last executing test programs:

1m7.405969592s ago: executing program 32 (id=187):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0xfffffffe, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0)

1m3.217115639s ago: executing program 4 (id=244):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in6=@private2, 0x0, 0x0, 0x4e23, 0xfffe, 0x0, 0x0, 0x20}, {0x10000000000000, 0x0, 0xddcf}, {}, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in6=@loopback}, 0x0, @in6=@empty}}, 0xe8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0xfff, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1m3.107508889s ago: executing program 4 (id=249):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = creat(&(0x7f0000000140)='./file0\x00', 0x14)
fallocate(r1, 0x0, 0xd2ba, 0x5)
fallocate(r0, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0x7e})

1m2.875346311s ago: executing program 4 (id=253):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000440)={0xfffa, [0x10000, 0x8], 0x40}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

52.216365316s ago: executing program 4 (id=369):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000140), 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f0000000800)=""/112, 0x70})

51.793769829s ago: executing program 4 (id=374):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x13, 0x0)

51.493612191s ago: executing program 4 (id=378):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

51.488402991s ago: executing program 33 (id=378):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

24.930187991s ago: executing program 5 (id=709):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000240)={0x80000, 0x0, [0x8, 0xc24c, 0x0, 0x8, 0xc, 0x4e4, 0xe30351e, 0x5]})
ioctl$KVM_SMI(r2, 0xaeb7)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, 0x0)

24.847512502s ago: executing program 5 (id=710):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfec1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
ftruncate(r1, 0x904e)

24.847183842s ago: executing program 5 (id=712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r2, &(0x7f0000000000), 0x100000008)
ioctl$EVIOCSABS20(r2, 0x40044590, 0x0)

24.568154314s ago: executing program 2 (id=720):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000000)={0x0, 0x300})

24.515129994s ago: executing program 2 (id=722):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r1, 0x0, 0xa0028000}, 0x38)

24.191312356s ago: executing program 5 (id=723):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

24.149291706s ago: executing program 2 (id=724):
unshare(0x22020600)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
setns(r1, 0x0)

24.136511626s ago: executing program 2 (id=725):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000007c0)={[{@bsdgroups}, {@errors_continue}, {@nolazytime}, {@user_xattr}, {@data_err_abort}, {@stripe={'stripe', 0x3d, 0x41}}, {@bsdgroups}, {@auto_da_alloc}]}, 0x1, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')

24.005401557s ago: executing program 2 (id=726):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11c2, 0x2208, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0x5, {0x5, 0x0, "6874a7"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

23.655241339s ago: executing program 2 (id=728):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000200)={0xff07, 0x0, 0x0, 0x1ff, 0x0, "5f330000a90100f9"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13)
poll(&(0x7f0000000100)=[{r1, 0xcf9aa395655229eb}], 0x1, 0xe7f1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000006c0)=0x1a)

23.655117429s ago: executing program 34 (id=728):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000200)={0xff07, 0x0, 0x0, 0x1ff, 0x0, "5f330000a90100f9"})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13)
poll(&(0x7f0000000100)=[{r1, 0xcf9aa395655229eb}], 0x1, 0xe7f1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000006c0)=0x1a)

23.5293411s ago: executing program 5 (id=732):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000140))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x100, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x7, 0x7], 0xeeee8000, 0x80200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23.402402651s ago: executing program 5 (id=734):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x1, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_getevents(0x0, 0x4, 0x0, 0x0, 0x0)

23.352224411s ago: executing program 35 (id=734):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x1, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_getevents(0x0, 0x4, 0x0, 0x0, 0x0)

21.630927592s ago: executing program 7 (id=750):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000340)=[{&(0x7f0000000180)=""/109, 0x6d}], 0x1, 0x0, 0x0)

21.630406762s ago: executing program 7 (id=751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

21.543689493s ago: executing program 7 (id=752):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_io_uring_setup(0x241d, &(0x7f0000000140)={0x0, 0x0, 0x13090, 0x3}, &(0x7f0000000100), 0x0)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000300)=ANY=[@ANYBLOB="00020201"], 0x18)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5dc}], 0x1)

21.427376274s ago: executing program 7 (id=753):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f0000000f00)=ANY=[@ANYBLOB="696f636861727365743d757466382c73686f72746e616d653d77696e6e74000000000000ffff756e695f786ce174653d312c686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c726f6469722c757466383d302c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c00e41e9f8c0303a4c129"], 0x1, 0x26c, &(0x7f0000000340)="$eJzs3U9rU1kYB+A3bTpJC0OyGCgzDMwdZjOr0HaYfcrQgWECipKFriw2RWlqoYWCLtruit9Bv4Iu3QouxK1fQASpghvrqgshEm//JDWJjZpG7PNs+nLu++Ock17upYueXPl1eWlhZW1xd3cn8vlMZMtRjr1MFGMkRiO1FQDA92Sv0Yg3jdSw1wIAnA7vfwA4e3q9/zNbh2PnT39lAMCgfNHf/yMDWRIAMGAXL13+f7ZSmbuQJPmI5e316no1/Zlen12M61GPWkxFId5FNA6l9b//VeamkqaXxcgvb46k+c316mh7fjoKUeycn05SUW3mDvJjMbGffzYRtZiJQvzUOT/TMf9D/PlHy/ylKMTTq7ES9ViIZjbN5yJiYzpJ/jlXOZbPfegDAAAAAAAAAAAAAAAAAAAAAIBBKCWHiu3n36Tn95RK3a6n+dbzgcZ7nQ/U2Dx2vk42fskOd+8AAAAAAAAAAAAAAAAAAADwrVi7eWtpvl6vrfYqbjy592gnlwY+2dy7yOzP219qu2fP+Ml2caz48fcXdzpdykWu38/n84qxiGgdSfanfPjbACf9WsXjnWs//7U2+Xe3nsi2jtxubrWtp8uNlB3UB/66ENG1J9/3Ddla3D8oym8/6jm4lWqr48P+xU3eLc8/2Hj+6qSpHg+NxuggHkUAAAAAAAAAAAAAAAAAAHDmHf3T77BXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDc/T9//0WuWgbyXdt3hr2HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H0AAAD//7qXlSU=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x60200, 0x20)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)

21.169102415s ago: executing program 7 (id=755):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="f7790066baa00066b86b42b9a9020000b8fc000000ba000000000f3025bae80066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x58}], 0x1, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20.762145957s ago: executing program 7 (id=757):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

20.707333048s ago: executing program 36 (id=757):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

13.935378621s ago: executing program 8 (id=828):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000500)={0x20, 0x16, 0x2, "5ad2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

13.205764356s ago: executing program 1 (id=837):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0xfffffffd, 0x0, 0xd, "00009200000000000000000000000058b200"})
syz_open_pts(r1, 0x0)
poll(&(0x7f0000000080)=[{r1}], 0x1, 0x5182)
close_range(r0, 0xffffffffffffffff, 0x0)

12.687757779s ago: executing program 1 (id=841):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x20, 0x0, 0x7ffc1ff9}]})
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = getpgrp(0xffffffffffffffff)
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x2, 0xf2c, 0x0, r1})

12.4810263s ago: executing program 1 (id=842):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r0, &(0x7f0000000240)='fdinfo/3\x00')

12.37176946s ago: executing program 1 (id=843):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9"], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000000)=0x4)
unlink(&(0x7f0000000000)='./file1\x00')

11.992942913s ago: executing program 1 (id=849):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

11.791267444s ago: executing program 1 (id=854):
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x1204020, 0x1, 0x3}}, 0x50)

11.784674515s ago: executing program 37 (id=854):
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x1204020, 0x1, 0x3}}, 0x50)

11.488622557s ago: executing program 8 (id=859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

11.411065087s ago: executing program 8 (id=861):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}})

11.291533308s ago: executing program 8 (id=865):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000440)={0xfffa, [0x10000, 0x8], 0x40}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

9.39075512s ago: executing program 6 (id=885):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x48be, &(0x7f0000000000), &(0x7f00000011c0), &(0x7f0000ff4000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000002300)=[{0x0}], 0x1)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)

9.32652011s ago: executing program 6 (id=886):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000180)={0x28, 0x0, 0x0, @host}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

9.31570491s ago: executing program 9 (id=887):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)

9.263206411s ago: executing program 6 (id=888):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
inotify_init()
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000001200), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

9.262899001s ago: executing program 9 (id=889):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040ec13060000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00228000000000000000fc"], 0x0}, 0x0)

9.159043221s ago: executing program 3 (id=891):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x802, &(0x7f00000003c0), 0x1, 0x79c, &(0x7f0000001400)="$eJzs3c9rXNUeAPDvnSRNmva95sHjveqmWWmhdNLW2CoIprgQwUJB17ZhMg01k0zJTEoTsrCIIIigxYWgG9f+qDu3omv/Bjci0lI1LVZcyMidH8k0mUySNpNpm88HbnLOvefOOd85d849M/cyE8CuNZz+yUQ8EREfJBEH6uuTiOirpnojxmrl7i4t5tIliUrltd+Sapk7S4u5aNonta+eORgR370TcSSztt7S/MLUeKGQn63nR8rTl0ZK8wtHL06PT+Yn8zMnj4+Onjj17KmT2xfrHz8s7L/54ctPfzX219v/v/7+90mMxf76tuY4tklPLD8nfelTeI+Xtrmybku63QDuS6Z+oPZGOgYciJ5qCgB4nKXn/woAsMskzv8AsMs0Pge4s7SYayzd/URiZ906HREDtfgb1zdrW3rr1+wGqtdBB+8k0Vu/IhrbeL1rOCI+/eaNL9IlOnMdEqClt65GxPmh4bXjf7LmnoWtOraJMsOr8sY/2DnfpvOf51rN/zLL859Ynv+s6G/x2r0fwxF7mvNrX/+ZGy13fHEbKq/P/16o3duWBto0/1u+aW2op577V5o5lA6ahXw6tv07Ig5HX/+Fi4X88TZ1HL799+31tjXP/36/9ubnaf3p/5USmRu9/ffuMzFeHn+QmJvduhrxZO/KvX1314z/A9W57ur+T9edbffAh1aSrzz/7ifrFUvjT+NtLGvj76zKZxFPRev4G5K29yeOpN1/rPa3dR1f//Tx4Hr1N/d/uqT1N94L7IS0/wfbxz+UNN+vWdre+jeOv/Xxvyd5vZpuDB5Xxsvl2eMRe5JX164/sbJvI98on8Zfi3R1/Jm2x3/6TvD8JmPsvfnrl623nP5f7X93+39iS/2/9cT1u1M969W/uf4fraYO19dsZvzbbAMf5LkDAAAAAAAAAAAAAAAAAAAAAAAAgM3KRMT+SDLZ5XQmk83WfsP7vzGYKRRL5SMXinMzE1H9reyh6Ms0vuryQC2fNL7/dKgpf2JV/pmI+E9EfNS/t5rP5oqFiW4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1+9b5/f/UL/3dbh0A0DEDG5a4nb8nW6lUKh1sDwDQeRuf/wGAx02b8//enWwHALBzvP8HgN3H+R8Adh/nfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrs7Jkz6VL5c2kxl+YnLs/PTRUvH53Il6ay03O5bK44eyk7WSxOFvLZXHF6o8crFIuXRmNm7spIOV8qj5TmF85NF+dmyucuTo9P5s/l+3YkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmtL8wtR4oZCffSwS70XEQ9CMTiSSeCia0ZXEz0d/PNiuzLUNDuOxhyKKRyzR7ZEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NHwTwAAAP//MS4kYw==")
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

8.983164252s ago: executing program 3 (id=893):
unshare(0x24020400)
unshare(0x22020600)
unshare(0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)

8.696182684s ago: executing program 3 (id=895):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
listen(r0, 0xa1)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080), 0x4)

7.365996073s ago: executing program 9 (id=896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000000), &(0x7f0000000080)='%pi6   \x00'}, 0x20)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x1042800, 0x0, 0x1, 0x0, 0x0)
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000001480), 0xa00012, &(0x7f0000000240)=ANY=[@ANYRES32=r1])

7.365758553s ago: executing program 3 (id=897):
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000500)='./file0\x00', 0x800, &(0x7f0000000080)={[{@errors_remount}, {@commit={'commit', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x3ff}}, {@nojournal_checksum}, {@usrquota}, {@dioread_nolock}, {@nogrpid}]}, 0x21, 0x4b0, &(0x7f0000000540)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKafee9u97SV7WCm7G+0qrLQHr2ZsCCEY2A3BK/z7SU8zb57x9x7WvGc+wC+AnnUuItYi4lhE3IuI0fb1pF3iZqtkj3v54tH0+otH00k0m3c+SfL27Fps+ZrMifZzDkXE738T8afkzbj1ldX5qUqlvNSuFxvVxWJ9ZfXyXHVqtjxbXiiVJicmx69fuVY6sLGerf7r+a/nbv3hv//50bP/r/3yL1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeEbSSPiOxFxPr//R6MvfzUBgKOs2RyN5ujW+iv92+oAwNGQ5jmwJC20cwEjkaaFQiuHdyaG00qt3rh0v7a8MNPKlY3FQHp/rlIeb+cKx2IgyeoT+fmremlb/UpEnI6Ivw4ez+uF6VplpptvfACgh53Ytv5/Ptha/wGAI26o2x0AAA6d9R8Aeo/1HwB6j/UfAHqP9R8Aeo/1HwB6j/UfAHrK727fzkpzvf351zMPVpbnaw8uz5Tr84Xq8nRhura0WJit1Wbzz+yp7vV8lVptceJqLD8sNsr1RrG+snq3WlteaNzNP9f7bnngUEYFAOzm9Nmn7ycRsXbjeF5iy14O1mo42tJudwDomr5udwDoGrt9Qe/yMz6wwxa9r+n4J0JPDr4vwOG4+H35f+hV8v/Qu+T/oXfJ/0PvajYTe/wDQI+R4wf8/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+vpG8JGmhvRf4SKRpoRBxMiLGYiC5P1cpj0fEqYh4b3BgMKtPdLvTAMBbSj9K2vt/XRy9MLK99VjyxWB+jIg///3O3x5ONRpLE9n1TzevN560r5e60X8AYC8b6/TGOr7h5YtH0xvlMPvz/FetzUWzuOvt0mrpj/78OBQDETH8WdKut2TvV/oOIP7a44j43k7jT/LcyFh759Pt8bPYJw81fvpa/DRvax2z78V3D6Av0GueZvPPzZ3uvzTO5ced7/+hfIZ6exvz3/ob81+6Of/1dZj/zu03xtX//bZj2+OIH/TvFD/ZjJ90iH9hn/E/+OGPz3dqa/4j4mLsHH9rrGKjulisr6xenqtOzZZnywul0uTE5Pj1K9dKxTxHXdzIVL/p4xuXTu02/uEO8Yf2GP/P9jn+f355748/2SX+L3668+t/Zpf42Zr4833Gnxr+d8ftu7P4Mx3Gv9frf2mf8Z99uDqzz4cCAIegvrI6P1WplJecdOmk79vRDSdOXjvp9swEvGuvbvpu9wQAAAAAAAAAAAAAAOjkMP6dqNtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oj6KgAA//+r59Ta")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000880)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00F\x00'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

7.361642812s ago: executing program 6 (id=906):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

7.300173033s ago: executing program 9 (id=898):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000600)=ANY=[@ANYBLOB="0100"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0010141, 0x0, 0x3}]})
ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040))

1.033253713s ago: executing program 8 (id=899):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000280), 0xfe, 0x504, &(0x7f00000019c0)="$eJzs3V9rZGcZAPDnTDJrtpuaVL2ohdZiK9miO5M0tg1etBXFu4JS79eQTELIJBMyk3YTiqT4AQQRXfDKK28EP4Ag+xFkYcG9FxVFdFcvvFCPnDMn2ex4ZpPQ+bMkvx+8M+9555zzPG+yOfOeP3tOAJfWyxHxbkRMRMRrETFTtFeKEofdks338MFHK1nJPnn/b0kkRVtEXj12rVhsqvtWqr1/sLncbDZ2i+l6Z2un3t4/uLGxtbzeWG9sLy4uvLn01tIbS/MD6WfWr7e/+aef/PAX33r7N1/58Pc3/3L9+1nS3yg+L/oxcPfz12r2szg2GRG7wwg2BhNFf6rjTgQAgDPJxvifiYgv5uP/mZjIR3O53iHd1OizAwAAAAYhfWc6/p1EpAAAAMCF9U5ETEdSqRXXAkxHpVKrda/h/Vw8U2m22p0vr7X2tlezzyJmo1pZ22g25otramejmmTTC3n90fTrPdOLEfFcRPx45mo+XVtpNVfHffADAAAALolrPfv//5zp7v8DAAAAF8zsuBMAAAAAhq7f/n8y4jwAAACA4XH+HwAAAC60b7/3XlbSo+dfr36wv7fZ+uDGaqO9WdvaW6mttHZ3auut1np+z76t09bXbLV2vhrbe7fqnUa7U2/vH9zcau1td25ueH4gAAAAjMtzX7hzP4mIw69dzUvmSvYy0WcB1wrAhVE5z8x/HF4ewOj1+5oHLr7JcScAjM/huBMAxu2xW32UDApOXrzz2DGD3w4vJwAAYLDmPl9+/j/bBaiOOzlgqM51/h+4UJz/h8vrnOf/7w4rD2D0qkYAcOmd9qiPvjfvKDv/f6VsxjQ9dV0AAMBQTeclqdSKc4HTUanUahHP5v/Vv5qsbTQb8xHx6Yj43Uz1U9n0Qr5k4vGAAAAAAAAAAAAAAAAAAAAAAAAAAHBGaZpECgAAAFxoEZU/J8Xzv+ZmXp3uPT5wJfnXTBSP9PrwZ+//9NZyp7O7kLX//bi9c7tof30cRzAAAACAXkf76Uf78QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwSA8ffLRyVEYZ969fj4jZsviTMZW/T0U1Ip75RxKTJ5ZLImJiAPEPP46I58viJ1laMVtk0Ru/EhFXRxP/xTRNS+NfG0B8uMzuZNufd8v+/irxcv5e/vc/WZRPqv/2r3K8/Zvos/179owxXrj3q3rf+B9HvDBZvv05ip/0if9K2QpLfijf++7Bwf81dlce6c8j5kq/f5LHYtU7Wzv19v7BjY2t5fXGemN7cXHhzaW3lt5Ymq+vbTQbxWtpH3/04q//29P0n7Qr73/0iT97Sv9fzSrVE41pb5gi2L1bDz7brVZ7VpHHv/5K+e//+SfEz/5NfKn4Hsg+nzuqH3brJ730y7svlSZWxF/t0//Tfv/X+620x2vf+cEfzjgrADAC7f2DzeVms7E79MrtNE1HFUvl/JWj0d3QQkw9LT1VOa0yiCNbAADA0+bRoH/cmQAAAAAAAAAAAAAAAAAAAMDl1d6PyrBvJ9Yb83A8XQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeKL/BQAA//9PHd4N")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000240)={0x3920e, r1})

1.032917363s ago: executing program 9 (id=901):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x34, 0x0, &(0x7f0000000240))

1.032688283s ago: executing program 3 (id=902):
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000140)="16008338fe13130020554d4908a8632c019a3d5ab030fcec73793566cd801e7f4a87b2ff99be936dd1b36cb2b0c05ba4cb79e4fca6c819e8d610663b346b0ec558a7997f89116231a3ef9a39f72b520800000000000000a7b87cac872820c9b6894b2e038abb49046640c8248af8775381784e3f0ff6e753f04434034e9ae63c3eda5ec9ed9f853001df", 0x8a}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f00000000c0))

1.032528393s ago: executing program 6 (id=903):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

873.436764ms ago: executing program 6 (id=905):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)
setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f0000000000), 0x4)

467.218646ms ago: executing program 3 (id=908):
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x2000000, 0xe40, 0x60ff, &(0x7f00000001c0)="5cdd3086ddffff6633c9bbac88a8860040dffd00139fb7a884bdfc14f48786dd", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

357.598277ms ago: executing program 0 (id=910):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x5, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080), 0x8)
sendmmsg$sock(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@txtime={{0x14, 0x1, 0x3d, 0x7}}], 0x14}}], 0x1, 0x0)

276.273528ms ago: executing program 0 (id=911):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f00000001c0)={0x28, 0x0, 0x0, @host}, 0x10)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f00000001c0)={0x28, 0x0, 0x0, @host}, 0x10)

218.310968ms ago: executing program 0 (id=912):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x1, 0x6}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)

114.946528ms ago: executing program 0 (id=913):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c0aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e23729e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd9200800000000000000b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3ff63b473aa192b0093a4fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4a4ff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea0000000000000001e0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cfeff4c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a176ead4bd5e25b8f2e84728a1a000000000a88b8e123414e73e614ee6701b3dd9fb9f774c757cc544bbd7d25ce47c0ae90985df115df47183117216986274247c5af80d662d4c9b76d7721bf0a1886eafa7d3e42ac9ab9a78a84a4fb8ea575de12df182f821b87cf2e2b3c278463282fbb64563adba68de60e58eccefb3f12d24f9c028402c5b5092aa5df076b9f39813b3b539e9ac97b50ef4dd611d06cf2327616130e1d5df26fbffa0732a96eb43d5dca2c041b1d7b7c224926773fdaf4025ecc29fb801f21e98f4b6bfc3d582fcd8567d97e6fdbf764b99c9696260e64f182310fbb0277719723ae405751e818176cac5964494b6ffa92cb64a2dbd29570c19e97bf0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000633277fbac141416ac14141683fe9f034d2f87e589036aab845013f2325f1a39060702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

58.916469ms ago: executing program 9 (id=914):
openat$urandom(0xffffffffffffff9c, &(0x7f0000005340), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0)

58.314899ms ago: executing program 0 (id=915):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000001100)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x80]}, 0x45c)
r1 = dup(r0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_DEV_CREATE(r1, 0x5501)
write$uinput_user_dev(r1, &(0x7f0000001a00)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)

3.687259ms ago: executing program 0 (id=916):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x10, 0x0, &(0x7f00000002c0)=[@request_death={0x400c6313}], 0x0, 0x0, 0x0})

0s ago: executing program 8 (id=917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[   54.954492][ T1298] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.974880][ T1298] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   54.980828][  T628] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   55.007557][  T628] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   55.024836][  T628] asix: probe of 2-1:0.0 failed with error -71
[   55.041827][  T628] usb 2-1: USB disconnect, device number 4
[   55.046208][ T1298] overlayfs: failed to resolve './file0': -2
[   55.190770][  T413] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   55.224481][ T1309] loop5: detected capacity change from 0 to 512
[   55.344076][ T1309] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated!
[   55.356199][ T1309] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota
[   55.373386][ T1309] EXT4-fs error (device loop5): ext4_acquire_dquot:6188: comm syz.5.376: Failed to acquire dquot type 0
[   55.395827][ T1309] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.376: bg 0: block 64: padding at end of block bitmap is not set
[   55.436199][ T1309] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   55.459404][ T1309] EXT4-fs (loop5): 1 truncate cleaned up
[   55.477233][ T1309] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   55.480680][   T20] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   55.521262][ T1309] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.563731][ T1309] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated!
[   55.585466][ T1315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.368'.
[   55.599034][ T1309] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota
[   55.641230][ T1309] EXT4-fs error (device loop5): ext4_acquire_dquot:6188: comm syz.5.376: Failed to acquire dquot type 0
[   55.663873][  T413] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   55.729298][  T413] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.744998][ T1309] xt_CT: No such helper "syz0"
[   55.762414][ T1318] loop4: detected capacity change from 0 to 2048
[   55.777835][ T1320] loop1: detected capacity change from 0 to 512
[   55.782836][  T413] usb 4-1: config 0 descriptor??
[   55.823963][ T1320] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.370: bg 0: block 393: padding at end of block bitmap is not set
[   55.856241][ T1320] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   55.869174][ T1320] EXT4-fs (loop1): 2 truncates cleaned up
[   55.880731][   T20] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[   55.880762][   T20] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[   55.880793][   T20] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[   55.880813][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.957914][ T1320] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   55.993368][ T1318] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   56.013174][ T1307] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   56.025692][ T1320] EXT4-fs error (device loop1): empty_inline_dir:1869: inode #12: block 7: comm syz.1.370: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[   56.118476][  T290] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #16: comm syz-executor: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 255(4), depth 0(0)
[   56.155299][  T290] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #16: comm syz-executor: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 255(4), depth 0(0)
[   56.161499][ T1320] EXT4-fs warning (device loop1): empty_inline_dir:1876: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[   56.290859][   T20] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[   56.319835][   T10] tipc: Disabling bearer <eth:vlan0>
[   56.332663][   T10] tipc: Left network mode
[   56.334085][   T20] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input9
[   56.386764][   T20] usb 3-1: USB disconnect, device number 5
[   56.392057][ T1336] loop1: detected capacity change from 0 to 128
[   56.397069][    C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[   56.440201][ T1336] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   56.466610][ T1336] ext4 filesystem being mounted at /47/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   56.541961][   T30] audit: type=1400 audit(1733157403.559:587): avc:  denied  { append } for  pid=1335 comm="syz.1.375" name="loop7" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   56.588020][ T1339] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.600158][ T1339] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.600706][  T628] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   56.624473][ T1339] device bridge_slave_0 entered promiscuous mode
[   56.640694][ T1339] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.651899][ T1339] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.664267][ T1339] device bridge_slave_1 entered promiscuous mode
[   56.704516][ T1344] loop1: detected capacity change from 0 to 1024
[   56.723709][ T1344] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[   56.734762][ T1344] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5
[   56.734762][ T1344] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   56.734762][ T1344] 
[   56.765916][ T1344] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   56.790848][ T1344] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_dev=0x0000000000000004,grpquota,resuid=0x0000000000000000,nogrpid,dioread_nolock,jqfmt=vfsold,sysvgroups,noauto_da_alloc,nouser_xattr,,errors=continue. Quota mode: writeback.
[   56.800967][ T1339] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.836028][ T1339] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.848861][ T1339] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.859427][ T1339] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.896189][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.910567][  T435] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.922577][  T435] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.945178][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.961788][  T435] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.973220][  T435] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.983485][  T413] usb 4-1: Cannot set autoneg
[   56.992918][  T413] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[   57.005111][  T413] usb 4-1: USB disconnect, device number 6
[   57.015560][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   57.030920][  T435] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.041266][  T435] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.055046][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   57.068178][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   57.083509][  T628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.100312][  T628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.123283][  T628] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   57.139561][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.165119][  T628] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.178929][ T1339] device veth0_vlan entered promiscuous mode
[   57.190175][  T628] usb 6-1: config 0 descriptor??
[   57.204310][ T1355] loop2: detected capacity change from 0 to 256
[   57.210252][ T1339] device veth1_macvtap entered promiscuous mode
[   57.230150][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.246358][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.264061][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.275408][ T1355] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   57.289299][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.319281][ T1355] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   57.350372][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   57.366889][ T1355] attempt to access beyond end of device
[   57.366889][ T1355] loop2: rw=524288, want=696, limit=256
[   57.385815][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.397677][ T1355] attempt to access beyond end of device
[   57.397677][ T1355] loop2: rw=524288, want=952, limit=256
[   57.421105][   T10] device bridge_slave_1 left promiscuous mode
[   57.431213][ T1355] attempt to access beyond end of device
[   57.431213][ T1355] loop2: rw=0, want=448, limit=256
[   57.433462][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.457267][ T1356] attempt to access beyond end of device
[   57.457267][ T1356] loop2: rw=0, want=448, limit=256
[   57.485831][   T10] device bridge_slave_0 left promiscuous mode
[   57.485907][ T1356] attempt to access beyond end of device
[   57.485907][ T1356] loop2: rw=0, want=448, limit=256
[   57.503706][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.519321][ T1355] attempt to access beyond end of device
[   57.519321][ T1355] loop2: rw=0, want=448, limit=256
[   57.556369][   T10] device veth1_macvtap left promiscuous mode
[   57.559184][ T1355] attempt to access beyond end of device
[   57.559184][ T1355] loop2: rw=0, want=448, limit=256
[   57.570312][   T10] device veth0_vlan left promiscuous mode
[   57.608310][ T1356] attempt to access beyond end of device
[   57.608310][ T1356] loop2: rw=0, want=448, limit=256
[   57.640992][ T1356] attempt to access beyond end of device
[   57.640992][ T1356] loop2: rw=0, want=448, limit=256
[   57.693093][ T1355] attempt to access beyond end of device
[   57.693093][ T1355] loop2: rw=0, want=448, limit=256
[   57.711351][  T628] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor
[   57.731417][  T628] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0005/input/input10
[   57.820983][  T628] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[   57.871115][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   57.884347][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.976144][    T6] usb 6-1: USB disconnect, device number 5
[   58.130624][   T30] audit: type=1400 audit(1733157405.139:588): avc:  denied  { append } for  pid=1371 comm="syz.3.389" name="ppp" dev="devtmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   58.240775][  T413] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   58.570735][   T39] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   58.800832][  T413] usb 7-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=5d.5a
[   58.823139][ T1397] loop5: detected capacity change from 0 to 256
[   58.829704][  T413] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.840745][  T413] usb 7-1: Product: syz
[   58.846679][  T413] usb 7-1: Manufacturer: syz
[   58.852471][  T413] usb 7-1: SerialNumber: syz
[   58.858738][  T413] usb 7-1: config 0 descriptor??
[   58.893184][ T1397] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   58.914482][ T1397] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   58.963205][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.980221][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   59.000691][   T39] usb 3-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[   59.018947][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.036571][ T1402] loop1: detected capacity change from 0 to 8192
[   59.037189][   T39] usb 3-1: config 0 descriptor??
[   59.141268][ T1402] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.296291][ T1412] tipc: Enabling of bearer <ib:caif0> rejected, media not registered
[   59.420914][   T26] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   59.522379][ T1420] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   59.565230][   T39] uclogic 0003:5543:0042.0006: item fetching failed at offset 5/7
[   59.588336][   T39] uclogic 0003:5543:0042.0006: parse failed
[   59.597575][   T39] uclogic: probe of 0003:5543:0042.0006 failed with error -22
[   59.611132][   T30] audit: type=1400 audit(1733157406.629:589): avc:  denied  { setopt } for  pid=1423 comm="syz.1.411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.745577][   T30] audit: type=1326 audit(1733157406.759:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.5.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   59.745965][ T1429] mmap: syz.5.413 (1429) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[   59.798444][   T30] audit: type=1326 audit(1733157406.759:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.5.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   59.842192][   T39] usb 3-1: USB disconnect, device number 6
[   59.861915][   T30] audit: type=1326 audit(1733157406.819:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.5.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   59.894836][   T26] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   59.910868][   T30] audit: type=1326 audit(1733157406.819:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1428 comm="syz.5.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   59.943153][   T26] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   59.981538][   T30] audit: type=1326 audit(1733157406.999:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1433 comm="syz.5.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   60.013710][   T30] audit: type=1326 audit(1733157407.029:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1433 comm="syz.5.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   60.041546][   T30] audit: type=1326 audit(1733157407.029:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1433 comm="syz.5.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   60.073771][  T413] asix 7-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[   60.074037][ T1437] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   60.086316][   T26] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   60.099502][ T1437] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   60.109774][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   60.123627][ T1437] SELinux:  duplicate or incompatible mount options
[   60.143360][   T30] audit: type=1326 audit(1733157407.029:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1433 comm="syz.5.415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   60.171898][   T26] usb 4-1: SerialNumber: syz
[   60.234732][ T1443] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[   60.272688][ T1447] loop1: detected capacity change from 0 to 512
[   60.300776][  T413] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   60.314977][  T413] asix 7-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   60.328407][  T413] asix: probe of 7-1:0.0 failed with error -71
[   60.338606][  T413] usb 7-1: USB disconnect, device number 2
[   60.355022][ T1447] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.407839][ T1447] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   60.430335][ T1451] loop2: detected capacity change from 0 to 512
[   60.439549][ T1447] EXT4-fs (loop1): 1 truncate cleaned up
[   60.447573][ T1447] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[   60.491467][   T26] usb 4-1: 0:2 : does not exist
[   60.504482][   T26] usb 4-1: USB disconnect, device number 7
[   60.553419][  T348] udevd[348]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   60.590129][ T1451] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue. Quota mode: writeback.
[   60.636728][ T1451] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.819724][ T1461] loop2: detected capacity change from 0 to 512
[   60.829601][ T1463] loop6: detected capacity change from 0 to 256
[   60.893267][ T1463] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   60.914290][ T1461] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   60.930854][ T1463] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   60.961555][ T1461] EXT4-fs (loop2): 1 truncate cleaned up
[   60.993570][ T1461] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   61.186241][ T1473] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   61.196130][ T1473] IPv6: NLM_F_CREATE should be set when creating new route
[   61.400655][   T26] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   61.527909][ T1490] loop2: detected capacity change from 0 to 128
[   61.560647][  T413] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   61.650666][   T26] usb 4-1: Using ep0 maxpacket: 32
[   61.790868][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.805486][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.825232][   T26] usb 4-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[   61.852334][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.865708][   T26] usb 4-1: config 0 descriptor??
[   61.950760][  T413] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.964251][  T413] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.981770][  T413] usb 6-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[   61.993353][  T413] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.007773][  T413] usb 6-1: config 0 descriptor??
[   62.030770][  T312] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   62.151048][ T1511] syz.1.444[1511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.151130][ T1511] syz.1.444[1511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.297959][ T1521] loop1: detected capacity change from 0 to 256
[   62.321421][  T312] usb 3-1: Using ep0 maxpacket: 16
[   62.362032][   T26] greenasia 0003:0E8F:0012.0007: item fetching failed at offset 0/3
[   62.375466][   T26] greenasia 0003:0E8F:0012.0007: parse failed
[   62.383138][   T26] greenasia: probe of 0003:0E8F:0012.0007 failed with error -22
[   62.396665][ T1521] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[   62.450711][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   62.472017][  T413] uclogic 0003:5543:0042.0008: item fetching failed at offset 5/7
[   62.482362][  T413] uclogic 0003:5543:0042.0008: parse failed
[   62.490298][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   62.504123][  T413] uclogic: probe of 0003:5543:0042.0008 failed with error -22
[   62.515550][  T312] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   62.535521][  T312] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   62.549467][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.569241][  T312] usb 3-1: config 0 descriptor??
[   62.575921][  T413] usb 4-1: USB disconnect, device number 8
[   62.675063][   T39] usb 6-1: USB disconnect, device number 6
[   63.061703][  T312] microsoft 0003:045E:07DA.0009: report is too long
[   63.069807][  T312] microsoft 0003:045E:07DA.0009: item 0 0 0 11 parsing failed
[   63.079268][  T312] microsoft 0003:045E:07DA.0009: parse failed
[   63.087426][  T312] microsoft: probe of 0003:045E:07DA.0009 failed with error -22
[   63.114506][ T1529] loop3: detected capacity change from 0 to 256
[   63.141414][   T30] kauditd_printk_skb: 28 callbacks suppressed
[   63.141428][   T30] audit: type=1400 audit(1733157410.159:626): avc:  denied  { connect } for  pid=1530 comm="syz.1.452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   63.195714][ T1536] loop1: detected capacity change from 0 to 128
[   63.219871][ T1529] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   63.277783][    T6] usb 3-1: USB disconnect, device number 7
[   63.291906][ T1529] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   63.311643][ T1529] handle_bad_sector: 49601 callbacks suppressed
[   63.311664][ T1529] attempt to access beyond end of device
[   63.311664][ T1529] loop3: rw=524288, want=696, limit=256
[   63.334621][ T1529] attempt to access beyond end of device
[   63.334621][ T1529] loop3: rw=524288, want=952, limit=256
[   63.352422][ T1529] attempt to access beyond end of device
[   63.352422][ T1529] loop3: rw=0, want=448, limit=256
[   63.355171][ T1534] loop6: detected capacity change from 0 to 40427
[   63.367096][ T1529] attempt to access beyond end of device
[   63.367096][ T1529] loop3: rw=0, want=448, limit=256
[   63.405769][ T1541] attempt to access beyond end of device
[   63.405769][ T1541] loop3: rw=0, want=448, limit=256
[   63.426869][ T1541] attempt to access beyond end of device
[   63.426869][ T1541] loop3: rw=0, want=448, limit=256
[   63.444772][ T1529] attempt to access beyond end of device
[   63.444772][ T1529] loop3: rw=0, want=448, limit=256
[   63.462457][ T1541] attempt to access beyond end of device
[   63.462457][ T1541] loop3: rw=0, want=448, limit=256
[   63.480211][ T1534] F2FS-fs (loop6): fault_injection options not supported
[   63.480490][ T1541] attempt to access beyond end of device
[   63.480490][ T1541] loop3: rw=0, want=448, limit=256
[   63.492024][ T1534] F2FS-fs (loop6): fault_type options not supported
[   63.509617][ T1529] attempt to access beyond end of device
[   63.509617][ T1529] loop3: rw=0, want=448, limit=256
[   63.518224][ T1534] F2FS-fs (loop6): invalid crc value
[   63.555114][ T1534] F2FS-fs (loop6): Found nat_bits in checkpoint
[   63.607788][ T1534] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   63.671420][ T1554] loop1: detected capacity change from 0 to 128
[   63.727657][   T30] audit: type=1326 audit(1733157410.739:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   63.792306][   T30] audit: type=1326 audit(1733157410.739:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   63.863203][ T1554] EXT4-fs (loop1): Ignoring removed bh option
[   63.919739][ T1560] SELinux:  policydb version 0 does not match my version range 15-33
[   63.940555][ T1554] EXT4-fs (loop1): mounted filesystem without journal. Opts: bh,,errors=continue. Quota mode: none.
[   63.962228][ T1560] SELinux: failed to load policy
[   63.972461][   T30] audit: type=1326 audit(1733157410.739:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   64.009709][   T30] audit: type=1326 audit(1733157410.739:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   64.053021][   T30] audit: type=1326 audit(1733157410.739:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   64.080771][ T1554] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   64.088536][   T30] audit: type=1326 audit(1733157410.859:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1555 comm="syz.5.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   64.221810][   T30] audit: type=1400 audit(1733157411.239:633): avc:  denied  { nlmsg_read } for  pid=1569 comm="syz.2.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   64.321467][   T30] audit: type=1400 audit(1733157411.339:634): avc:  denied  { mounton } for  pid=1574 comm="syz.3.467" path="/proc/168/task" dev="proc" ino=20827 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   64.473615][ T1590] loop6: detected capacity change from 0 to 512
[   64.508255][ T1592] 9pnet: p9_errstr2errno: server reported unknown error �@��hQI
[   64.586359][ T1590] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   64.635615][ T1590] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.641085][ T1601] loop2: detected capacity change from 0 to 128
[   64.784991][ T1601] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   64.787799][ T1604] loop6: detected capacity change from 0 to 256
[   64.807770][ T1601] ext4 filesystem being mounted at /139/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.002098][ T1604] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   65.020890][ T1604] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   65.103339][   T30] audit: type=1400 audit(1733157412.119:635): avc:  denied  { write } for  pid=1616 comm="syz.3.486" name="fib_triestat" dev="proc" ino=4026532642 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   65.143958][ T1611] loop5: detected capacity change from 0 to 512
[   65.221574][ T1624] netlink: 24 bytes leftover after parsing attributes in process `syz.2.489'.
[   65.237728][ T1627] loop3: detected capacity change from 0 to 16
[   65.259327][ T1611] EXT4-fs (loop5): mounted filesystem without journal. Opts: inlinecrypt,,errors=continue. Quota mode: writeback.
[   65.291684][ T1611] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.307031][ T1611] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #2: comm syz.5.483: corrupted inode contents
[   65.336470][ T1627] erofs: (device loop3): mounted with root inode @ nid 36.
[   65.365903][ T1611] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #2: comm syz.5.483: mark_inode_dirty error
[   65.422643][ T1627] erofs: (device loop3): erofs_fill_dentries: bogus dirent @ nid 46
[   65.445611][ T1611] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #2: comm syz.5.483: corrupted inode contents
[   65.502427][ T1637] loop1: detected capacity change from 0 to 128
[   65.511541][ T1632] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #2: comm syz.5.483: corrupted inode contents
[   65.545868][ T1632] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #2: comm syz.5.483: mark_inode_dirty error
[   65.562034][ T1632] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #2: comm syz.5.483: corrupted inode contents
[   65.634125][ T1637] EXT4-fs (loop1): Ignoring removed orlov option
[   65.650714][ T1632] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.483: mark_inode_dirty error
[   65.681931][ T1637] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,journal_ioprio=0x0000000000000002,orlov,,errors=continue. Quota mode: none.
[   65.705468][ T1643] loop3: detected capacity change from 0 to 1024
[   65.791710][ T1643] EXT4-fs (loop3): Ignoring removed orlov option
[   65.799285][ T1643] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[   65.811372][ T1632] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #2: comm syz.5.483: corrupted inode contents
[   65.831389][ T1637] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.883747][ T1632] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #2: comm syz.5.483: mark_inode_dirty error
[   65.931787][ T1643] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   66.179203][ T1672] loop3: detected capacity change from 0 to 256
[   66.205127][ T1675] loop1: detected capacity change from 0 to 512
[   66.227468][ T1675] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.509: casefold flag without casefold feature
[   66.250071][ T1675] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.509: couldn't read orphan inode 15 (err -117)
[   66.271900][ T1675] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   66.273264][ T1672] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   66.301919][ T1672] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   66.352727][  T387] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   66.450686][   T20] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   66.600683][  T387] usb 3-1: Using ep0 maxpacket: 32
[   66.721211][  T387] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.737229][  T387] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.752068][  T387] usb 3-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[   66.766533][  T387] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.790661][  T312] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   66.791063][  T387] usb 3-1: config 0 descriptor??
[   66.861465][   T20] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.880927][   T20] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.895087][   T20] usb 7-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[   66.912126][   T20] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.931496][   T20] usb 7-1: config 0 descriptor??
[   67.030641][  T312] usb 2-1: Using ep0 maxpacket: 32
[   67.250096][ T1701] loop5: detected capacity change from 0 to 2048
[   67.311364][  T387] greenasia 0003:0E8F:0012.000A: item fetching failed at offset 0/3
[   67.326696][  T387] greenasia 0003:0E8F:0012.000A: parse failed
[   67.336589][  T387] greenasia: probe of 0003:0E8F:0012.000A failed with error -22
[   67.340869][  T312] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   67.356055][ T1701] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   67.362122][  T312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.384896][  T312] usb 2-1: Product: syz
[   67.389976][  T312] usb 2-1: Manufacturer: syz
[   67.395551][  T312] usb 2-1: SerialNumber: syz
[   67.402286][ T1701] EXT4-fs error (device loop5): ext4_find_extent:929: inode #2: comm syz.5.519: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   67.405380][  T312] usb 2-1: config 0 descriptor??
[   67.423168][   T20] uclogic 0003:5543:0042.000B: item fetching failed at offset 5/7
[   67.440803][   T26] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[   67.440831][   T20] uclogic 0003:5543:0042.000B: parse failed
[   67.457303][   T20] uclogic: probe of 0003:5543:0042.000B failed with error -22
[   67.528731][   T39] usb 3-1: USB disconnect, device number 8
[   67.611909][ T1707] loop5: detected capacity change from 0 to 40427
[   67.640561][  T387] usb 7-1: USB disconnect, device number 3
[   67.690884][   T26] usb 4-1: Using ep0 maxpacket: 32
[   67.702500][ T1707] F2FS-fs (loop5): invalid crc value
[   67.724813][ T1707] F2FS-fs (loop5): Found nat_bits in checkpoint
[   67.753114][ T1707] F2FS-fs (loop5): Cannot turn on quotas: -2 on 0
[   67.762802][ T1707] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[   67.820938][   T26] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[   67.832817][   T26] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   67.851513][   T26] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[   67.863302][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   67.876845][   T26] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   67.891416][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   67.908053][   T26] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   67.923674][   T26] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   67.954808][   T26] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   67.973467][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.004219][   T26] usb 4-1: config 0 descriptor??
[   68.055579][ T1719] kvm [1718]: vcpu0, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0xde683579969e38b6
[   68.104148][ T1724] loop5: detected capacity change from 0 to 256
[   68.143188][ T1724] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[   68.166951][   T30] kauditd_printk_skb: 27 callbacks suppressed
[   68.166967][   T30] audit: type=1326 audit(1733157415.179:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.2.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   68.209600][  T312] (unnamed net_device) (uninitialized): Assigned a random MAC address: 9e:35:88:49:24:a8
[   68.223478][ T1724] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   68.248146][  T312] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[   68.255640][ T1733] loop6: detected capacity change from 0 to 512
[   68.265433][   T30] audit: type=1326 audit(1733157415.179:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.2.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   68.274077][   T26] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   68.296549][   T30] audit: type=1326 audit(1733157415.179:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1727 comm="syz.2.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   68.341835][  T312] usb 2-1: USB disconnect, device number 5
[   68.344030][ T1724] handle_bad_sector: 46348 callbacks suppressed
[   68.344051][ T1724] attempt to access beyond end of device
[   68.344051][ T1724] loop5: rw=524288, want=696, limit=256
[   68.385242][ T1733] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   68.386597][ T1724] attempt to access beyond end of device
[   68.386597][ T1724] loop5: rw=524288, want=952, limit=256
[   68.410075][   T26] usb 4-1: USB disconnect, device number 9
[   68.427645][   T30] audit: type=1400 audit(1733157415.279:666): avc:  denied  { read } for  pid=139 comm="dhcpcd" name="n17" dev="tmpfs" ino=3907 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.430222][ T1739] attempt to access beyond end of device
[   68.430222][ T1739] loop5: rw=0, want=448, limit=256
[   68.468898][   T26] usblp0: removed
[   68.511838][   T30] audit: type=1400 audit(1733157415.279:667): avc:  denied  { open } for  pid=139 comm="dhcpcd" path="/run/udev/data/n17" dev="tmpfs" ino=3907 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.555845][   T30] audit: type=1400 audit(1733157415.279:668): avc:  denied  { getattr } for  pid=139 comm="dhcpcd" path="/run/udev/data/n17" dev="tmpfs" ino=3907 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.571760][ T1733] EXT4-fs (loop6): 1 truncate cleaned up
[   68.587970][ T1724] attempt to access beyond end of device
[   68.587970][ T1724] loop5: rw=0, want=448, limit=256
[   68.611414][ T1724] attempt to access beyond end of device
[   68.611414][ T1724] loop5: rw=0, want=448, limit=256
[   68.620577][ T1733] EXT4-fs (loop6): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   68.631771][ T1724] attempt to access beyond end of device
[   68.631771][ T1724] loop5: rw=0, want=448, limit=256
[   68.677083][ T1724] attempt to access beyond end of device
[   68.677083][ T1724] loop5: rw=0, want=448, limit=256
[   68.693272][ T1739] attempt to access beyond end of device
[   68.693272][ T1739] loop5: rw=0, want=448, limit=256
[   68.710442][ T1724] attempt to access beyond end of device
[   68.710442][ T1724] loop5: rw=0, want=448, limit=256
[   68.743469][   T30] audit: type=1400 audit(1733157415.749:669): avc:  denied  { create } for  pid=1735 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.750314][ T1739] attempt to access beyond end of device
[   68.750314][ T1739] loop5: rw=0, want=448, limit=256
[   68.806115][   T30] audit: type=1400 audit(1733157415.749:670): avc:  denied  { write } for  pid=1735 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth1.link" dev="tmpfs" ino=3931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.853628][ T1745] netlink: 40 bytes leftover after parsing attributes in process `syz.2.532'.
[   68.928309][   T30] audit: type=1400 audit(1733157415.759:671): avc:  denied  { append } for  pid=1735 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" dev="tmpfs" ino=3931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   69.009204][   T30] audit: type=1400 audit(1733157415.879:672): avc:  denied  { unlink } for  pid=1754 comm="rm" name="resolv.conf.eth1.link" dev="tmpfs" ino=3931 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   69.312608][ T1811] loop1: detected capacity change from 0 to 512
[   69.320672][ T1815] loop3: detected capacity change from 0 to 16
[   69.343897][ T1813] loop5: detected capacity change from 0 to 512
[   69.356821][ T1815] erofs: (device loop3): mounted with root inode @ nid 36.
[   69.378111][ T1811] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,barrier,,errors=continue. Quota mode: writeback.
[   69.401062][ T1813] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[   69.427196][ T1811] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.438824][ T1813] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   69.470713][ T1811] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #2: comm syz.1.554: corrupted inode contents
[   69.489323][ T1811] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz.1.554: mark_inode_dirty error
[   69.506394][ T1811] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #2: comm syz.1.554: corrupted inode contents
[   69.525890][ T1811] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #2: comm syz.1.554: mark_inode_dirty error
[   69.526476][ T1813] EXT4-fs (loop5): 1 truncate cleaned up
[   69.550680][ T1813] EXT4-fs (loop5): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,jqfmt=vfsv0,grpid,mblk_io_submit,,errors=continue. Quota mode: none.
[   69.683314][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[   69.700214][ T1841] loop3: detected capacity change from 0 to 2048
[   69.708476][ T1843] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   69.733829][ T1841]  loop3: p2 < >
[   69.828767][  T348] udevd[348]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   69.940736][  T387] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   70.310996][  T387] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   70.322537][  T387] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.333046][  T387] usb 2-1: config 0 descriptor??
[   71.470786][  T387] usb 2-1: Cannot set autoneg
[   71.476118][  T387] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71
[   71.487400][  T387] usb 2-1: USB disconnect, device number 6
[   71.750738][  T413] Bluetooth: hci0: command 0x1003 tx timeout
[   71.759328][   T47] Bluetooth: hci0: sending frame failed (-49)
[   71.977277][ T1864] loop3: detected capacity change from 0 to 512
[   72.115228][ T1864] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   72.140814][ T1864] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.326546][ T1881] 9pnet: p9_errstr2errno: server reported unknown error �@��hQI���t
[   72.454087][ T1890] loop3: detected capacity change from 0 to 128
[   72.681992][ T1898] loop3: detected capacity change from 0 to 512
[   72.762035][ T1898] EXT4-fs (loop3): 1 truncate cleaned up
[   72.770187][ T1898] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   72.849417][ T1898] EXT4-fs warning (device loop3): __ext4fs_dirhash:283: invalid/unsupported hash tree version 135
[   72.979316][ T1896] loop2: detected capacity change from 0 to 40427
[   73.064121][ T1924] loop3: detected capacity change from 0 to 512
[   73.091660][ T1896] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[   73.109276][ T1924] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.114426][ T1896] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   73.140025][ T1924] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   73.164152][ T1896] F2FS-fs (loop2): invalid crc value
[   73.189008][ T1896] F2FS-fs (loop2): Found nat_bits in checkpoint
[   73.198618][ T1924] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[   73.231046][ T1924] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   73.256468][ T1924] System zones: 0-2, 18-18, 34-34
[   73.269651][ T1896] F2FS-fs (loop2): Start checkpoint disabled!
[   73.282339][ T1924] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   73.306403][ T1896] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   73.311924][ T1922] loop1: detected capacity change from 0 to 40427
[   73.326316][ T1896] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   73.327800][ T1924] EXT4-fs (loop3): 1 truncate cleaned up
[   73.350835][ T1924] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   73.392680][ T1922] F2FS-fs (loop1): invalid crc value
[   73.422991][   T30] kauditd_printk_skb: 127 callbacks suppressed
[   73.423006][   T30] audit: type=1400 audit(1733157420.439:800): avc:  denied  { ioctl } for  pid=1923 comm="syz.3.601" path="/109/file0/file2" dev="loop3" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   73.489278][ T1922] F2FS-fs (loop1): Found nat_bits in checkpoint
[   73.529261][ T1945] loop5: detected capacity change from 0 to 1024
[   73.567699][ T1922] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[   73.578130][ T1945] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   73.610062][ T1922] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   73.621258][  T435] handle_bad_sector: 1500 callbacks suppressed
[   73.621418][  T435] attempt to access beyond end of device
[   73.621418][  T435] loop2: rw=2049, want=40968, limit=40427
[   73.730870][   T30] audit: type=1326 audit(1733157420.749:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1952 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   73.830496][ T1955] loop5: detected capacity change from 0 to 2048
[   73.840761][   T30] audit: type=1326 audit(1733157420.779:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1952 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   73.872367][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[   73.879140][   T47] Bluetooth: hci0: sending frame failed (-49)
[   73.911779][   T30] audit: type=1326 audit(1733157420.779:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1952 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   73.941679][   T30] audit: type=1326 audit(1733157420.779:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1952 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   73.952219][ T1955] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   73.973210][   T30] audit: type=1326 audit(1733157420.779:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1952 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74e141ff19 code=0x7ffc0000
[   74.022454][   T30] audit: type=1326 audit(1733157420.919:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1956 comm="syz.2.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   74.051644][   T30] audit: type=1326 audit(1733157420.919:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1956 comm="syz.2.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   74.082738][   T30] audit: type=1326 audit(1733157420.919:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1956 comm="syz.2.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   74.113820][   T30] audit: type=1326 audit(1733157420.919:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1956 comm="syz.2.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   74.232480][ T1964] hub 9-0:1.0: USB hub found
[   74.259782][ T1964] hub 9-0:1.0: 1 port detected
[   74.320993][ T1969] netlink: 40 bytes leftover after parsing attributes in process `syz.5.613'.
[   74.341859][ T1969] netlink: 40 bytes leftover after parsing attributes in process `syz.5.613'.
[   74.365285][ T1969] netlink: 40 bytes leftover after parsing attributes in process `syz.5.613'.
[   74.401592][ T1969] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[   74.514094][ T1976] netlink: 8 bytes leftover after parsing attributes in process `syz.5.617'.
[   74.760452][  T291] attempt to access beyond end of device
[   74.760452][  T291] loop1: rw=2049, want=45104, limit=40427
[   74.830722][   T26] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   75.090666][   T26] usb 6-1: Using ep0 maxpacket: 16
[   75.230755][  T413] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   75.239695][   T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.253659][   T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   75.380820][   T26] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   75.392845][   T26] usb 6-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[   75.405749][   T26] usb 6-1: Product: syz
[   75.411744][   T26] usb 6-1: Manufacturer: syz
[   75.418884][   T26] usb 6-1: config 0 descriptor??
[   75.470682][  T413] usb 2-1: Using ep0 maxpacket: 8
[   75.490723][  T311] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   75.600848][  T413] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.613370][  T413] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   75.628700][  T413] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   75.647762][  T413] usb 2-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[   75.658853][  T413] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.669659][  T413] usb 2-1: config 0 descriptor??
[   75.740766][  T311] usb 3-1: Using ep0 maxpacket: 16
[   75.860750][  T311] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[   75.872546][  T311] usb 3-1: config 0 has no interface number 0
[   75.879423][  T311] usb 3-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 255
[   75.920751][   T39] Bluetooth: hci0: command 0x1009 tx timeout
[   75.929404][   T26] kovaplus 0003:1E7D:2D50.000C: item fetching failed at offset 5/7
[   75.939672][   T26] kovaplus 0003:1E7D:2D50.000C: parse failed
[   75.946781][   T26] kovaplus: probe of 0003:1E7D:2D50.000C failed with error -22
[   76.010799][  T311] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[   76.022647][  T311] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[   76.034565][  T311] usb 3-1: Product: syz
[   76.039724][  T311] usb 3-1: SerialNumber: syz
[   76.049297][  T311] usb 3-1: config 0 descriptor??
[   76.070741][ T1989] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   76.121949][   T26] usb 6-1: USB disconnect, device number 7
[   76.181561][  T413] hid-picolcd 0003:04D8:C002.000D: unknown main item tag 0xe
[   76.260823][  T413] hid-picolcd 0003:04D8:C002.000D: No report with id 0x11 found
[   76.282832][ T1999] serio: Serial port ptm1
[   76.331412][  T311] usb 3-1: invalid MIDI in EP 0
[   76.337837][  T311] snd-usb-audio: probe of 3-1:0.2 failed with error -22
[   76.347798][  T311] usb 3-1: USB disconnect, device number 9
[   76.393823][  T387] usb 2-1: USB disconnect, device number 7
[   76.646620][ T2008] loop5: detected capacity change from 0 to 512
[   76.689756][ T2008] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   76.708827][ T2008] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.630: invalid indirect mapped block 4294967295 (level 1)
[   76.730092][ T2008] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.630: invalid indirect mapped block 4294967295 (level 1)
[   76.747725][ T2008] EXT4-fs (loop5): 2 truncates cleaned up
[   76.755314][ T2008] EXT4-fs (loop5): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,noload,,errors=continue. Quota mode: writeback.
[   76.856212][ T2016] loop5: detected capacity change from 0 to 128
[   76.918875][ T2019] loop1: detected capacity change from 0 to 256
[   76.944794][ T2016] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[   76.967685][ T2019] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[   76.991364][   T10] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[   77.253182][ T2022] loop5: detected capacity change from 0 to 40427
[   77.351713][ T2022] F2FS-fs (loop5): fault_injection options not supported
[   77.370812][ T2022] F2FS-fs (loop5): invalid crc value
[   77.401554][ T2022] F2FS-fs (loop5): Found nat_bits in checkpoint
[   77.459891][ T2034] loop1: detected capacity change from 0 to 40427
[   77.482260][ T2034] F2FS-fs (loop1): Invalid SB checksum offset: 0
[   77.496766][ T2034] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   77.496845][ T2022] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   77.551620][ T2034] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   77.560990][ T2037] loop3: detected capacity change from 0 to 40427
[   77.585184][ T2034] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   77.595681][ T2034] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   77.602777][ T2037] F2FS-fs (loop3): invalid crc value
[   77.634413][  T820] attempt to access beyond end of device
[   77.634413][  T820] loop5: rw=2049, want=45104, limit=40427
[   77.639159][ T2037] F2FS-fs (loop3): Found nat_bits in checkpoint
[   77.649280][  T820] attempt to access beyond end of device
[   77.649280][  T820] loop5: rw=2049, want=45136, limit=40427
[   77.671228][  T291] attempt to access beyond end of device
[   77.671228][  T291] loop1: rw=2049, want=45104, limit=40427
[   77.721753][ T2037] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[   77.736314][ T2037] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   77.781272][ T2052] syz.2.646[2052] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.781353][ T2052] syz.2.646[2052] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.799213][  T292] attempt to access beyond end of device
[   77.799213][  T292] loop3: rw=2049, want=45104, limit=40427
[   78.252309][ T2069] loop5: detected capacity change from 0 to 40427
[   78.346274][ T2069] F2FS-fs (loop5): invalid crc value
[   78.381832][ T2069] F2FS-fs (loop5): Found nat_bits in checkpoint
[   78.410672][  T413] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[   78.437350][ T2069] F2FS-fs (loop5): Cannot turn on quotas: -2 on 0
[   78.460840][ T2069] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[   78.511547][   T30] kauditd_printk_skb: 55 callbacks suppressed
[   78.511563][   T30] audit: type=1400 audit(1733157425.529:865): avc:  denied  { create } for  pid=2067 comm="syz.5.652" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[   78.554298][   T30] audit: type=1400 audit(1733157425.569:866): avc:  denied  { read } for  pid=2067 comm="syz.5.652" name="file0" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[   78.590323][  T820] attempt to access beyond end of device
[   78.590323][  T820] loop5: rw=2049, want=45104, limit=40427
[   78.590840][   T30] audit: type=1400 audit(1733157425.569:867): avc:  denied  { open } for  pid=2067 comm="syz.5.652" path="/114/bus/file0" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[   78.659207][   T30] audit: type=1400 audit(1733157425.569:868): avc:  denied  { ioctl } for  pid=2067 comm="syz.5.652" path="/114/bus/file0" dev="loop5" ino=10 ioctlcmd=0x1284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[   78.689296][  T413] usb 4-1: Using ep0 maxpacket: 16
[   78.810748][  T413] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[   78.823857][  T413] usb 4-1: config 0 has no interface number 0
[   78.831368][  T413] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 255
[   78.960756][  T413] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[   78.983821][  T413] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[   78.991912][ T2090] loop1: detected capacity change from 0 to 2048
[   78.995853][  T413] usb 4-1: Product: syz
[   79.010738][  T413] usb 4-1: SerialNumber: syz
[   79.019239][  T413] usb 4-1: config 0 descriptor??
[   79.033666][ T2090] EXT4-fs (loop1): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue. Quota mode: none.
[   79.040830][ T2077] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   79.070668][  T311] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   79.290786][  T312] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   79.341445][  T413] usb 4-1: invalid MIDI in EP 0
[   79.348582][  T413] snd-usb-audio: probe of 4-1:0.2 failed with error -22
[   79.359509][  T413] usb 4-1: USB disconnect, device number 10
[   79.400780][  T387] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   79.470784][  T311] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.487994][  T311] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.499210][  T311] usb 6-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[   79.511240][  T311] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.524347][  T311] usb 6-1: config 0 descriptor??
[   79.660861][  T312] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   79.670714][  T387] usb 2-1: Using ep0 maxpacket: 16
[   79.676127][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.696625][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.708219][  T312] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   79.725182][  T312] usb 3-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[   79.737843][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.751351][  T312] usb 3-1: config 0 descriptor??
[   79.820781][  T387] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   79.844513][ T2099] syz.3.662[2099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.844565][ T2099] syz.3.662[2099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.948533][ T2103] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=2103 comm=syz.3.664
[   79.996458][  T311] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0
[   80.008085][  T311] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0
[   80.019778][  T311] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0
[   80.031937][  T311] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0
[   80.044862][  T311] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0
[   80.056828][  T387] usb 2-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[   80.071844][  T387] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.085001][  T387] usb 2-1: Product: syz
[   80.091156][  T387] usb 2-1: Manufacturer: syz
[   80.097862][  T387] usb 2-1: SerialNumber: syz
[   80.111008][  T387] usb 2-1: config 0 descriptor??
[   80.211418][  T311] hid-led 0003:1D34:000A.000E: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.5-1/input0
[   80.239348][  T311] hid-led 0003:1D34:000A.000E: Dream Cheeky Webmail Notifier initialized
[   80.272535][  T312] logitech-djreceiver 0003:046D:C71F.000F: unknown main item tag 0x0
[   80.297919][  T312] logitech-djreceiver 0003:046D:C71F.000F: unknown main item tag 0x0
[   80.318470][  T312] logitech-djreceiver 0003:046D:C71F.000F: item fetching failed at offset 2/5
[   80.346259][ T2110] loop6: detected capacity change from 0 to 40427
[   80.350043][ T2112] loop3: detected capacity change from 0 to 40427
[   80.353629][  T312] logitech-djreceiver 0003:046D:C71F.000F: logi_dj_probe: parse failed
[   80.377896][   T30] audit: type=1400 audit(1733157427.399:869): avc:  denied  { mounton } for  pid=2109 comm="syz.6.667" path="/29/bus" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   80.413458][ T2112] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   80.422653][ T2112] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   80.428093][  T312] logitech-djreceiver: probe of 0003:046D:C71F.000F failed with error -22
[   80.446954][ T2112] F2FS-fs (loop3): invalid crc value
[   80.448624][ T2110] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   80.462227][ T2112] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   80.463047][ T2110] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   80.481732][ T2112] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   80.500835][   T26] usb 6-1: USB disconnect, device number 8
[   80.523949][  T312] usb 3-1: USB disconnect, device number 10
[   80.526149][ T2112] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   80.539045][ T2112] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   80.572488][ T2110] F2FS-fs (loop6): Found nat_bits in checkpoint
[   80.613771][ T2110] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   80.623461][ T2110] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   80.730777][  T387] usb 2-1: Found UVC 0.00 device syz (045e:0721)
[   80.738692][  T387] usb 2-1: No valid video chain found.
[   80.748781][  T387] usb 2-1: USB disconnect, device number 8
[   80.976819][ T2145] netlink: 20 bytes leftover after parsing attributes in process `syz.6.677'.
[   80.992932][ T2145] netlink: 20 bytes leftover after parsing attributes in process `syz.6.677'.
[   81.007920][ T2145] netlink: 20 bytes leftover after parsing attributes in process `syz.6.677'.
[   81.043229][ T2148] loop5: detected capacity change from 0 to 512
[   81.043603][ T2149] loop6: detected capacity change from 0 to 1024
[   81.072182][ T2149] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[   81.086670][ T2149] EXT4-fs (loop6): Mount option "nouser_xattr" will be removed by 3.5
[   81.086670][ T2149] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   81.086670][ T2149] 
[   81.110387][ T2149] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   81.131653][ T2149] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000004,grpquota,resuid=0x0000000000000000,nogrpid,dioread_nolock,jqfmt=vfsold,sysvgroups,noauto_da_alloc,nouser_xattr,,errors=continue. Quota mode: writeback.
[   81.133275][ T2151] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=2151 comm=syz.2.680
[   81.197737][ T2148] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   81.224174][ T2148] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.678: invalid indirect mapped block 4294967295 (level 0)
[   81.248746][ T2148] EXT4-fs (loop5): Remounting filesystem read-only
[   81.280669][ T2148] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.678: invalid indirect mapped block 4294967295 (level 1)
[   81.304385][ T2148] EXT4-fs (loop5): Remounting filesystem read-only
[   81.312878][ T2148] EXT4-fs (loop5): 1 orphan inode deleted
[   81.321712][ T2148] EXT4-fs (loop5): 1 truncate cleaned up
[   81.328887][ T2148] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,lazytime,debug_want_extra_isize=0x000000000000006e,block_validity,block_validity,quota,. Quota mode: writeback.
[   81.396678][   T30] audit: type=1400 audit(1733157428.409:870): avc:  denied  { setopt } for  pid=2160 comm="syz.1.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   81.453157][   T30] audit: type=1400 audit(1733157428.409:871): avc:  denied  { bind } for  pid=2160 comm="syz.1.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   81.482619][   T30] audit: type=1326 audit(1733157428.459:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2157 comm="syz.2.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   81.504856][ T2167] loop1: detected capacity change from 0 to 2048
[   81.533317][   T30] audit: type=1326 audit(1733157428.459:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2157 comm="syz.2.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   81.573459][   T30] audit: type=1326 audit(1733157428.459:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2157 comm="syz.2.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fb9cc559f19 code=0x7ffc0000
[   81.578716][ T2171] loop5: detected capacity change from 0 to 512
[   81.649741][ T2178] loop6: detected capacity change from 0 to 256
[   81.659826][ T2167] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,init_itable=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: writeback.
[   81.690819][ T2171] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   81.718442][ T2178] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   81.754647][ T2171] EXT4-fs (loop5): 1 truncate cleaned up
[   81.757462][ T2183] loop3: detected capacity change from 0 to 512
[   81.764203][ T2171] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback.
[   81.813889][ T2183] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[   81.822167][ T2171] syz.5.688 (pid 2171) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   81.859033][  T327] Bluetooth: hci0: Frame reassembly failed (-84)
[   81.908403][ T2183] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,nogrpid,,errors=continue. Quota mode: none.
[   81.944969][ T2198] loop5: detected capacity change from 0 to 1024
[   82.002235][ T2198] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   82.133931][ T2217] loop2: detected capacity change from 0 to 512
[   82.183518][ T2217] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   82.204114][ T2217] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.250666][  T413] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   82.500674][  T413] usb 7-1: Using ep0 maxpacket: 32
[   82.620762][  T413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.634399][  T413] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.647109][  T413] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   82.658448][  T413] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.670171][  T413] usb 7-1: config 0 descriptor??
[   82.711213][  T413] hub 7-1:0.0: USB hub found
[   83.010849][  T413] hub 7-1:0.0: config failed, can't read hub descriptor (err -22)
[   83.048830][ T2237] loop3: detected capacity change from 0 to 512
[   83.126962][ T2237] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.164196][ T2237] EXT4-fs (loop3): 1 truncate cleaned up
[   83.171911][ T2237] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   83.186918][ T2245] netlink: 8 bytes leftover after parsing attributes in process `syz.2.714'.
[   83.283051][  T413] hid-generic 0003:046D:C31C.0010: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.6-1/input0
[   83.601124][  T311] usb 7-1: USB disconnect, device number 4
[   83.684440][  T387] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   83.704187][ T2267] loop5: detected capacity change from 0 to 512
[   83.801025][ T2271] loop2: detected capacity change from 0 to 4096
[   83.802415][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #3: comm syz.5.723: corrupted inode contents
[   83.826984][ T2267] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #3: comm syz.5.723: mark_inode_dirty error
[   83.836521][ T2271] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,errors=continue,nolazytime,user_xattr,data_err=abort,stripe=0x0000000000000041,bsdgroups,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   83.843028][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #3: comm syz.5.723: corrupted inode contents
[   83.886450][ T2267] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.723: mark_inode_dirty error
[   83.899383][ T2267] __quota_error: 25 callbacks suppressed
[   83.899399][ T2267] Quota error (device loop5): write_blk: dquota write failed
[   83.905803][   T30] audit: type=1400 audit(1733157430.919:900): avc:  denied  { mount } for  pid=2270 comm="syz.2.725" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   83.908897][ T2267] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   83.917871][  T413] Bluetooth: hci0: command 0x1003 tx timeout
[   83.918086][   T47] Bluetooth: hci0: sending frame failed (-49)
[   83.945907][ T2267] EXT4-fs error (device loop5): ext4_acquire_dquot:6188: comm syz.5.723: Failed to acquire dquot type 0
[   83.988682][  T289] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 80: comm syz-executor: path /195/file1/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   83.988867][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #16: comm syz.5.723: corrupted inode contents
[   84.020653][  T387] usb 4-1: Using ep0 maxpacket: 16
[   84.038941][ T2267] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #16: comm syz.5.723: mark_inode_dirty error
[   84.061011][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #16: comm syz.5.723: corrupted inode contents
[   84.080319][ T2267] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #16: comm syz.5.723: mark_inode_dirty error
[   84.094395][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #16: comm syz.5.723: corrupted inode contents
[   84.108533][ T2267] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   84.119314][ T2267] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #16: comm syz.5.723: corrupted inode contents
[   84.140849][ T2267] EXT4-fs error (device loop5): ext4_truncate:4303: inode #16: comm syz.5.723: mark_inode_dirty error
[   84.158398][ T2267] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   84.168675][ T2267] EXT4-fs (loop5): 1 truncate cleaned up
[   84.175215][ T2267] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   84.190390][ T2267] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.208551][  T387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.245430][  T387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.259155][  T387] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[   84.269818][  T387] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.293692][  T387] usb 4-1: config 0 descriptor??
[   84.304416][   T30] audit: type=1400 audit(1733157431.319:901): avc:  denied  { mount } for  pid=2266 comm="syz.5.723" name="/" dev="configfs" ino=13734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   84.343655][   T30] audit: type=1400 audit(1733157431.319:902): avc:  denied  { read } for  pid=2266 comm="syz.5.723" name="/" dev="configfs" ino=13734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   84.388260][   T30] audit: type=1400 audit(1733157431.319:903): avc:  denied  { open } for  pid=2266 comm="syz.5.723" path="/124/file1/file0" dev="configfs" ino=13734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   84.421496][   T30] audit: type=1400 audit(1733157431.359:904): avc:  denied  { mounton } for  pid=2281 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   84.470002][ T2281] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.482272][ T2281] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.496776][ T2281] device bridge_slave_0 entered promiscuous mode
[   84.525776][ T2281] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.536627][ T2281] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.552614][ T2281] device bridge_slave_1 entered promiscuous mode
[   84.570248][ T2293] tmpfs: Unknown parameter 'nolazytime�'
[   84.597308][ T2295] loop6: detected capacity change from 0 to 256
[   84.708069][ T2281] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.722542][ T2281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.735564][ T2281] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.750195][ T2281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.790405][ T2296] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.799594][ T2296] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.810868][ T2296] device bridge_slave_0 entered promiscuous mode
[   84.820322][ T2296] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.828220][ T2296] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.837885][ T2296] device bridge_slave_1 entered promiscuous mode
[   84.861364][  T387] appleir 0003:05AC:8241.0011: unknown main item tag 0x0
[   84.872589][  T387] appleir 0003:05AC:8241.0011: unknown main item tag 0x0
[   84.880130][  T387] appleir 0003:05AC:8241.0011: unknown main item tag 0x0
[   84.890044][  T387] appleir 0003:05AC:8241.0011: unknown main item tag 0x0
[   84.901189][  T387] appleir 0003:05AC:8241.0011: unknown main item tag 0x0
[   84.910447][  T387] appleir 0003:05AC:8241.0011: No inputs registered, leaving
[   84.924380][  T387] appleir 0003:05AC:8241.0011: hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[   84.972373][ T2307] loop6: detected capacity change from 0 to 512
[   84.996217][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.008709][  T435] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.020229][  T435] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.040300][ T2307] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.740: bg 0: block 393: padding at end of block bitmap is not set
[   85.060735][ T2307] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   85.075851][    T8] device bridge_slave_1 left promiscuous mode
[   85.082767][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.090963][ T2307] EXT4-fs (loop6): 2 truncates cleaned up
[   85.102797][ T2307] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   85.104184][    T8] device bridge_slave_0 left promiscuous mode
[   85.127005][ T2307] EXT4-fs error (device loop6): empty_inline_dir:1869: inode #12: block 7: comm syz.6.740: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[   85.137230][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.165891][   T39] usb 4-1: USB disconnect, device number 11
[   85.175546][ T2307] EXT4-fs warning (device loop6): empty_inline_dir:1876: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[   85.211129][    T8] device veth1_macvtap left promiscuous mode
[   85.220020][    T8] device veth0_vlan left promiscuous mode
[   85.334173][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.344678][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.355406][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.386629][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.397382][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.409999][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.419079][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.453873][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   85.464662][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.476401][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   85.480462][ T2316] loop6: detected capacity change from 0 to 1024
[   85.487696][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.518733][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   85.533623][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.553293][ T2281] device veth0_vlan entered promiscuous mode
[   85.561214][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   85.571663][ T2316] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   85.571738][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.598022][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.609874][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.630916][ T2316] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   85.635338][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   85.652046][ T2316] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[   85.672524][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.680940][ T2316] EXT4-fs (loop6): This should not happen!! Data will be lost
[   85.680940][ T2316] 
[   85.702526][ T2281] device veth1_macvtap entered promiscuous mode
[   85.714435][ T2316] EXT4-fs (loop6): Total free blocks count 0
[   85.721828][ T2316] EXT4-fs (loop6): Free/Dirty block details
[   85.729270][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   85.729678][ T2316] EXT4-fs (loop6): free_blocks=68451041280
[   85.742851][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.757312][ T2316] EXT4-fs (loop6): dirty_blocks=64
[   85.758330][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.767259][ T2316] EXT4-fs (loop6): Block reservation details
[   85.783294][ T2316] EXT4-fs (loop6): i_reserved_data_blocks=4
[   85.792836][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   85.798116][ T2315] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 60 with error 28
[   85.810720][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.840906][ T2315] EXT4-fs (loop6): This should not happen!! Data will be lost
[   85.840906][ T2315] 
[   85.871324][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.883010][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.892517][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   85.904348][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.915008][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.929410][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.939639][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   85.977324][ T2321] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[   85.990872][   T39] Bluetooth: hci0: command 0x1001 tx timeout
[   86.019578][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   86.034697][   T47] Bluetooth: hci0: sending frame failed (-49)
[   86.035441][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   86.059401][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   86.071923][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   86.087265][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   86.101664][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   86.110768][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   86.122349][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   86.151713][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   86.164441][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   86.188414][ T2296] device veth0_vlan entered promiscuous mode
[   86.227095][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   86.241858][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   86.252918][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   86.282823][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   86.312349][   T30] audit: type=1400 audit(1733157433.329:905): avc:  denied  { read } for  pid=2341 comm="syz.7.751" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   86.351324][ T2296] device veth1_macvtap entered promiscuous mode
[   86.374591][   T30] audit: type=1400 audit(1733157433.329:906): avc:  denied  { open } for  pid=2341 comm="syz.7.751" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   86.411870][ T2336] device wireguard0 entered promiscuous mode
[   86.420670][   T30] audit: type=1400 audit(1733157433.329:907): avc:  denied  { ioctl } for  pid=2341 comm="syz.7.751" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   86.451651][ T2348] loop7: detected capacity change from 0 to 256
[   86.473455][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   86.491744][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   86.503215][ T2348] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   86.523049][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   86.535606][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   86.561144][ T2348] loop7: detected capacity change from 256 to 0
[   86.579714][    C0] blk_update_request: I/O error, dev loop7, sector 20 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.596686][ T2350] FAT-fs (loop7): Directory bread(block 5) failed
[   86.615344][    C0] blk_update_request: I/O error, dev loop7, sector 20 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.630184][ T2350] FAT-fs (loop7): Directory bread(block 5) failed
[   86.653666][    C0] blk_update_request: I/O error, dev loop7, sector 20 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.668798][ T2350] FAT-fs (loop7): Directory bread(block 5) failed
[   86.698999][    C0] blk_update_request: I/O error, dev loop7, sector 20 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.715218][ T2281] FAT-fs (loop7): Directory bread(block 5) failed
[   86.729228][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.745192][ T2281] FAT-fs (loop7): unable to read boot sector to mark fs as dirty
[   86.922665][    T8] device bridge_slave_1 left promiscuous mode
[   86.932138][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.947183][    T8] device bridge_slave_0 left promiscuous mode
[   86.956150][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.969066][    T8] device veth1_macvtap left promiscuous mode
[   86.979897][    T8] device veth0_vlan left promiscuous mode
[   87.014756][ T2352] loop8: detected capacity change from 0 to 131072
[   87.070666][  T311] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   87.086735][ T2352] F2FS-fs (loop8): Segment count (31) mismatch with total segments from devices (0)
[   87.099467][ T2352] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   87.110998][ T2352] F2FS-fs (loop8): invalid crc value
[   87.122820][ T2352] F2FS-fs (loop8): Found nat_bits in checkpoint
[   87.162600][ T2352] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   87.172240][ T2352] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[   87.223983][ T2352] F2FS-fs (loop8): f2fs_fill_dentries: corrupted namelen=24152, run fsck to fix.
[   87.247101][ T2352] F2FS-fs (loop8): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[   87.361215][  T311] usb 4-1: Using ep0 maxpacket: 16
[   87.373397][ T2367] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.389637][ T2367] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.401162][ T2367] device bridge_slave_0 entered promiscuous mode
[   87.412083][ T2367] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.424815][ T2367] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.464518][ T2367] device bridge_slave_1 entered promiscuous mode
[   87.480767][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.524077][ T2377] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   87.530660][  T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.536247][ T2377] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[   87.568991][ T2377] SELinux:  duplicate or incompatible mount options
[   87.577043][  T311] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[   87.604815][  T311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.638413][  T311] usb 4-1: config 0 descriptor??
[   87.685721][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   87.696070][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   87.708542][ T2383] device wireguard0 entered promiscuous mode
[   87.724353][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.735880][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.749707][  T435] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.761460][  T435] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.771698][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.790085][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.808325][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.820175][  T435] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.828366][  T435] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.852306][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.870867][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.896896][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.913290][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.925520][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.934719][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.943200][ T2367] device veth0_vlan entered promiscuous mode
[   87.962810][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   87.993156][ T2367] device veth1_macvtap entered promiscuous mode
[   88.015429][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.046897][  T435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.070864][   T39] Bluetooth: hci0: command 0x1009 tx timeout
[   88.121605][ T2388] loop9: detected capacity change from 0 to 512
[   88.138606][  T311] hid-multitouch 0003:1FD2:6007.0012: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[   88.201384][    T8] device bridge_slave_1 left promiscuous mode
[   88.208918][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.217933][    T8] device bridge_slave_0 left promiscuous mode
[   88.225834][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.240264][ T2388] loop9: detected capacity change from 0 to 512
[   88.249923][    T8] device veth1_macvtap left promiscuous mode
[   88.266240][    T8] device veth0_vlan left promiscuous mode
[   88.291510][ T2388] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0002]
[   88.303292][ T2388] System zones: 0-2, 18-18, 34-35
[   88.322214][ T2388] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   88.371959][  T413] usb 4-1: USB disconnect, device number 12
[   88.404857][ T2388] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.446963][ T2386] loop8: detected capacity change from 0 to 131072
[   88.451895][ T2388] EXT4-fs error (device loop9): ext4_acquire_dquot:6188: comm syz.9.767: Failed to acquire dquot type 1
[   88.497879][ T2393] loop6: detected capacity change from 0 to 512
[   88.516845][ T2395] �: renamed from pim6reg1
[   88.516862][ T2386] F2FS-fs (loop8): invalid crc value
[   88.518504][ T2386] F2FS-fs (loop8): Found nat_bits in checkpoint
[   88.574319][ T2393] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   88.575136][ T2386] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   88.589877][ T2393] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.757636][ T2410] loop6: detected capacity change from 0 to 1024
[   88.795340][ T2410] EXT4-fs (loop6): Test dummy encryption mode enabled
[   88.830961][ T2410] EXT4-fs (loop6): Test dummy encryption mode enabled
[   88.845783][ T2410] EXT4-fs (loop6): Ignoring removed orlov option
[   88.861221][ T2410] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[   88.981885][ T2416] loop6: detected capacity change from 0 to 1024
[   89.032680][ T2416] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[   89.037885][ T2424] loop8: detected capacity change from 0 to 128
[   89.053133][ T2416] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,data_err=abort,resuid=0x0000000000000000,errors=remount-ro,norecovery,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000005,noinit_itable,nomblk_io_submit,grpquota,nogrpid,. Quota mode: writeback.
[   89.122922][ T2424] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   89.135558][ T2424] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.225660][ T2429] device wireguard0 entered promiscuous mode
[   89.250754][   T20] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[   89.442032][   T30] kauditd_printk_skb: 7 callbacks suppressed
[   89.442045][   T30] audit: type=1326 audit(1733157436.449:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="syz.8.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.542518][   T30] audit: type=1326 audit(1733157436.449:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="syz.8.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.579838][   T30] audit: type=1326 audit(1733157436.449:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="syz.8.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.612839][   T30] audit: type=1326 audit(1733157436.449:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.657375][   T30] audit: type=1326 audit(1733157436.449:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.688683][   T30] audit: type=1326 audit(1733157436.449:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.724742][ T2453] loop6: detected capacity change from 0 to 128
[   89.731940][   T30] audit: type=1326 audit(1733157436.459:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.774420][   T30] audit: type=1326 audit(1733157436.459:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.806701][   T20] usb 4-1: config 0 has no interfaces?
[   89.819906][   T30] audit: type=1326 audit(1733157436.459:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.855042][   T20] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[   89.868403][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.878524][   T20] usb 4-1: config 0 descriptor??
[   89.886408][   T30] audit: type=1326 audit(1733157436.499:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2441 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a977ef19 code=0x7ffc0000
[   89.942819][ T2453] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   89.966694][ T2453] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   90.041920][ T2457] device wireguard0 entered promiscuous mode
[   90.132301][  T312] usb 4-1: USB disconnect, device number 13
[   90.331656][ T2474] loop8: detected capacity change from 0 to 40427
[   90.348368][  T387] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x4
[   90.366856][  T387] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x2
[   90.381079][   T20] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   90.391049][  T387] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x3
[   90.403659][  T387] hid-generic 0000:3000000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   90.432115][ T2474] F2FS-fs (loop8): Unrecognized mount option "01777777777777777777777��01777777777777777777777" or missing value
[   90.465793][ T2486] loop9: detected capacity change from 0 to 512
[   90.585827][ T2486] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   90.600087][ T2486] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.740700][   T20] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.770733][   T20] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.790653][   T20] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   90.817827][   T20] usb 7-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[   90.833575][   T20] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.860946][   T20] usb 7-1: config 0 descriptor??
[   91.331750][   T20] prodikeys 0003:041E:2801.0014: unexpected long global item
[   91.341642][   T20] prodikeys 0003:041E:2801.0014: hid parse failed
[   91.353739][   T20] prodikeys: probe of 0003:041E:2801.0014 failed with error -22
[   91.532056][   T20] usb 7-1: USB disconnect, device number 5
[   92.372832][ T2512] loop8: detected capacity change from 0 to 512
[   92.432233][  T387] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[   92.477821][ T2515] loop9: detected capacity change from 0 to 256
[   92.717364][  T387] usb 4-1: Using ep0 maxpacket: 16
[   92.840919][  T387] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.874632][  T387] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.936609][  T387] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   93.053998][ T2504] device wireguard0 entered promiscuous mode
[   93.073193][ T2512] EXT4-fs (loop8): Mount option "nojournal_checksum" incompatible with ext3
[   93.090293][ T2515] FAT-fs (loop9): Directory bread(block 64) failed
[   93.103248][  T387] usb 4-1: config 0 interface 0 has no altsetting 0
[   93.114530][ T2515] FAT-fs (loop9): Directory bread(block 65) failed
[   93.127642][  T387] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[   93.140047][ T2518] loop6: detected capacity change from 0 to 512
[   93.143609][ T2515] FAT-fs (loop9): Directory bread(block 66) failed
[   93.170501][  T387] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.170742][ T2515] FAT-fs (loop9): Directory bread(block 67) failed
[   93.195195][ T2515] FAT-fs (loop9): Directory bread(block 68) failed
[   93.215094][  T387] usb 4-1: config 0 descriptor??
[   93.222774][ T2515] FAT-fs (loop9): Directory bread(block 69) failed
[   93.233909][ T2515] FAT-fs (loop9): Directory bread(block 70) failed
[   93.249458][ T2515] FAT-fs (loop9): Directory bread(block 71) failed
[   93.249910][ T2518] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   93.262814][ T2515] FAT-fs (loop9): Directory bread(block 72) failed
[   93.287984][ T2515] FAT-fs (loop9): Directory bread(block 73) failed
[   93.303278][ T2522] netlink: 'syz.1.813': attribute type 1 has an invalid length.
[   93.306945][ T2518] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.397254][ T2512] 9pnet: p9_errstr2errno: server reported unknown error a��?���wjk�#�b�k�b��X���^��N͖g��������+�J�<G]��T����N�6�����
[   93.577010][ T2545] loop8: detected capacity change from 0 to 512
[   93.626225][ T2545] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   93.647791][ T2545] EXT4-fs (loop8): 1 truncate cleaned up
[   93.655709][ T2545] EXT4-fs (loop8): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   93.705819][  T387] hid-generic 0003:045E:05DA.0015: ignoring exceeding usage max
[   93.736991][  T387] hid-generic 0003:045E:05DA.0015: hidraw0: USB HID v0.00 Device [HID 045e:05da] on usb-dummy_hcd.3-1/input0
[   93.761125][  T312] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   93.851895][   T39] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   93.952092][  T387] usb 4-1: USB disconnect, device number 14
[   94.040946][  T312] usb 10-1: Using ep0 maxpacket: 8
[   94.131419][   T39] usb 7-1: Using ep0 maxpacket: 32
[   94.191182][  T312] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.209519][  T312] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.224700][   T26] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   94.235035][  T312] usb 10-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[   94.249646][  T312] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.260793][  T312] usb 10-1: config 0 descriptor??
[   94.280743][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.293930][   T39] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.315846][   T39] usb 7-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[   94.340411][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.354500][   T39] usb 7-1: config 0 descriptor??
[   94.378864][ T2565] loop1: detected capacity change from 0 to 40427
[   94.470656][   T26] usb 9-1: Using ep0 maxpacket: 16
[   94.483323][ T2565] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   94.499442][ T2565] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   94.534468][ T2565] F2FS-fs (loop1): invalid crc value
[   94.548196][ T2565] F2FS-fs (loop1): Found nat_bits in checkpoint
[   94.591555][ T2565] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   94.601132][ T2565] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   94.610816][   T26] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 8
[   94.637187][ T2577] incfs: Options parsing error. -22
[   94.645260][ T2577] incfs: mount failed -22
[   94.645407][ T2565] attempt to access beyond end of device
[   94.645407][ T2565] loop1: rw=2049, want=45104, limit=40427
[   94.675169][ T2565] attempt to access beyond end of device
[   94.675169][ T2565] loop1: rw=0, want=77832, limit=40427
[   94.697469][ T2579] loop3: detected capacity change from 0 to 512
[   94.708704][  T435] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   94.726750][  T435] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   94.753883][ T2579] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.766723][  T312] steelseries_srws1 0003:1038:1410.0016: unknown main item tag 0xd
[   94.778419][  T312] steelseries_srws1 0003:1038:1410.0016: item fetching failed at offset 6/7
[   94.793388][  T312] steelseries_srws1 0003:1038:1410.0016: parse failed
[   94.805717][  T312] steelseries_srws1: probe of 0003:1038:1410.0016 failed with error -22
[   94.816789][ T2579] EXT4-fs (loop3): 1 truncate cleaned up
[   94.828249][ T2579] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   94.865496][   T26] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   94.881191][   T26] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.901840][   T26] usb 9-1: Product: syz
[   94.908394][   T26] usb 9-1: Manufacturer: syz
[   94.917546][   T26] usb 9-1: SerialNumber: syz
[   94.927635][   T39] greenasia 0003:0E8F:0012.0017: item fetching failed at offset 0/3
[   94.953323][   T39] greenasia 0003:0E8F:0012.0017: parse failed
[   94.959740][   T26] usb 9-1: config 0 descriptor??
[   94.971692][   T39] greenasia: probe of 0003:0E8F:0012.0017 failed with error -22
[   94.989372][  T387] usb 10-1: USB disconnect, device number 2
[   95.031460][   T26] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[   95.082283][   T26] usb 9-1: Detected FT232RL
[   95.130612][  T312] usb 7-1: USB disconnect, device number 6
[   95.236877][   T30] kauditd_printk_skb: 44 callbacks suppressed
[   95.236894][   T30] audit: type=1326 audit(1733157442.249:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.290514][   T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   95.305377][   T30] audit: type=1326 audit(1733157442.249:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.339815][   T30] audit: type=1326 audit(1733157442.319:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.391579][   T30] audit: type=1326 audit(1733157442.319:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.432223][   T30] audit: type=1326 audit(1733157442.319:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.463949][   T30] audit: type=1326 audit(1733157442.319:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.502926][   T30] audit: type=1326 audit(1733157442.319:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.545556][ T2600] loop1: detected capacity change from 0 to 256
[   95.558466][   T30] audit: type=1326 audit(1733157442.319:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.603802][   T30] audit: type=1326 audit(1733157442.349:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.639443][ T2600] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.659639][   T26] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   95.682564][   T30] audit: type=1326 audit(1733157442.349:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2593 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f450561ff19 code=0x7ffc0000
[   95.752379][ T2600] Trying to write to read-only block-device loop1
[   95.768480][ T2600] Trying to write to read-only block-device loop1
[   95.776608][ T2600] Trying to write to read-only block-device loop1
[   95.863669][  T311] usb 9-1: USB disconnect, device number 2
[   95.886290][  T311] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   95.902880][  T311] ftdi_sio 9-1:0.0: device disconnected
[   95.919154][  T291] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 0000ff00)
[   95.942204][  T291] FAT-fs (loop1): Filesystem has been set read-only
[   95.957294][  T291] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 0000ff00)
[   96.024415][ T2617] loop6: detected capacity change from 0 to 512
[   96.067062][ T2617] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   96.079040][ T2617] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[   96.109787][ T2617] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[   96.122762][ T2617] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   96.140132][ T2617] System zones: 0-2, 18-18, 34-34
[   96.147780][ T2617] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   96.168303][ T2617] EXT4-fs (loop6): 1 truncate cleaned up
[   96.175076][ T2617] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   96.254259][ T2624] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.266246][ T2624] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.277709][ T2624] device bridge_slave_0 entered promiscuous mode
[   96.291251][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.303370][ T2624] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.311952][ T2624] device bridge_slave_1 entered promiscuous mode
[   96.383522][ T2624] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.397391][ T2624] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.414982][ T2624] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.426283][ T2624] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.478716][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.496961][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.523515][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.537550][ T2641] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[   96.551612][ T2641] SELinux: security_context_str_to_sid(staff_u) failed for (dev fuse, type fuse) errno=-22
[   96.570612][ T2643] SELinux:  policydb version 0 does not match my version range 15-33
[   96.583510][ T2643] SELinux: failed to load policy
[   96.594362][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.625730][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.635253][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.644301][   T47] Bluetooth: hci0: sending frame failed (-49)
[   96.657287][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.671705][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.683245][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.693921][  T387] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[   96.714872][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.733836][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.745440][  T327] device bridge_slave_1 left promiscuous mode
[   96.753931][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.765360][  T327] device bridge_slave_0 left promiscuous mode
[   96.777558][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.789307][  T327] device veth1_macvtap left promiscuous mode
[   96.804704][  T327] device veth0_vlan left promiscuous mode
[   96.909194][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   96.924307][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   96.935255][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   96.941682][  T387] usb 10-1: Using ep0 maxpacket: 32
[   96.948387][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   96.967483][ T2624] device veth0_vlan entered promiscuous mode
[   96.986609][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   97.000275][ T2624] device veth1_macvtap entered promiscuous mode
[   97.018614][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   97.038065][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   97.048907][ T2650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   97.081271][  T387] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.095706][  T387] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.135630][  T387] usb 10-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[   97.147687][  T387] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.161737][  T387] usb 10-1: config 0 descriptor??
[   97.297547][ T2661] loop6: detected capacity change from 0 to 40427
[   97.342312][ T2661] F2FS-fs (loop6): fault_injection options not supported
[   97.354757][ T2661] F2FS-fs (loop6): invalid crc value
[   97.364178][ T2661] F2FS-fs (loop6): Found nat_bits in checkpoint
[   97.397080][ T2661] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   97.422967][ T1339] attempt to access beyond end of device
[   97.422967][ T1339] loop6: rw=2049, want=45112, limit=40427
[   97.490670][   T39] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[   97.522649][ T2676] syz.0.873[2676] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.522729][ T2676] syz.0.873[2676] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   97.558202][ T2680] option changes via remount are deprecated (pid=2679 comm=syz.0.874)
[   97.651538][  T387] greenasia 0003:0E8F:0012.0018: item fetching failed at offset 0/3
[   97.669871][  T387] greenasia 0003:0E8F:0012.0018: parse failed
[   97.677676][  T387] greenasia: probe of 0003:0E8F:0012.0018 failed with error -22
[   97.770707][   T39] usb 4-1: Using ep0 maxpacket: 16
[   97.859689][   T56] usb 10-1: USB disconnect, device number 3
[   97.890824][   T39] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.905790][   T39] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[   97.918134][   T39] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   97.933880][   T39] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   97.945781][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.980976][ T2659] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   98.001303][   T39] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[   98.211537][   T39] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[   98.220701][   T39] usb 4-1: USB disconnect, device number 15
[   98.384473][ T2695] loop9: detected capacity change from 0 to 512
[   98.411868][ T2695] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[   98.427070][ T2695] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[   98.443394][ T2695] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[   98.455334][ T2695] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   98.470508][ T2701] incfs: Options parsing error. -22
[   98.474389][ T2695] System zones: 0-2, 18-18, 34-34
[   98.479233][ T2701] incfs: mount failed -22
[   98.495073][ T2695] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   98.512796][ T2695] EXT4-fs (loop9): 1 truncate cleaned up
[   98.521998][ T2695] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   98.711077][   T39] Bluetooth: hci0: command 0x1003 tx timeout
[   98.721722][   T47] Bluetooth: hci0: sending frame failed (-49)
[   98.763915][ T2718] loop3: detected capacity change from 0 to 2048
[   98.862644][ T2718] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   98.879332][ T2718] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.891: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   98.920838][  T413] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[   99.310989][  T413] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.324157][  T413] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.336090][  T413] usb 10-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[   99.351882][  T413] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.363046][  T413] usb 10-1: config 0 descriptor??
[   99.520745][   T39] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   99.770749][   T39] usb 1-1: Using ep0 maxpacket: 32
[   99.841448][  T413] zydacron 0003:13EC:0006.0019: unknown main item tag 0x0
[   99.852307][  T413] zydacron 0003:13EC:0006.0019: unknown main item tag 0x0
[   99.860176][  T413] zydacron 0003:13EC:0006.0019: unknown main item tag 0x0
[   99.872446][  T413] zydacron 0003:13EC:0006.0019: unknown main item tag 0x0
[   99.882734][  T413] zydacron 0003:13EC:0006.0019: item fetching failed at offset 4/5
[   99.897168][  T413] zydacron 0003:13EC:0006.0019: parse failed
[   99.904362][  T413] zydacron: probe of 0003:13EC:0006.0019 failed with error -22
[   99.919841][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.941746][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.957729][   T39] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[   99.970263][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.986515][   T39] usb 1-1: config 0 descriptor??
[  100.041805][  T413] usb 10-1: USB disconnect, device number 4
[  100.472048][   T39] greenasia 0003:0E8F:0012.001A: item fetching failed at offset 0/3
[  100.482528][   T39] greenasia 0003:0E8F:0012.001A: parse failed
[  100.491004][   T39] greenasia: probe of 0003:0E8F:0012.001A failed with error -22
[  100.556599][ T2730] loop3: detected capacity change from 0 to 512
[  100.580900][ T2734] incfs: Options parsing error. -22
[  100.598539][ T2734] incfs: mount failed -22
[  100.642021][ T2730] EXT4-fs (loop3): Mount option "nojournal_checksum" incompatible with ext3
[  100.683412][   T20] usb 1-1: USB disconnect, device number 4
[  100.757569][ T2730] 9pnet: p9_errstr2errno: server reported unknown error a��?���wjk�#�b�k�b��X���^��N͖g��������+�J�<G]��T����N�6�����
[  100.793551][   T39] Bluetooth: hci0: command 0x1001 tx timeout
[  100.801279][   T47] Bluetooth: hci0: sending frame failed (-49)
[  102.870865][  T413] Bluetooth: hci0: command 0x1009 tx timeout
[  106.891187][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  106.891201][   T30] audit: type=1326 audit(1733157453.909:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.017972][ T2757] loop8: detected capacity change from 0 to 512
[  107.018852][   T30] audit: type=1326 audit(1733157453.909:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.130676][   T30] audit: type=1326 audit(1733157453.909:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.199311][ T2757] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  107.199620][   T30] audit: type=1326 audit(1733157453.909:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.283144][   T30] audit: type=1326 audit(1733157453.909:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.291701][ T2757] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  107.360508][ T2769] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  107.363568][   T30] audit: type=1326 audit(1733157453.909:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.514409][ T2757] EXT4-fs (loop8): warning: checktime reached, running e2fsck is recommended
[  107.554888][ T2757] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  107.561399][   T30] audit: type=1326 audit(1733157453.909:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  107.595990][ T2757] System zones: 0-2, 18-18, 34-34
[  107.660124][   T30] audit: type=1326 audit(1733157453.909:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.716660][ T2757] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  107.729975][   T30] audit: type=1326 audit(1733157453.939:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2747 comm="syz.0.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f857623ff19 code=0x7ffc0000
[  107.785723][ T2757] EXT4-fs (loop8): 1 truncate cleaned up
[  107.798698][ T2757] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  107.879417][ T2789] input: syz1 as /devices/virtual/input/input11
[  107.915128][   T30] audit: type=1400 audit(1733157454.929:1002): avc:  denied  { set_context_mgr } for  pid=2791 comm="syz.0.916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  107.960898][  T387] ==================================================================
[  107.976786][  T387] BUG: KASAN: use-after-free in __list_del_entry_valid+0x2f/0x120
[  107.986983][  T387] Read of size 8 at addr ffff88810aa74888 by task kworker/0:4/387
[  107.999961][  T387] 
[  108.003254][  T387] CPU: 0 PID: 387 Comm: kworker/0:4 Tainted: G        W         5.15.169-syzkaller-00123-g9efd694ed939 #0
[  108.019503][  T387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  108.035044][  T387] Workqueue: events binder_deferred_func
[  108.051225][  T387] Call Trace:
[  108.057459][  T387]  <TASK>
[  108.060833][  T387]  dump_stack_lvl+0x151/0x1c0
[  108.065705][  T387]  ? io_uring_drop_tctx_refs+0x190/0x190
[  108.076717][  T387]  ? panic+0x760/0x760
[  108.081242][  T387]  ? kasan_quarantine_put+0x34/0x1a0
[  108.096122][  T387]  print_address_description+0x87/0x3b0
[  108.106130][  T387]  kasan_report+0x179/0x1c0
[  108.110980][  T387]  ? _raw_spin_lock+0xa4/0x1b0
[  108.117464][  T387]  ? __list_del_entry_valid+0x2f/0x120
[  108.125294][  T387]  ? __list_del_entry_valid+0x2f/0x120
[  108.131543][  T387]  __asan_report_load8_noabort+0x14/0x20
[  108.141065][  T387]  __list_del_entry_valid+0x2f/0x120
[  108.150781][  T387]  binder_release_work+0xcd/0x680
[  108.162526][  T387]  binder_deferred_func+0x1847/0x1bc0
[  108.169180][  T387]  ? read_word_at_a_time+0x12/0x20
[  108.174256][  T387]  process_one_work+0x6bb/0xc10
[  108.179729][  T387]  worker_thread+0xad5/0x12a0
[  108.190338][  T387]  ? _raw_spin_lock+0x1b0/0x1b0
[  108.199637][  T387]  kthread+0x421/0x510
[  108.206315][  T387]  ? worker_clr_flags+0x180/0x180
[  108.212576][  T387]  ? kthread_blkcg+0xd0/0xd0
[  108.217850][  T387]  ret_from_fork+0x1f/0x30
[  108.222357][  T387]  </TASK>
[  108.227117][  T387] 
[  108.229865][  T387] Allocated by task 2792:
[  108.234282][  T387]  ____kasan_kmalloc+0xdb/0x110
[  108.244405][  T387]  __kasan_kmalloc+0x9/0x10
[  108.251169][  T387]  kmem_cache_alloc_trace+0x115/0x210
[  108.256947][  T387]  binder_thread_write+0x9f5/0x6ec0
[  108.264631][  T387]  binder_ioctl_write_read+0x205/0x7300
[  108.273043][  T387]  binder_ioctl+0x371/0x2640
[  108.277830][  T387]  __se_sys_ioctl+0x114/0x190
[  108.285033][  T387]  __x64_sys_ioctl+0x7b/0x90
[  108.290768][  T387]  x64_sys_call+0x98/0x9a0
[  108.295131][  T387]  do_syscall_64+0x3b/0xb0
[  108.304710][  T387]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  108.311376][  T387] 
[  108.314594][  T387] Freed by task 387:
[  108.323316][  T387]  kasan_set_track+0x4b/0x70
[  108.329480][  T387]  kasan_set_free_info+0x23/0x40
[  108.335510][  T387]  ____kasan_slab_free+0x126/0x160
[  108.344093][  T387]  __kasan_slab_free+0x11/0x20
[  108.354018][  T387]  slab_free_freelist_hook+0xbd/0x190
[  108.364104][  T387]  kfree+0xc8/0x220
[  108.373552][  T387]  binder_free_ref+0x128/0x260
[  108.380075][  T387]  binder_deferred_func+0x171c/0x1bc0
[  108.386949][  T387]  process_one_work+0x6bb/0xc10
[  108.392474][  T387]  worker_thread+0xad5/0x12a0
[  108.400571][  T387]  kthread+0x421/0x510
[  108.410572][  T387]  ret_from_fork+0x1f/0x30
[  108.418552][  T387] 
[  108.421892][  T387] Last potentially related work creation:
[  108.428525][  T387]  kasan_save_stack+0x3b/0x60
[  108.438530][  T387]  __kasan_record_aux_stack+0xd3/0xf0
[  108.447206][  T387]  kasan_record_aux_stack_noalloc+0xb/0x10
[  108.454169][  T387]  kvfree_call_rcu+0xb1/0x8b0
[  108.459618][  T387]  fib_notifier_ops_unregister+0xe7/0x100
[  108.469474][  T387]  fib6_notifier_exit+0x3b/0x40
[  108.475507][  T387]  fib6_net_exit+0x305/0x320
[  108.485865][  T387]  cleanup_net+0x64b/0xc00
[  108.490564][  T387]  process_one_work+0x6bb/0xc10
[  108.495673][  T387]  worker_thread+0xad5/0x12a0
[  108.503606][  T387]  kthread+0x421/0x510
[  108.509429][  T387]  ret_from_fork+0x1f/0x30
[  108.514971][  T387] 
[  108.518967][  T387] Second to last potentially related work creation:
[  108.528261][  T387]  kasan_save_stack+0x3b/0x60
[  108.534358][  T387]  __kasan_record_aux_stack+0xd3/0xf0
[  108.540622][  T387]  kasan_record_aux_stack_noalloc+0xb/0x10
[  108.549058][  T387]  call_rcu+0x123/0x10b0
[  108.558471][  T387]  __percpu_ref_switch_mode+0x342/0x620
[  108.568492][  T387]  percpu_ref_kill_and_confirm+0xa3/0x220
[  108.582354][  T387]  blkg_destroy+0x594/0x5f0
[  108.587664][  T387]  blkg_destroy_all+0xd2/0x440
[  108.593237][  T387]  blkcg_exit_queue+0x15/0x20
[  108.603237][  T387]  blk_release_queue+0x148/0x270
[  108.609658][  T387]  kobject_put+0x178/0x260
[  108.614074][  T387]  blk_put_queue+0x19/0x20
[  108.620382][  T387]  scsi_device_dev_release_usercontext+0x58e/0x840
[  108.633352][  T387]  execute_in_process_context+0x1af/0x240
[  108.645735][  T387]  scsi_device_dev_release+0xf8/0x110
[  108.652519][  T387]  device_release+0x95/0x1c0
[  108.658331][  T387]  kobject_put+0x178/0x260
[  108.663379][  T387]  put_device+0x1f/0x30
[  108.672168][  T387]  __scsi_remove_device+0x307/0x370
[  108.679456][  T387]  scsi_probe_and_add_lun+0x2360/0x4320
[  108.688988][  T387]  __scsi_scan_target+0x1ed/0xe30
[  108.695500][  T387]  scsi_scan_host_selected+0x334/0x5f0
[  108.708112][  T387]  scsi_scan_host+0x3a8/0x670
[  108.713490][  T387]  virtscsi_probe+0x930/0xc30
[  108.719804][  T387]  virtio_dev_probe+0x891/0xae0
[  108.727333][  T387]  really_probe+0x28d/0x970
[  108.735150][  T387]  __driver_probe_device+0x1a0/0x310
[  108.741804][  T387]  driver_probe_device+0x54/0x3d0
[  108.751848][  T387]  __driver_attach+0x446/0x590
[  108.758519][  T387]  bus_for_each_dev+0x17b/0x1f0
[  108.763183][  T387]  driver_attach+0x42/0x50
[  108.770661][  T387]  bus_add_driver+0x33f/0x590
[  108.778433][  T387]  driver_register+0x2e2/0x3e0
[  108.788513][  T387]  register_virtio_driver+0x97/0xc0
[  108.797466][  T387]  init+0x66/0xe0
[  108.801377][  T387]  do_one_initcall+0x182/0x610
[  108.807287][  T387]  do_initcall_level+0x186/0x310
[  108.814138][  T387]  do_initcalls+0x4e/0x90
[  108.818315][  T387]  do_basic_setup+0x81/0x90
[  108.824452][  T387]  kernel_init_freeable+0x2c1/0x400
[  108.831383][  T387]  kernel_init+0x1d/0x290
[  108.835806][  T387]  ret_from_fork+0x1f/0x30
[  108.845838][  T387] 
[  108.848842][  T387] The buggy address belongs to the object at ffff88810aa74880
[  108.848842][  T387]  which belongs to the cache kmalloc-64 of size 64
[  108.869988][  T387] The buggy address is located 8 bytes inside of
[  108.869988][  T387]  64-byte region [ffff88810aa74880, ffff88810aa748c0)
[  108.889004][  T387] The buggy address belongs to the page:
[  108.897032][  T387] page:ffffea00042a9d00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10aa74
[  108.911228][  T387] flags: 0x4000000000000200(slab|zone=1)
[  108.916920][  T387] raw: 4000000000000200 dead000000000100 dead000000000122 ffff888100042780
[  108.929030][  T387] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[  108.946196][  T387] page dumped because: kasan: bad access detected
[  108.952990][  T387] page_owner tracks the page as allocated
[  108.960487][  T387] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 4641186569, free_ts 0
[  108.981938][  T387]  post_alloc_hook+0x1a3/0x1b0
[  108.987711][  T387]  prep_new_page+0x1b/0x110
[  108.997481][  T387]  get_page_from_freelist+0x3550/0x35d0
[  109.003992][  T387]  __alloc_pages+0x27e/0x8f0
[  109.010349][  T387]  new_slab+0x9a/0x4e0
[  109.015196][  T387]  ___slab_alloc+0x39e/0x830
[  109.025128][  T387]  __slab_alloc+0x4a/0x90
[  109.032464][  T387]  kmem_cache_alloc_trace+0x142/0x210
[  109.039809][  T387]  percpu_ref_init+0xc8/0x340
[  109.047962][  T387]  blkg_alloc+0xa7/0x5b0
[  109.054716][  T387]  blkcg_init_queue+0x29/0x200
[  109.060832][  T387]  blk_alloc_queue+0x3fa/0x570
[  109.067363][  T387]  blk_mq_init_queue+0x36/0xd0
[  109.073107][  T387]  scsi_alloc_sdev+0x674/0xa10
[  109.080026][  T387]  scsi_probe_and_add_lun+0x199/0x4320
[  109.085687][  T387]  __scsi_scan_target+0x1ed/0xe30
[  109.096171][  T387] page_owner free stack trace missing
[  109.103298][  T387] 
[  109.107673][  T387] Memory state around the buggy address:
[  109.115461][  T387]  ffff88810aa74780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  109.127017][  T387]  ffff88810aa74800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  109.135729][  T387] >ffff88810aa74880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  109.144664][  T387]                       ^
[  109.150122][  T387]  ffff88810aa74900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  109.162709][  T387]  ffff88810aa74980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  109.172876][  T387] ==================================================================
[  109.185380][  T387] Disabling lock debugging due to kernel taint
[  109.194636][  T387] general protection fault, probably for non-canonical address 0xfad3fc4b80000030: 0000 [#1] PREEMPT SMP KASAN
[  109.215573][  T387] KASAN: maybe wild-memory-access in range [0xd6a0025c00000180-0xd6a0025c00000187]
[  109.232622][  T387] CPU: 0 PID: 387 Comm: kworker/0:4 Tainted: G    B   W         5.15.169-syzkaller-00123-g9efd694ed939 #0
[  109.251308][  T387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.265501][  T387] Workqueue: events binder_deferred_func
[  109.272716][  T387] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  109.284717][  T387] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 fc 7e 48 ff 49 8b 17 4c 39 f2 75
[  109.312868][  T387] RSP: 0018:ffffc90000c47c00 EFLAGS: 00010a06
[  109.322787][  T387] RAX: 1ad4004b80000030 RBX: ffff88811230fd00 RCX: ffffffff826a3f89
[  109.332213][  T387] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff88810aa74880
[  109.345887][  T387] RBP: ffffc90000c47c20 R08: ffffffff8141a43b R09: 0000000000000003
[  109.356154][  T387] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: dffffc0000000000
[  109.368240][  T387] R13: ffff88810aa74880 R14: ffff88810aa74880 R15: d6a0025c00000183
[  109.380387][  T387] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  109.393309][  T387] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  109.400946][  T387] CR2: 0000001b3011bff8 CR3: 0000000130f12000 CR4: 00000000003506b0
[  109.410164][  T387] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  109.425306][  T387] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  109.434572][  T387] Call Trace:
[  109.437887][  T387]  <TASK>
[  109.444092][  T387]  ? __die_body+0x62/0xb0
[  109.448596][  T387]  ? die_addr+0x9f/0xd0
[  109.452675][  T387]  ? exc_general_protection+0x311/0x4b0
[  109.459991][  T387]  ? check_panic_on_warn+0x65/0xb0
[  109.466474][  T387]  ? asm_exc_general_protection+0x27/0x30
[  109.473771][  T387]  ? check_panic_on_warn+0x5b/0xb0
[  109.483973][  T387]  ? __list_del_entry_valid+0x49/0x120
[  109.491175][  T387]  ? __list_del_entry_valid+0x75/0x120
[  109.498178][  T387]  binder_release_work+0xcd/0x680
[  109.505323][  T387]  binder_deferred_func+0x1847/0x1bc0
[  109.512015][  T387]  ? read_word_at_a_time+0x12/0x20
[  109.519212][  T387]  process_one_work+0x6bb/0xc10
[  109.527645][  T387]  worker_thread+0xad5/0x12a0
[  109.538197][  T387]  ? _raw_spin_lock+0x1b0/0x1b0
[  109.546116][  T387]  kthread+0x421/0x510
[  109.550521][  T387]  ? worker_clr_flags+0x180/0x180
[  109.558566][  T387]  ? kthread_blkcg+0xd0/0xd0
[  109.563293][  T387]  ret_from_fork+0x1f/0x30
[  109.570339][  T387]  </TASK>
[  109.573288][  T387] Modules linked in:
[  109.579307][  T387] ---[ end trace 86221b3de4f6fdec ]---
[  109.586130][  T387] RIP: 0010:__list_del_entry_valid+0x75/0x120
[  109.593428][  T387] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 fc 7e 48 ff 49 8b 17 4c 39 f2 75
[  109.620887][  T387] RSP: 0018:ffffc90000c47c00 EFLAGS: 00010a06
[  109.629653][  T387] RAX: 1ad4004b80000030 RBX: ffff88811230fd00 RCX: ffffffff826a3f89
[  109.641920][  T387] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff88810aa74880
[  109.652176][  T387] RBP: ffffc90000c47c20 R08: ffffffff8141a43b R09: 0000000000000003
[  109.663604][  T387] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: dffffc0000000000
[  109.673087][  T387] R13: ffff88810aa74880 R14: ffff88810aa74880 R15: d6a0025c00000183
[  109.683045][  T387] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  109.694838][  T387] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  109.704343][  T387] CR2: 0000001b3011bff8 CR3: 0000000006a0f000 CR4: 00000000003506b0
[  109.715001][  T387] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  109.725988][  T387] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  109.735253][  T387] Kernel panic - not syncing: Fatal exception
[  109.746067][  T387] Kernel Offset: disabled
[  109.751965][  T387] Rebooting in 86400 seconds..