1587] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.470: corrupted inode contents
[   53.047460][ T1587] EXT4-fs error (device loop4): ext4_truncate:4302: inode #16: comm syz.4.470: mark_inode_dirty error
[   53.058588][ T1587] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   53.068053][ T1587] EXT4-fs (loop4): 1 truncate cleaned up
[   53.073616][ T1587] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   53.082342][ T1587] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[   53.186498][   T19] usb 3-1: config 0 has no interfaces?
[   53.191925][   T19] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   53.201212][  T225] usb 2-1: Using ep0 maxpacket: 8
[   53.432373][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.441122][   T19] usb 3-1: config 0 descriptor??
[   53.546498][  T225] usb 2-1: config 0 has no interfaces?
[   53.706853][  T225] usb 2-1: New USB device found, idVendor=05ac, idProduct=5b13, bcdDevice=92.39
[   53.715923][  T225] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.725301][ T1542] EXT4-fs (loop4): unmounting filesystem.
[   53.730988][  T225] usb 2-1: Product: syz
[   53.734981][  T225] usb 2-1: Manufacturer: syz
[   53.739553][  T225] usb 2-1: SerialNumber: syz
[   53.744888][  T225] usb 2-1: config 0 descriptor??
[   53.762107][ T1599] loop4: detected capacity change from 0 to 1024
[   53.768883][ T1599] EXT4-fs: Ignoring removed orlov option
[   53.774744][ T1599] EXT4-fs (loop4): Test dummy encryption mode enabled
[   53.783427][ T1599] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   53.814264][ T1602] loop3: detected capacity change from 0 to 512
[   53.821297][ T1602] EXT4-fs (loop3): Test dummy encryption mode enabled
[   53.833219][ T1602] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.473: invalid block
[   53.844472][ T1602] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.473: couldn't read orphan inode 11 (err -117)
[   53.856507][ T1602] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   53.893317][ T1232] EXT4-fs (loop3): unmounting filesystem.
[   53.899107][   T19] usb 1-1: reset high-speed USB device number 7 using dummy_hcd
[   53.920056][ T1606] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   54.230003][ T1613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.238362][ T1613] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.619858][ T1542] EXT4-fs (loop4): unmounting filesystem.
[   54.636475][   T19] usb 1-1: device descriptor read/64, error -71
[   54.737645][   T28] audit: type=1400 audit(1729041261.253:334): avc:  denied  { connect } for  pid=1620 comm="syz.4.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.758589][  T382] usb 2-1: USB disconnect, device number 7
[   54.950360][   T28] audit: type=1400 audit(1729041261.463:335): avc:  denied  { ioctl } for  pid=1631 comm="syz.4.483" path="/11/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   54.950370][ T1632] incfs_lookup_dentry err:-13
[   54.958795][ T1625] loop1: detected capacity change from 0 to 40427
[   54.976893][ T1632] Error opening source file
[   54.992668][ T1625] F2FS-fs (loop1): Invalid SB checksum offset: 0
[   54.999521][ T1625] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   55.012517][ T1625] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   55.019380][ T1637] loop4: detected capacity change from 0 to 512
[   55.036644][   T19] usb 1-1: device firmware changed
[   55.041740][  T225] usb 1-1: USB disconnect, device number 7
[   55.047639][ T1637] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   55.059623][ T1637] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.060902][ T1625] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   55.075962][ T1637] EXT4-fs (loop4): 1 orphan inode deleted
[   55.076163][ T1625] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   55.082289][ T1637] EXT4-fs (loop4): 1 truncate cleaned up
[   55.100313][   T24] usb 3-1: USB disconnect, device number 7
[   55.107555][ T1637] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   55.124069][ T1625] syz.1.479: attempt to access beyond end of device
[   55.124069][ T1625] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   55.148547][ T1625] syz.1.479: attempt to access beyond end of device
[   55.148547][ T1625] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   55.149259][ T1542] EXT4-fs (loop4): unmounting filesystem.
[   55.180576][ T1625] syz.1.479: attempt to access beyond end of device
[   55.180576][ T1625] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   55.182032][ T1644] loop2: detected capacity change from 0 to 512
[   55.194331][ T1625] syz.1.479: attempt to access beyond end of device
[   55.194331][ T1625] loop1: rw=2049, sector=45112, nr_sectors = 48 limit=40427
[   55.206818][  T225] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   55.214579][ T1625] syz.1.479: attempt to access beyond end of device
[   55.214579][ T1625] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   55.237067][ T1644] EXT4-fs (loop2): 1 truncate cleaned up
[   55.242550][ T1644] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   55.269647][ T1125] syz-executor: attempt to access beyond end of device
[   55.269647][ T1125] loop1: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[   55.277642][ T1644] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz.2.486: corrupt xattr in inline inode
[   55.299239][ T1649] device ip6gretap1 entered promiscuous mode
[   55.306246][ T1644] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz.2.486: corrupted in-inode xattr
[   55.339685][ T1272] EXT4-fs error (device loop2): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[   55.360894][ T1272] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic e, entries 0, max 15(0), depth 0(0)
[   55.413595][ T1272] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic e, entries 0, max 15(0), depth 0(0)
[   55.451933][ T1656] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   55.533316][ T1272] EXT4-fs (loop2): unmounting filesystem.
[   55.576490][  T225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   55.586038][  T225] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[   55.664509][   T28] audit: type=1400 audit(1729041262.173:336): avc:  denied  { mounton } for  pid=1672 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   55.707543][ T1672] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.714419][ T1672] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.721760][ T1672] device bridge_slave_0 entered promiscuous mode
[   55.730370][ T1672] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.737305][ T1672] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.744601][ T1672] device bridge_slave_1 entered promiscuous mode
[   55.766565][  T225] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[   55.775749][  T225] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.783963][  T225] usb 1-1: Product: syz
[   55.788058][  T225] usb 1-1: Manufacturer: syz
[   55.792392][  T225] usb 1-1: SerialNumber: syz
[   55.795616][ T1681] loop4: detected capacity change from 0 to 1024
[   55.797608][  T225] usb 1-1: config 0 descriptor??
[   55.826853][   T28] audit: type=1400 audit(1729041262.343:337): avc:  denied  { remount } for  pid=1680 comm="syz.4.503" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   55.841748][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.852244][   T28] audit: type=1400 audit(1729041262.343:338): avc:  denied  { write } for  pid=1680 comm="syz.4.503" name="/" dev="overlay" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   55.858135][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.879372][   T28] audit: type=1400 audit(1729041262.343:339): avc:  denied  { add_name } for  pid=1680 comm="syz.4.503" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   55.889474][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.908792][ T1350] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   55.919726][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.930744][   T28] audit: type=1400 audit(1729041262.343:340): avc:  denied  { read write } for  pid=1680 comm="syz.4.503" name="file0" dev="overlay" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   55.937858][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.959184][ T1608] Bluetooth: hci0: command 0x1003 tx timeout
[   55.975002][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   55.981322][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   55.982020][   T28] audit: type=1400 audit(1729041262.343:341): avc:  denied  { open } for  pid=1680 comm="syz.4.503" path="/23/file1/bus/file0" dev="overlay" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   55.993706][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   56.027473][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   56.041817][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   56.052813][ T1542] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size
[   56.064504][ T1686] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   56.096674][ T1672] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.103542][ T1672] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.110716][ T1672] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.113716][  T225] snd-usb-audio: probe of 1-1:0.0 failed with error -12
[   56.117585][ T1672] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.154365][  T225] usb 1-1: USB disconnect, device number 8
[   56.158242][  T319] udevd[319]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   56.165108][ T1688] cgroup: fork rejected by pids controller in /syz3
[   56.205585][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.213715][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.220968][ T1350] usb 2-1: Using ep0 maxpacket: 32
[   56.237275][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.257113][  T356] device bridge_slave_1 left promiscuous mode
[   56.263084][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.271856][  T356] device bridge_slave_0 left promiscuous mode
[   56.278278][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.287016][  T356] device veth1_macvtap left promiscuous mode
[   56.292940][  T356] device veth0_vlan left promiscuous mode
[   56.336563][ T1350] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   56.355382][ T1350] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   56.365807][ T1350] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   56.391755][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.399901][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.406751][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.414138][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.422115][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.428970][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.436211][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.458581][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.481056][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   56.489503][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.523591][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   56.531999][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.536602][ T1350] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   56.541534][ T1672] device veth0_vlan entered promiscuous mode
[   56.555058][ T1692] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.556672][ T1350] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.562526][ T1692] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.575200][ T1350] usb 2-1: Product: syz
[   56.578825][ T1692] device bridge_slave_0 entered promiscuous mode
[   56.580571][ T1350] usb 2-1: Manufacturer: syz
[   56.589398][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.599316][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.606441][ T1350] usb 2-1: SerialNumber: syz
[   56.621532][ T1692] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.629293][ T1692] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.639946][ T1692] device bridge_slave_1 entered promiscuous mode
[   56.650116][ T1672] device veth1_macvtap entered promiscuous mode
[   56.657509][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   56.665592][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.674490][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   56.723770][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.734036][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.742717][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.752129][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.801434][ T1708] loop2: detected capacity change from 0 to 256
[   56.827347][ T1708] loop2: detected capacity change from 256 to 253
[   56.844410][ T1710] serio: Serial port pts0
[   56.864163][ T1702] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.871220][ T1702] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.878644][ T1702] device bridge_slave_0 entered promiscuous mode
[   56.901229][ T1702] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.909185][ T1702] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.917458][ T1702] device bridge_slave_1 entered promiscuous mode
[   56.956518][ T1350] usb 2-1: 0:2 : does not exist
[   56.964753][ T1692] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.971639][ T1692] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.978745][ T1692] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.985594][ T1692] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.003852][ T1350] usb 2-1: USB disconnect, device number 8
[   57.075542][ T1702] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.082432][ T1702] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.089569][ T1702] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.096438][ T1702] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.109371][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.117213][  T662] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.124313][  T662] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.131890][  T662] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.138980][  T662] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.155752][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.163775][  T225] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.170661][  T225] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.178767][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.187615][  T225] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.194469][  T225] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.201736][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.209719][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.249932][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.266549][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   57.285545][ T1692] device veth0_vlan entered promiscuous mode
[   57.297241][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.305220][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.314156][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.322533][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   57.330609][  T225] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.337463][  T225] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.344652][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.346476][   T39] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   57.352833][  T225] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.366603][  T225] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.400560][ T1350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.409706][ T1350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.419173][ T1692] device veth1_macvtap entered promiscuous mode
[   57.447322][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.458139][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.462161][ T1728] loop1: detected capacity change from 0 to 4096
[   57.498607][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.525705][ T1702] device veth0_vlan entered promiscuous mode
[   57.544466][ T1725] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.551843][ T1725] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.559415][ T1725] device bridge_slave_0 entered promiscuous mode
[   57.566036][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   57.574279][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.582483][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   57.593977][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.602660][  T356] device bridge_slave_1 left promiscuous mode
[   57.614217][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.623428][  T356] device bridge_slave_0 left promiscuous mode
[   57.635847][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.644191][  T356] device bridge_slave_1 left promiscuous mode
[   57.650230][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.657879][  T356] device bridge_slave_0 left promiscuous mode
[   57.663838][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.671832][  T356] device veth1_macvtap left promiscuous mode
[   57.677720][  T356] device veth0_vlan left promiscuous mode
[   57.683539][  T356] device veth1_macvtap left promiscuous mode
[   57.689437][  T356] device veth0_vlan left promiscuous mode
[   57.716651][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.727418][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.736959][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=c70e, bcdDevice= 0.00
[   57.745897][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.761164][   T39] usb 1-1: config 0 descriptor??
[   57.806480][  T382] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   57.879774][ T1725] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.886688][ T1725] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.893834][ T1725] device bridge_slave_1 entered promiscuous mode
[   57.904060][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.911514][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.930077][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   57.938289][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.958560][ T1702] device veth1_macvtap entered promiscuous mode
[   57.982264][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   57.989897][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   57.998356][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.018407][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.026743][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.078066][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.085305][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.108554][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.116662][  T662] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.123500][  T662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.131970][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.139984][  T662] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.146837][  T662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.153982][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.161809][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.166462][  T382] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[   58.169905][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   58.194895][ T1725] device veth0_vlan entered promiscuous mode
[   58.202883][  T382] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   58.215650][ T1745] input: syz1 as /devices/virtual/input/input10
[   58.218843][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.232900][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.245978][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.248835][   T39] logitech-djreceiver 0003:046D:C70E.0018: unexpected long global item
[   58.253498][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.274667][ T1725] device veth1_macvtap entered promiscuous mode
[   58.281473][   T39] logitech-djreceiver 0003:046D:C70E.0018: logi_dj_probe: parse failed
[   58.296442][   T39] logitech-djreceiver: probe of 0003:046D:C70E.0018 failed with error -22
[   58.301064][ T1747] loop3: detected capacity change from 0 to 4096
[   58.311167][  T382] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   58.322257][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.322472][  T382] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   58.332880][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.346063][  T382] usb 5-1: SerialNumber: syz
[   58.347382][  T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.361920][ T1747] EXT4-fs (loop3): shut down requested (2)
[   58.368734][ T1747] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[   58.386162][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.395279][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.404203][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.413077][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.421938][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.431486][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.440641][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[   58.450216][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   58.458053][ T1751] loop2: detected capacity change from 0 to 512
[   58.468868][   T19] usb 1-1: USB disconnect, device number 9
[   58.481989][ T1751] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   58.491809][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   58.501046][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   58.512512][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   58.521573][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   58.522507][ T1756] loop1: detected capacity change from 0 to 512
[   58.530318][ T1702] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   58.555477][ T1756] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   58.566946][ T1751] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   58.568533][ T1756] EXT4-fs (loop1): 1 truncate cleaned up
[   58.581973][ T1751] EXT4-fs (loop2): 1 truncate cleaned up
[   58.637956][  T382] usb 5-1: 0:2 : does not exist
[   58.649702][  T382] usb 5-1: USB disconnect, device number 7
[   58.761719][   T28] kauditd_printk_skb: 8 callbacks suppressed
[   58.761737][   T28] audit: type=1400 audit(1729041265.273:350): avc:  denied  { map } for  pid=1772 comm="syz.1.539" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   58.803351][   T28] audit: type=1400 audit(1729041265.303:351): avc:  denied  { connect } for  pid=1770 comm="syz.2.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.831308][ T1775] loop1: detected capacity change from 0 to 128
[   58.838304][   T28] audit: type=1400 audit(1729041265.303:352): avc:  denied  { call } for  pid=1772 comm="syz.1.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   58.866828][  T320] udevd[320]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   58.867446][ T1775] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038 (0x7fffffff)
[   58.932466][ T1775] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[   58.984629][ T1776] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.991673][ T1776] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.999412][ T1776] device bridge_slave_0 entered promiscuous mode
[   59.009320][ T1776] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.016247][ T1776] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.024516][ T1776] device bridge_slave_1 entered promiscuous mode
[   59.037568][  T356] device bridge_slave_1 left promiscuous mode
[   59.043833][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.051710][  T356] device bridge_slave_0 left promiscuous mode
[   59.057823][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.065894][  T356] device veth1_macvtap left promiscuous mode
[   59.072594][  T356] device veth0_vlan left promiscuous mode
[   59.298857][ T1776] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.305745][ T1776] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.313034][ T1776] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.319902][ T1776] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.321841][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   59.353107][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.362409][  T382] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.370202][  T382] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.376992][ T1800] loop1: detected capacity change from 0 to 40427
[   59.383915][ T1800] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   59.394582][ T1800] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   59.406046][ T1800] F2FS-fs (loop1): invalid crc value
[   59.411853][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.413048][ T1800] F2FS-fs (loop1): Found nat_bits in checkpoint
[   59.420098][  T321] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.432855][  T321] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.440317][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.449630][  T321] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.456514][  T321] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.471634][ T1800] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   59.478748][ T1800] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   59.487194][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.495104][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.506948][   T19] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   59.513988][   T28] audit: type=1400 audit(1729041266.023:353): avc:  denied  { rename } for  pid=1799 comm="syz.1.549" name="file0" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   59.529315][ T1800] syz.1.549: attempt to access beyond end of device
[   59.529315][ T1800] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   59.557312][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   59.565672][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.575070][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   59.583197][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.591463][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.598905][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.607720][ T1776] device veth0_vlan entered promiscuous mode
[   59.623199][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   59.631581][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.641833][ T1776] device veth1_macvtap entered promiscuous mode
[   59.665542][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   59.673493][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.681895][  T225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.699189][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.709584][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.756464][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   59.766513][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   59.806525][   T19] usb 5-1: too many configurations: 65, using maximum allowed: 8
[   59.858296][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   59.876759][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   59.884984][   T24] usb 3-1: SerialNumber: syz
[   59.962178][ T1826] netlink: 'syz.0.555': attribute type 12 has an invalid length.
[   60.041850][ T1829] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   60.137176][   T24] usb 3-1: 0:2 : does not exist
[   60.212201][  T356] device bridge_slave_1 left promiscuous mode
[   60.218518][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.229323][  T356] device bridge_slave_0 left promiscuous mode
[   60.235587][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.242994][   T39] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   60.254617][  T356] device veth1_macvtap left promiscuous mode
[   60.262573][  T356] device veth0_vlan left promiscuous mode
[   60.446504][   T19] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[   60.455443][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.510970][   T39] usb 1-1: Using ep0 maxpacket: 8
[   60.514872][ T1848] loop3: detected capacity change from 0 to 512
[   60.531654][ T1848] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz.3.562: bad orphan inode 17
[   60.541618][ T1848] ext4_test_bit(bit=16, block=4) = 1
[   60.547165][ T1848] is_bad_inode(inode)=0
[   60.551160][ T1848] NEXT_ORPHAN(inode)=0
[   60.555097][ T1848] max_ino=32
[   60.558137][ T1848] i_nlink=1
[   60.568821][   T24] usb 3-1: USB disconnect, device number 8
[   60.597878][ T1848] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.562: bg 0: block 7: invalid block bitmap
[   60.636806][   T39] usb 1-1: config 0 has no interfaces?
[   60.645254][   T39] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   60.655514][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.664113][   T39] usb 1-1: config 0 descriptor??
[   60.680224][ T1860] loop1: detected capacity change from 0 to 512
[   60.698338][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.567: corrupted inode contents
[   60.710066][ T1860] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #3: comm syz.1.567: mark_inode_dirty error
[   60.723494][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.567: corrupted inode contents
[   60.736103][ T1860] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.567: mark_inode_dirty error
[   60.750172][ T1860] Quota error (device loop1): write_blk: dquota write failed
[   60.759712][ T1860] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   60.769618][ T1860] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.567: Failed to acquire dquot type 0
[   60.781260][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.567: corrupted inode contents
[   60.794486][ T1860] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #16: comm syz.1.567: mark_inode_dirty error
[   60.806326][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.567: corrupted inode contents
[   60.819335][ T1860] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.567: mark_inode_dirty error
[   60.831432][   T28] audit: type=1400 audit(1729041267.343:354): avc:  denied  { create } for  pid=1865 comm="syz.3.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   60.833180][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.567: corrupted inode contents
[   60.851059][   T28] audit: type=1400 audit(1729041267.343:355): avc:  denied  { setopt } for  pid=1865 comm="syz.3.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   60.862893][ T1860] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   60.881720][   T28] audit: type=1400 audit(1729041267.343:356): avc:  denied  { ioctl } for  pid=1865 comm="syz.3.569" path="socket:[27164]" dev="sockfs" ino=27164 ioctlcmd=0x8912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   60.890230][ T1860] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.567: corrupted inode contents
[   60.916790][   T28] audit: type=1400 audit(1729041267.343:357): avc:  denied  { write } for  pid=1865 comm="syz.3.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   60.930077][ T1860] EXT4-fs error (device loop1): ext4_truncate:4302: inode #16: comm syz.1.567: mark_inode_dirty error
[   60.955493][ T1860] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   60.964724][ T1860] EXT4-fs (loop1): 1 truncate cleaned up
[   60.970397][ T1860] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038 (0x7fffffff)
[   60.980230][   T19] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[   60.987231][   T19] usb 5-1: No valid video chain found.
[   61.039650][ T1868] capability: warning: `syz.3.570' uses deprecated v2 capabilities in a way that may be insecure
[   61.216250][ T1350] usb 5-1: USB disconnect, device number 8
[   61.470684][ T1888] loop2: detected capacity change from 0 to 1024
[   61.477363][ T1888] EXT4-fs: Ignoring removed orlov option
[   61.487605][ T1886] loop3: detected capacity change from 0 to 512
[   61.496471][ T1886] EXT4-fs (loop3): orphan cleanup on readonly fs
[   61.503781][ T1886] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.577: bg 0: block 248: padding at end of block bitmap is not set
[   61.518496][ T1886] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.577: Failed to acquire dquot type 1
[   61.530664][ T1886] EXT4-fs (loop3): 1 truncate cleaned up
[   61.693570][ T1900] loop1: detected capacity change from 0 to 1024
[   61.700191][ T1900] EXT4-fs: Ignoring removed oldalloc option
[   61.709710][ T1900] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   61.713351][ T1902] loop3: detected capacity change from 0 to 256
[   61.727392][ T1902] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.744869][ T1902] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   61.750753][ T1906] loop4: detected capacity change from 0 to 512
[   61.792786][ T1906] EXT4-fs (loop4): 1 truncate cleaned up
[   62.120956][ T1920] loop3: detected capacity change from 0 to 512
[   62.148830][ T1918] loop1: detected capacity change from 0 to 40427
[   62.148918][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #3: comm syz.3.589: corrupted inode contents
[   62.160414][ T1918] F2FS-fs (loop1): invalid crc value
[   62.171791][ T1920] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #3: comm syz.3.589: mark_inode_dirty error
[   62.177362][ T1918] F2FS-fs (loop1): Found nat_bits in checkpoint
[   62.183672][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #3: comm syz.3.589: corrupted inode contents
[   62.201036][ T1920] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.589: mark_inode_dirty error
[   62.212807][ T1920] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.589: Failed to acquire dquot type 0
[   62.224713][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.589: corrupted inode contents
[   62.231767][ T1918] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[   62.237480][ T1920] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #16: comm syz.3.589: mark_inode_dirty error
[   62.255499][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.589: corrupted inode contents
[   62.267839][ T1920] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.589: mark_inode_dirty error
[   62.279146][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.589: corrupted inode contents
[   62.291013][ T1920] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   62.304113][ T1920] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #16: comm syz.3.589: corrupted inode contents
[   62.305545][ T1918] syz.1.588: attempt to access beyond end of device
[   62.305545][ T1918] loop1: rw=1, sector=45096, nr_sectors = 8 limit=40427
[   62.328960][ T1920] EXT4-fs error (device loop3): ext4_truncate:4302: inode #16: comm syz.3.589: mark_inode_dirty error
[   62.343486][ T1928] loop2: detected capacity change from 0 to 512
[   62.345971][ T1920] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   62.358289][ T1928] EXT4-fs: Ignoring removed orlov option
[   62.369047][ T1920] EXT4-fs (loop3): 1 truncate cleaned up
[   62.374670][ T1920] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038 (0x7fffffff)
[   62.374910][ T1125] syz-executor: attempt to access beyond end of device
[   62.374910][ T1125] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   62.400447][ T1928] ext4 filesystem being mounted at /10/bus supports timestamps until 2038 (0x7fffffff)
[   62.968335][   T39] usb 1-1: USB disconnect, device number 10
[   63.976376][    C1] sched: RT throttling activated
[   63.976376][    C0] sched: RT throttling activated
[   64.029722][ T1776] EXT4-fs unmount: 27 callbacks suppressed
[   64.029743][ T1776] EXT4-fs (loop3): unmounting filesystem.
[   64.186653][ T1949] loop2: detected capacity change from 0 to 40427
[   64.193405][ T1949] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   64.201217][ T1949] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   64.210020][ T1949] F2FS-fs (loop2): invalid crc value
[   64.216685][ T1949] F2FS-fs (loop2): Found nat_bits in checkpoint
[   64.251497][ T1949] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   64.258460][ T1949] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   64.278784][ T1949] syz.2.598: attempt to access beyond end of device
[   64.278784][ T1949] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   64.293794][ T1949] syz.2.598: attempt to access beyond end of device
[   64.293794][ T1949] loop2: rw=34817, sector=45096, nr_sectors = 128 limit=40427
[   64.310864][ T1949] syz.2.598: attempt to access beyond end of device
[   64.310864][ T1949] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   64.325151][ T1949] syz.2.598: attempt to access beyond end of device
[   64.325151][ T1949] loop2: rw=2049, sector=77824, nr_sectors = 416 limit=40427
[   64.326479][ T1350] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   64.351899][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   64.361124][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   64.369937][  T321] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   64.406489][   T39] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   64.596638][ T1350] usb 5-1: Using ep0 maxpacket: 32
[   64.635547][ T1964] loop1: detected capacity change from 0 to 2048
[   64.647505][ T1964] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c018, mo2=0002]
[   64.655436][ T1964] System zones: 0-7
[   64.659745][ T1964] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   64.676511][   T39] usb 1-1: Using ep0 maxpacket: 16
[   64.682703][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   64.726562][ T1350] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   64.735063][ T1350] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   64.736484][  T321] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[   64.745394][ T1350] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   64.775675][  T321] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   64.816447][  T382] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   64.856538][  T321] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   64.865411][  T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   64.873429][  T321] usb 4-1: SerialNumber: syz
[   64.876446][   T39] usb 1-1: unable to get BOS descriptor or descriptor too short
[   64.885643][ T1968] loop1: detected capacity change from 0 to 40427
[   64.893503][ T1968] F2FS-fs (loop1): invalid crc value
[   64.900575][ T1968] F2FS-fs (loop1): Found nat_bits in checkpoint
[   64.934772][ T1968] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   64.942355][ T1350] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   64.951337][ T1350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.959291][   T39] usb 1-1: config 4 has an invalid interface number: 38 but max is 0
[   64.967193][   T39] usb 1-1: config 4 has no interface number 0
[   64.973104][ T1350] usb 5-1: Product: syz
[   64.977111][ T1350] usb 5-1: Manufacturer: syz
[   64.981493][ T1350] usb 5-1: SerialNumber: syz
[   64.985952][   T39] usb 1-1: config 4 interface 38 has no altsetting 0
[   65.166529][   T39] usb 1-1: New USB device found, idVendor=19ab, idProduct=1000, bcdDevice= 1.18
[   65.175437][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.183249][   T39] usb 1-1: Product: syz
[   65.186606][  T382] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   65.187265][   T39] usb 1-1: Manufacturer: syz
[   65.198289][  T382] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   65.202306][   T39] usb 1-1: SerialNumber: syz
[   65.212234][  T382] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[   65.225212][  T382] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.233786][  T382] usb 3-1: config 0 descriptor??
[   65.306509][ T1350] usb 5-1: 0:2 : does not exist
[   65.312171][  T321] usb 4-1: 0:2 : does not exist
[   65.316228][ T1350] usb 5-1: USB disconnect, device number 9
[   65.326572][  T319] udevd[319]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   65.336970][  T321] usb 4-1: USB disconnect, device number 9
[   65.566771][   T39] usb 1-1: Found UVC 0.00 device syz (19ab:1000)
[   65.572956][   T39] usb 1-1: No valid video chain found.
[   65.579640][   T39] usb 1-1: USB disconnect, device number 11
[   65.640106][   T28] kauditd_printk_skb: 10 callbacks suppressed
[   65.640123][   T28] audit: type=1326 audit(1729041272.153:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.646452][ T1975] usb usb8: usbfs: process 1975 (syz.1.604) did not claim interface 0 before use
[   65.684880][   T28] audit: type=1326 audit(1729041272.153:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.717372][   T28] audit: type=1326 audit(1729041272.153:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.727953][  T382] logitech-hidpp-device 0003:046D:C086.0019: unknown main item tag 0x0
[   65.741542][   T28] audit: type=1326 audit(1729041272.153:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.751333][  T382] logitech-hidpp-device 0003:046D:C086.0019: unknown main item tag 0x0
[   65.774054][   T28] audit: type=1326 audit(1729041272.153:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.779971][  T382] logitech-hidpp-device 0003:046D:C086.0019: unknown main item tag 0x4
[   65.804276][   T28] audit: type=1326 audit(1729041272.153:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb92e37c990 code=0x7ffc0000
[   65.830522][  T382] logitech-hidpp-device 0003:046D:C086.0019: unknown main item tag 0x0
[   65.834987][   T28] audit: type=1326 audit(1729041272.153:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb92e37c990 code=0x7ffc0000
[   65.846132][ T1981] loop4: detected capacity change from 0 to 512
[   65.866223][   T28] audit: type=1326 audit(1729041272.153:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.895219][   T28] audit: type=1326 audit(1729041272.153:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.900630][  T382] logitech-hidpp-device 0003:046D:C086.0019: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.2-1/input0
[   65.921818][ T1983] loop1: detected capacity change from 0 to 128
[   65.942113][   T28] audit: type=1326 audit(1729041272.153:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1974 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92e37dff9 code=0x7ffc0000
[   65.956178][  T382] usb 3-1: USB disconnect, device number 9
[   65.974249][ T1983] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   65.981121][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #3: comm syz.4.608: corrupted inode contents
[   65.989149][ T1983] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038 (0x7fffffff)
[   66.000897][ T1981] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #3: comm syz.4.608: mark_inode_dirty error
[   66.024565][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #3: comm syz.4.608: corrupted inode contents
[   66.029096][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   66.056625][ T1981] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.608: mark_inode_dirty error
[   66.086217][ T1981] EXT4-fs error (device loop4): ext4_acquire_dquot:6764: comm syz.4.608: Failed to acquire dquot type 0
[   66.098715][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.608: corrupted inode contents
[   66.113776][ T1981] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #16: comm syz.4.608: mark_inode_dirty error
[   66.115383][ T1991] netlink: 12 bytes leftover after parsing attributes in process `syz.0.611'.
[   66.125764][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.608: corrupted inode contents
[   66.135259][ T1991] tipc: Started in network mode
[   66.151000][ T1991] tipc: Node identity cgroup.pn, cluster identity 8
[   66.162899][ T1981] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.608: mark_inode_dirty error
[   66.174987][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.608: corrupted inode contents
[   66.186862][ T1981] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   66.195488][ T1981] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #16: comm syz.4.608: corrupted inode contents
[   66.207899][ T1981] EXT4-fs error (device loop4): ext4_truncate:4302: inode #16: comm syz.4.608: mark_inode_dirty error
[   66.219489][ T1981] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   66.229081][ T1981] EXT4-fs (loop4): 1 truncate cleaned up
[   66.234793][ T1981] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   66.243654][ T1981] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038 (0x7fffffff)
[   66.285133][ T1997] kvm: vcpu 0: requested 88 ns lapic timer period limited to 200000 ns
[   66.353898][ T2007] loop1: detected capacity change from 0 to 256
[   66.743846][ T1692] EXT4-fs (loop4): unmounting filesystem.
[   66.776581][ T2016] loop2: detected capacity change from 0 to 128
[   66.795280][ T2016] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   66.808121][ T2014] device pim6reg1 entered promiscuous mode
[   66.813932][ T2016] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038 (0x7fffffff)
[   66.869899][ T1725] EXT4-fs (loop2): unmounting filesystem.
[   67.025005][ T2049] loop1: detected capacity change from 0 to 512
[   67.047203][ T2036] process 'syz.4.629' launched './file0' with NULL argv: empty string added
[   67.061033][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.633: corrupted inode contents
[   67.073485][ T2049] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #3: comm syz.1.633: mark_inode_dirty error
[   67.085427][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.633: corrupted inode contents
[   67.092956][ T2054] loop4: detected capacity change from 0 to 1024
[   67.103319][ T2049] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.633: mark_inode_dirty error
[   67.115718][ T2049] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.633: Failed to acquire dquot type 0
[   67.127973][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.633: corrupted inode contents
[   67.140225][ T2049] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #16: comm syz.1.633: mark_inode_dirty error
[   67.141267][ T2054] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   67.152415][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.633: corrupted inode contents
[   67.171608][ T2049] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.633: mark_inode_dirty error
[   67.183193][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.633: corrupted inode contents
[   67.195520][ T2049] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   67.204412][ T2049] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.633: corrupted inode contents
[   67.216610][ T2049] EXT4-fs error (device loop1): ext4_truncate:4302: inode #16: comm syz.1.633: mark_inode_dirty error
[   67.227925][ T2049] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   67.247764][ T2049] EXT4-fs (loop1): 1 truncate cleaned up
[   67.253259][ T2049] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   67.270212][ T2049] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038 (0x7fffffff)
[   67.311431][ T2062] kvm: pic: non byte write
[   67.322501][ T1692] EXT4-fs (loop4): unmounting filesystem.
[   67.356777][ T2066] loop2: detected capacity change from 0 to 256
[   67.406832][ T2066] loop2: detected capacity change from 256 to 253
[   67.807717][ T2083] loop4: detected capacity change from 0 to 1024
[   67.814620][ T2083] EXT4-fs: Ignoring removed orlov option
[   67.821453][ T2083] EXT4-fs (loop4): Test dummy encryption mode enabled
[   67.837906][ T2083] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   67.910350][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   67.944317][ T2092] syz.3.652[2092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.944396][ T2092] syz.3.652[2092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.957026][ T2092] binder: 2088:2092 ioctl 40046210 0 returned -14
[   68.432995][ T2112] loop3: detected capacity change from 0 to 1024
[   68.443662][ T2112] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   68.452143][ T2112] EXT4-fs (loop3): orphan cleanup on readonly fs
[   68.456426][   T19] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   68.458764][ T2112] EXT4-fs error (device loop3): ext4_free_blocks:6213: comm syz.3.655: Freeing blocks not in datazone - block = 0, count = 4096
[   68.479248][ T2112] EXT4-fs (loop3): 1 orphan inode deleted
[   68.484831][ T2112] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   68.501357][ T1776] EXT4-fs (loop3): unmounting filesystem.
[   68.576978][  T359] device bridge_slave_1 left promiscuous mode
[   68.582952][  T359] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.590365][  T359] device bridge_slave_0 left promiscuous mode
[   68.596392][  T359] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.604214][  T359] device veth1_macvtap left promiscuous mode
[   68.610120][  T359] device veth0_vlan left promiscuous mode
[   68.671609][ T1692] EXT4-fs (loop4): unmounting filesystem.
[   68.816482][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.827197][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.836791][   T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   68.849346][   T19] usb 1-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00
[   68.858165][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.866732][   T19] usb 1-1: config 0 descriptor??
[   69.347133][   T19] holtek_mouse 0003:04D9:A070.001A: item fetching failed at offset 1/5
[   69.355334][   T19] holtek_mouse 0003:04D9:A070.001A: hid parse failed: -22
[   69.362316][   T19] holtek_mouse: probe of 0003:04D9:A070.001A failed with error -22
[   69.550226][   T19] usb 1-1: USB disconnect, device number 12
[   69.572679][ T2133] loop3: detected capacity change from 0 to 512
[   69.575231][ T2134] loop1: detected capacity change from 0 to 512
[   69.587088][ T2133] EXT4-fs: Ignoring removed orlov option
[   69.598867][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.661: corrupted inode contents
[   69.612876][ T2134] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #3: comm syz.1.661: mark_inode_dirty error
[   69.618286][ T2133] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   69.624700][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #3: comm syz.1.661: corrupted inode contents
[   69.632678][ T2133] ext4 filesystem being mounted at /28/bus supports timestamps until 2038 (0x7fffffff)
[   69.644786][ T2134] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.661: mark_inode_dirty error
[   69.665323][ T2134] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.661: Failed to acquire dquot type 0
[   69.676992][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.661: corrupted inode contents
[   69.689014][ T2134] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #16: comm syz.1.661: mark_inode_dirty error
[   69.700386][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.661: corrupted inode contents
[   69.701741][ T1776] EXT4-fs (loop3): unmounting filesystem.
[   69.712847][ T2134] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.661: mark_inode_dirty error
[   69.729165][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.661: corrupted inode contents
[   69.741328][ T2134] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   69.749951][ T2134] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #16: comm syz.1.661: corrupted inode contents
[   69.761794][ T2134] EXT4-fs error (device loop1): ext4_truncate:4302: inode #16: comm syz.1.661: mark_inode_dirty error
[   69.772817][ T2134] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   69.782176][ T2134] EXT4-fs (loop1): 1 truncate cleaned up
[   69.787672][ T2134] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   69.796448][ T2134] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038 (0x7fffffff)
[   70.297792][ T2149] loop3: detected capacity change from 0 to 128
[   70.305117][ T2147] loop4: detected capacity change from 0 to 512
[   70.326857][ T2149] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   70.335819][ T2149] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038 (0x7fffffff)
[   70.354170][ T2147] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   70.363051][ T2147] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038 (0x7fffffff)
[   70.376791][ T1776] EXT4-fs (loop3): unmounting filesystem.
[   70.396307][ T1692] EXT4-fs (loop4): unmounting filesystem.
[   70.434891][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   71.113359][ T2158] input: syz0 as /devices/virtual/input/input11
[   71.120788][ T2160] loop1: detected capacity change from 0 to 1024
[   71.129134][ T2160] EXT4-fs: Ignoring removed orlov option
[   71.135362][ T2160] EXT4-fs (loop1): Test dummy encryption mode enabled
[   71.150653][ T2160] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   71.163351][ T2163] device pim6reg1 entered promiscuous mode
[   71.965305][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   73.037140][   T28] kauditd_printk_skb: 26 callbacks suppressed
[   73.037155][   T28] audit: type=1400 audit(1729041279.553:394): avc:  denied  { setattr } for  pid=2183 comm="syz.3.676" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   73.296444][  T382] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   73.656570][  T382] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.667308][  T382] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.676859][  T382] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[   73.685679][  T382] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.694454][  T382] usb 2-1: config 0 descriptor??
[   74.178179][  T382] hid-led 0003:1D34:000A.001B: unknown main item tag 0x0
[   74.397022][  T382] hid-led 0003:1D34:000A.001B: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0
[   74.408909][  T382] hid-led 0003:1D34:000A.001B: Dream Cheeky Webmail Notifier initialized
[   74.597975][  T382] usb 2-1: USB disconnect, device number 9
[   76.687076][ T2210] loop1: detected capacity change from 0 to 512
[   76.714691][ T2210] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   76.730335][ T2210] ext4 filesystem being mounted at /84/bus supports timestamps until 2038 (0x7fffffff)
[   76.752109][ T1125] EXT4-fs (loop1): unmounting filesystem.
[   76.946526][ T2107] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[   77.306586][ T2107] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.317291][ T2107] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   77.330224][ T2107] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   77.339127][ T2107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.347446][ T2107] usb 4-1: config 0 descriptor??
[   77.837271][ T2107] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[   77.844610][ T2107] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[   77.851872][ T2107] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[   77.859053][ T2107] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[   77.866432][ T2107] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving
[   77.875141][ T2107] plantronics 0003:047F:FFFF.001C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   78.040175][ T2107] usb 4-1: USB disconnect, device number 10
[   78.097994][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.105337][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.112642][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.119910][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.127116][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.134268][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.141612][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.148919][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.156129][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.163349][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.170543][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.177747][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.185262][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.192480][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.199724][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.206896][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.214060][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.221294][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.228488][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.235672][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.242937][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.250290][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.257511][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.264694][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.271938][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.279101][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.286288][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.293521][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.300718][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.307937][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.315114][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.322547][  T662] hid-generic 0000:04AD:0000.001D: unknown main item tag 0x0
[   78.330222][  T662] hid-generic 0000:04AD:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   78.366423][   T19] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   78.373861][  T382] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   78.626510][  T382] usb 5-1: Using ep0 maxpacket: 16
[   78.746512][   T19] usb 2-1: config 0 has no interfaces?
[   78.751807][   T19] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   78.760749][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.769042][   T19] usb 2-1: config 0 descriptor??
[   78.946464][  T382] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   78.955356][  T382] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.963153][  T382] usb 5-1: Product: syz
[   78.967146][  T382] usb 5-1: Manufacturer: syz
[   78.971536][  T382] usb 5-1: SerialNumber: syz
[   78.976866][  T382] usb 5-1: config 0 descriptor??
[   79.017155][  T382] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[   79.025014][  T382] usb 5-1: Detected FT232H
[   79.236569][  T382] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   79.608327][   T28] audit: type=1400 audit(1729041286.123:395): avc:  denied  { write } for  pid=2225 comm="syz.3.688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   79.717595][  T382] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   79.919497][  T662] usb 5-1: USB disconnect, device number 10
[   79.926204][  T662] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   79.935612][  T662] ftdi_sio 5-1:0.0: device disconnected
[   81.099809][  T382] usb 2-1: USB disconnect, device number 10
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: repeatedly failed to execute the program
proc=2 req=649 state=1 status=67 (errno 9: Bad file descriptor)
[   82.983828][ T2252] loop1: detected capacity change from 0 to 512
[   83.016718][ T2252] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.072204][   T10] tipc: Left network mode
[   83.086457][ T2252] EXT4-fs: failed to create workqueue
[   83.091693][ T2252] EXT4-fs (loop1): mount failed
[   83.212735][ T2260] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.219599][ T2260] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.227125][ T2260] device bridge_slave_0 entered promiscuous mode
[   83.233782][ T2260] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.240643][ T2260] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.247808][ T2260] device bridge_slave_1 entered promiscuous mode
[   83.300021][ T2260] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.306886][ T2260] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.313952][ T2260] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.320779][ T2260] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.344088][  T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.351454][  T387] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.358665][  T387] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.367600][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.375524][  T382] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.382390][  T382] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.406533][ T2260] device veth0_vlan entered promiscuous mode
[   83.413660][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.421848][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.429816][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.437009][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.444168][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.452142][  T382] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.458986][  T382] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.466112][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.473884][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   83.486612][  T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.495607][ T2260] device veth1_macvtap entered promiscuous mode
[   83.508187][  T387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.518176][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.757157][   T10] device bridge_slave_1 left promiscuous mode
[   83.763090][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.770396][   T10] device bridge_slave_0 left promiscuous mode
[   83.776301][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.784054][   T10] device veth1_macvtap left promiscuous mode
[   83.789996][   T10] device veth0_vlan left promiscuous mode
[   84.617306][   T10] device bridge_slave_1 left promiscuous mode
[   84.623306][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.630720][   T10] device bridge_slave_0 left promiscuous mode
[   84.636706][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.647321][   T10] device bridge_slave_1 left promiscuous mode
[   84.653313][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.660621][   T10] device bridge_slave_0 left promiscuous mode
[   84.666620][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.674224][   T10] device bridge_slave_1 left promiscuous mode
[   84.680208][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.687317][   T10] device bridge_slave_0 left promiscuous mode
[   84.693257][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.701331][   T10] device veth1_macvtap left promiscuous mode
[   84.707187][   T10] device veth0_vlan left promiscuous mode
[   84.712946][   T10] device veth1_macvtap left promiscuous mode
[   84.718918][   T10] device veth0_vlan left promiscuous mode
[   84.724561][   T10] device veth1_macvtap left promiscuous mode
[   84.730412][   T10] device veth0_vlan left promiscuous mode