last executing test programs:

4m8.068269542s ago: executing program 32 (id=271):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000040)='./file0\x00', 0x180c850, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'cp437'}}, {@shortname_winnt}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@uni_xlateno}, {@utf8no}, {@numtail}, {@fat=@nfs}, {@fat=@codepage={'codepage', 0x3d, '950'}}, {@numtail}, {@utf8no}, {@numtail}]}, 0x1, 0x363, &(0x7f0000000c80)="$eJzs3U9oHFUYAPBvO0k2qbTJQSgKwuhN0NA/eNBTSkmhmIvKUvUgLjRVycZCFhfTQ7fxIh4Fj3ryIh704KFnERTx5sGrFaQqHrS3gsUnuzubnc1u0lTY1uDvd1i+fO99897bTLKTSfbl1aVYuzAdF2/evBGzs5WYWjqzFLcqsRBZ9F2NUTNjcgDAwXArpfgz9eyzpDLhKQEAE9Z9/X/tSCnzztd79U9e/QHgwCt+/p/bq8/sbg2XJjIlAGDCRu7/PzbUPDP8q/6p0l8FAAAH1Qsvvfzs6ZWI5/N8NmL93VatVYtnBu2nL8Yb0YjVOB7zcTuid6HQeah0H8+eW1k+nud5O35ZiFqnolWLWG+3ar0rhdNZt74aJ2I+For64mojpZSd/WJl+UTeFRFX293xY73Sqk3H4WL8Hw/HapyMPB4cqY84t7J8Mi8OUFvv17cjtgb3LTrzX4z5+P6BuBSNuDB3PlLqX9asLF85kedn0spQfatWjQvbz8Kud0AAAAAAAAAAAAAAAAAAAAAAAOBfWcy3LWzvf5MG+/csLo5p7+6P06sv9gfa6u0PlKopUvrj7Sdr72UxtD/Qzv15WrWpOHR/lw4AAAAAAAAAAAAAAAAAAAD/Gc3Nmag3Gqsbzc3La+WgvdHcPBQRncyb33721VyM9rlDMFWMUWrKi9TltXrK+p1TNtSnCLLO4P3Mp9e2Z1zuU91exdhpVHdvajSOPPrzh4PMI1n/yH8P+mQxfoHZjmmUg/WjvSndzRN1+VQRnLxD5+sppR1N1X5w5ZXRqqhETN39J27vIHWCb268/tCp5rGnupkvU8/jT8yfv/7Bx7+t1RudkTsan8xsNG+ntXrx8fiTbfcgK50/legFlfKZMLVX+dZwpp798PuLD7//3f5GT+XMW2P6ZL3lfL7R3KwUXyndpple0MntqJprnMsidhxneszJP4Hg2EdL9WtXfvp1v1WlbxI26gAAAAAAAAAAAAAAAAAAgHui9F7xQvFm3+m9qp5+bvIzAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB7Z/D//0vB1khmP8Ff7Rhtqq5uNCOO3u9lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP/dPAAAA//8rjWr6")
getpid()
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/189, 0xbd)

3m59.946702442s ago: executing program 33 (id=410):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x6, 0x325, &(0x7f0000000b40)="$eJzs3M9LG2kYwPEnMcYkoslh2WUXFl92L7uXQbN7XjYsCssGVtQsq4XCqJM2ZJpIJlhSStVTr6X3ngo9iEdvQus/4KW39tJLb14KPdRD6ZSZzJjfGmNsrH4/UObN+75P5n3zvinPDE4O/390J5+1tKxelmBESUBE5EgkIUHxBbxj0C2Hpd6m/Dr6/tWP84tL/6TS6ek5pWZSC78llVLjE8/v3o963fZG5CBx8/Bd8u3BtwffH35auJ2zVM5ShWJZ6Wq5+KasL5uGWs1ZeU2pWdPQLUPlCpZRqrYXq+1Zs7i2VlF6YXUstlYyLEvphYrKGxVVLqpyqaL0W3quoDRNU2MxwWky23NzeqrH4JU+DwYXpFRK6UMiEm1pyWwPZEAAAGCgmvP/oJPS95T/y7ib/zuda/n/zk/75dH/dse9/H8v3C7///119b0a8v+IiPSS/z+RM+T/rRnR9XKu/B+Xw0S4pSrQ8MrJ/2Pe99e1dWNn0i2Q/wMAAAAAAAAAAAAAAAAAAAAA8DU4su24bdtx/+j/qz1C4L3GldRp/UdEJOKsvs36X2Xzi0sScR/cc9bYfLieWc9Uj16HfRExxZBJictHdz94nLL/5JFyJOSFueHFb6xnhtyWVFZybvyUxCXRHG/bM3+np6dUlRd//JhSrD4+KXH5pn18sjHeO39Yfvm5Ll6TuLxckaKYsuru61r8gyml/vo33RQfdfsBAAAAAHAVaOpY2+t3TevUXv2VkVTWvU3U4f5A9fp6su31eSj+Q2jQswcAAAAA4HqwKvfyumkapRMKUTm9T++FUHedw001wyd1HqqbYbfjCbs3MkTOO6+nXX6qDQX/DykamiJeZW/j8efft/XarK8JShdRoebBTzgV6oxn3/Imclzj3zYKd/icZbb1fYIn7IThvu3n7x4/+9C/L8gfu/4OOL3zVq/nijTvOrcwfNH/7wAAAAD48mpJv1/zZ31zYCCDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgmrmQn/RrKgx6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBl8TkAAP//3cD3xQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x5)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c64)
write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18}, 0xfffffdef)

3m36.007156204s ago: executing program 34 (id=716):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)

3m27.844651984s ago: executing program 35 (id=899):
unshare(0x4000600)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff9500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0xa, 0x2, 0x1, 0x0, 0xffff, 0x8001}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x200000000000014f, 0x1000000, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x8, 0x0, 0x0}}, 0x10)

2m50.947028461s ago: executing program 36 (id=1661):
memfd_create(&(0x7f0000000000)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;|\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xf)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x227d, 0x709, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x8, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xb, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x67}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

2m49.655181802s ago: executing program 37 (id=1685):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000040)=""/89, 0x59)

2m43.803927585s ago: executing program 38 (id=1770):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x48001)
link(0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
ioctl$EVIOCRMFF(r0, 0x4004550f, 0x0)

2m40.932455312s ago: executing program 39 (id=1804):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x43e, &(0x7f00000004c0)="$eJzs3MtvG0UYAPBv7SR9k1DKo6WFQEFEPJImfdADFxBIHEBCgkMRp5CkVajboCZItIogcAhHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZu6iZ3GiVOX7O8nbTvjHWvm292xZ2e8CaCwBtN/koi9EfFHRPTXs7cXGKz/d3NpfuKfpfmJJKrVt/9OauVuLM1P5EXz9+2pZ6rVLL+jSb2L70WMVypTl7L8yNyFD0dmL195YfrC+Lmpc1MXx06fPnH8SN+psZMdiTON68ahT2YOH3z93atvTpy5+v4v36Xt3Zvtb4yjUwbrR7eppztdWZfta0gnPV1sCG0pR0R6unpr/b8/yrFreV9/vPZ5VxsHbKlqtVpt9v2cWagC21gS3W4B0B35F316/5tvd2nocU+4/nL9BiiN+2a21ff0RCkr07vi/raTBiPizMK/X6dbbNE8BABAox/S8c/zzcZ/pXioodx92RrKQETcHxH7I+KBiDgQEQ9G1Mo+HBGPtFn/yhWS1eOf0rUNBbZO6fjvpWxt6/bxXz76i4FylttXi783OTtdmTqWHZOh6N2R5kfXqOPHV3//stW+xvFfuqX152PBrB3XelZM0E2Oz41vJuZG1z+LONTTLP4k8mWcJCIORsShDdYx/ey3h1vtu3P8a+jAOlP1m4hn6ud/IVbEn0tark+Ovnhq7OTIzqhMHRvJr4rVfv1t8a1W9W8q/g5Iz//uptf/cvwDyc6I2ctXztfWa2fbr2Pxzy9a3tNs9PrvS96ppfuy1z4en5u7NBrRl7yx+vWxW+/N83n5NP6ho837//64dSQejYj0Ij4SEY9FxONZ25+IiCcj4uga8f/8ylMftB//GrPyHZTGP3mn8x+N57/9RPn8T9+3H38uPf8naqmh7JX1fP6tt4GbOXYAAADwf1Gq/QY+KQ0vp0ul4eH6b/gPxO5SZWZ27rmzMx9dnKz/Vn4gekv5TFd/w3zoaDY3nOfHVuSPZ/PGX5V31fLDEzOVyW4HDwW3p0X/T/1V7nbrgC3neS0oLv0fikv/h+LS/6G49H8ormb9/9MutAO4+3z/Q3Hp/1Bc+j8Ul/4PhdTy2fjSph75l9j2iSjdE83Y/omedf8xiw0mdjTd1e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//9wiOSH")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
truncate(&(0x7f0000000040)='./file1\x00', 0xd)

1m42.316345745s ago: executing program 40 (id=2966):
r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x67)
close(r0)
r1 = socket$unix(0x1, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x10008, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES64=r1, @ANYRES8=r0, @ANYRESHEX], 0x1, 0x29f, &(0x7f0000000100)="$eJzs3EtrO1UUAPAzTfrvQyRdCEURHHHjKrQVF+5apIIYUJQgiguLjSiZWmihkCz62Cj4EUTxG+jSreBC3LjwC4ggVXDjUkSI5DE1TSdJVdKg/99vM5c799xz5tFOGab3zUcPmvuHK9GXRDmJ7fg9Yi0WohQAwP/Rb51O/Nrpm3ctAMDdGP/8X5lXSQDAjBU//8ujw17qb87usjQAYEb+3ft/7wgA4L/olddef2GnVtt9OU2XIw4+OKmf1Hvb/NH+drwbWTRiIyrxR0TnSr/93PO13Y2066e1qB+cDeLPTur9rwd38vjNqMRaUXyyu5n2XYtfXIzVQfz3q9GIrajEQ8X5t4ri6/fiySeG8lejEt+9FYeRxX50Y/+KP91M02dfrKVRjqH4pd64nuI/c3wvAQAAAAAAAAAAAAAAAAAAAADAP1btrZzzQKRpWrh+T7Wa5kb29+N3xq8PtHx9faDR9XnK8ciNZYYBAAAAAAAAAAAAAAAAAADg/nTcajf3sqxxNKnx3jeffRUxeUzr8tvzV6fM02o3k0He6Uln3Xjw8R8/Hj/mIpl+fpIpKUqDOf5mYV8+NtLzRql4noXhnuT8FimWB2d/ehmlKaV+ffnOw08drz99c1eeo9dz1RgJX5rBNV2cdGv9UokojLoYM+GHH43PlXYvxlXP591GftR3fhvnRz3081U8eP2T7b0vTn/4+bYzz/xXDwAAAAAAAAAAAAAAAAAAMKL3b+S38v4zs64FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObluNVu7mVZ41602p9GljWO8p5JjSQi8p6FwUzjo+Z8iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEH8GAAD//ydbe88=")

1m30.438407604s ago: executing program 41 (id=3201):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./bus\x00', 0x102c020, &(0x7f0000000300)={[{@jqfmt_vfsv1}, {@minixdf}, {@data_err_abort}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@minixdf}, {@nodelalloc}, {@debug}, {@noacl}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000000000001000000"])

46.196349337s ago: executing program 42 (id=4121):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'macsec0\x00'})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0xba01}, 0x4000010)

37.480756665s ago: executing program 3 (id=4301):
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000200)={0x0, 0x6, 0x6, 0x80006, 0x1, "403c1f951000007e4f0000000000ff726802de"})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

37.370973647s ago: executing program 3 (id=4303):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
sync()
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
unlink(&(0x7f0000000440)='./file1\x00')

37.142125841s ago: executing program 3 (id=4307):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = epoll_create(0x6)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000380)={'syz0\x00', {0x1ff, 0x6, 0x12, 0x6}, 0x4b, [0xdb8, 0x4, 0x4, 0x8, 0x2, 0x40, 0x5, 0x2, 0xb, 0x4, 0x5, 0x2, 0xa6d8, 0x4, 0xfffffff8, 0x7, 0x9, 0x1, 0x2, 0x7, 0x2fe, 0x7ff, 0x8, 0x1ff, 0x739, 0x6, 0x930, 0x4, 0x1a12, 0xfffffc00, 0x200, 0x4, 0x0, 0xb, 0x6, 0xa, 0x81, 0x6, 0x1000, 0x1, 0x9, 0x0, 0xffffffff, 0x2, 0xfffffff7, 0x8, 0xa, 0x1, 0x5a3a8d03, 0x81, 0x6, 0xdf4, 0x5, 0x10001, 0x9, 0x7, 0x81, 0xb4c, 0x8e, 0x5, 0x8, 0x3, 0xab, 0x2], [0x9, 0x8, 0x791, 0xe0, 0x1, 0xdae9, 0xb8f, 0x7, 0x9, 0x7fffffff, 0x1, 0x3, 0x6, 0x8, 0xffffe45d, 0x6, 0x5, 0x20, 0x1, 0x4, 0xce, 0x2, 0x1, 0x0, 0x2, 0x7f, 0x4d5, 0x0, 0x5176145d, 0x3f, 0x0, 0x3, 0x100, 0x82, 0x3, 0x5a, 0x3, 0xf459, 0x2, 0x8, 0x3ce67e22, 0x2, 0x7, 0x2, 0x80, 0x1d5, 0x7, 0x4, 0xffffffff, 0x5, 0x4, 0xe21, 0x4, 0x8, 0xbe9c, 0x6, 0xa, 0x0, 0x9, 0x1, 0x100, 0x2, 0xfffffffb, 0x1], [0x3, 0x5, 0x100, 0x10001, 0x2, 0x8, 0x5c, 0x2, 0x48, 0x0, 0x5, 0x4, 0x4a, 0x7, 0x8, 0x5, 0x6, 0x3, 0x5983, 0x9bc5, 0x81, 0x1, 0xfffffffa, 0xfc78, 0x4, 0x8, 0x0, 0x14, 0xa, 0x101, 0x9, 0x7, 0x0, 0x44ccc0de, 0x3, 0x6, 0x6, 0x200, 0xd7, 0x3, 0x1, 0x27f2, 0x9, 0x6, 0xffffffff, 0x2, 0x526, 0x8, 0x7fff, 0x400, 0x6, 0xa4, 0x0, 0x2, 0xffffffff, 0xc4e, 0x1, 0x3, 0xfffffffa, 0x2, 0x80, 0x1, 0x2, 0xff], [0x563bac4e, 0x80000000, 0x1, 0x4, 0xbfe, 0x9, 0x8, 0x0, 0x2a7, 0x1, 0x7, 0x7, 0x7fffffff, 0x137b00, 0x7fff, 0xffffffff, 0xb0a, 0x5, 0x5, 0x6, 0x101, 0x2, 0x2, 0x100, 0xddc4, 0x6, 0x9, 0x7f, 0x8, 0x101, 0x4, 0xea, 0x3, 0x7, 0x6, 0x2, 0x7f, 0xfffffffd, 0x4, 0x401, 0x401, 0x2, 0x3, 0x3, 0x1, 0xc, 0x7, 0x9, 0x3d1a, 0x7, 0x7, 0x4, 0x0, 0x2, 0x0, 0xfffffc00, 0x7, 0x1, 0x1, 0x3, 0x40, 0x3, 0xcd5d, 0x3]}, 0x45c)
ioctl$UI_DEV_CREATE(r2, 0x5501)

37.069141612s ago: executing program 3 (id=4309):
r0 = socket(0x10, 0x803, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @loopback, 0x0, 0x0, 0x0, 0x7f}})

37.045327712s ago: executing program 3 (id=4311):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000140), 0x12)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

37.022571672s ago: executing program 3 (id=4313):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)
pwrite64(r2, &(0x7f0000000940)='2', 0x1, 0x8000c61)

32.969335367s ago: executing program 43 (id=4389):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
timer_create(0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x2)
r0 = open(0x0, 0x0, 0x0)
flock(r0, 0x2)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000480)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x12, 0xfffffffffffffffa, 0x1ff, 0x7ffffffffffffffe, 0x2000000000000, 0x2, 0x0, 0xd, 0x9d})

31.166093905s ago: executing program 9 (id=4419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

31.165564536s ago: executing program 9 (id=4420):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000640)='\x00', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='reno\x00', 0x5)
shutdown(r0, 0x1)

31.113362567s ago: executing program 9 (id=4422):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x118)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
truncate(&(0x7f0000000200)='./file1\x00', 0x7)

30.834289271s ago: executing program 9 (id=4424):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x100c000, &(0x7f0000000640)={[{@jqfmt_vfsv1}, {@resgid}, {@grpid}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@orlov}, {@orlov}]}, 0xfc, 0x583, &(0x7f0000000cc0)="$eJzs3V1rHNUbAPBnNpv09f9vCqWoF1LohZXaTZP4UlGwXooWC3pfl2QaSjbdkt2UJhZsL+yNN1IEEQviB/BaL4tfwE9R0EKREvRChMhsZtNtspu3brNp9/eDac/ZmcmZZ888hzM7u0wAfetY9k8h4sWI+DqJONSyrhj5ymPL2y0+vD6RLUksLX3yZxJJ/lpz+yT//0BeeSEifv0y4mRhbbu1+YXpcqWSzub1kfrMlZHa/MKpSzPlqXQqvTw2Pn7mjfGxt996s2uxvnr+7+8+vvvBma+OL3770/3Dt5M4Gwfzda1xPIEbrZVj5X/z0mCcXbXhaBca202SXh8A2zKQ5/lgZGPAoRjIsx54/n0REUtAn0rkP/Sp5jygeW3fpevgZ8aD95cvgBqxD7XGX1z+bCT2Nq6N9i8mj10ZZde7w11oP2vjlz/u3M6WWP9ziH0b1AG25MbNiDhdLK4d/5N8/Nu+040Pj9e3uo2V9o1u8NTdzeY/r7Wb/xVW5j/RZv5zoE3ubkfH/F9RuN+FZjrK5n/vtp3/rgxdwwN57X+NOd9gcvFSJT0dEf+PiBMxuCerr3c/58zivaVO61rnf9mStd+cC+bHcb+45/F9Jsv1ckQMPUncTQ9uRrxUbBd/stL/SZv+z96P85ts42h65+VO6zrGv0Pj/9KPEa+07f9Hd7SS9e9PjjTOh5HmWbHWX7eO/tap/Y37/+nK+n//+vEPJ633a2tbb+OHvf+kndZt9/wfSj5tlJtJcK1cr8+ORgwlH619fezRvs16c/ss/hPH1x//2p3/2en52Sbjv3XkVsdNd0P/T26p/7deuPfh5993an9z/f96o3QifyUf/9rLz5XNHuCTvn8AAAAAAACwmxQi4mAkhdJKuVAolZa/33Ek9hcq1Vr95MXq3OXJaPxWdjgGC8073Ydavg8xmn8ftlkfW1Ufj4jDEfHNwL5GvTRRrUz2OngAAAAAAAAAAAAAAAAAAADYJQ50+P1/5veBXh8d8NQ1Hmywp9dHAfTCho/878aTnoBdacP8B55b8h/6l/yH/iX/oX/Jf+hf8h/6l/yH/iX/AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKvOnzuXLUuLD69PZPXJq/Nz09WrpybT2nRpZm6iNFGdvVKaqlanKmlpojqz0d+rVKtXRsdi7tpIPa3VR2rzCxdmqnOX6xcuzZSn0gvp4I5EBQAAAAAAAAAAAAAAAAAAAM+W2vzCdLlSSWcVOhbeix1t9OeIaBSKOxfgsm3tXtzWXu9E7Oy72seFm3n3bm2vHg5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDKfwEAAP//o+IvpQ==")
r0 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
write$binfmt_script(r1, &(0x7f0000002480)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)
write$FUSE_LSEEK(r0, &(0x7f0000000300)={0x18, 0x0, 0x0, {0x45d3}}, 0x18)

30.399553418s ago: executing program 9 (id=4430):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
mount(0x0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x4014, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)

30.203951631s ago: executing program 9 (id=4434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

30.196515661s ago: executing program 44 (id=4434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

26.317810682s ago: executing program 4 (id=4477):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000000c0)='H\x00', 0x2}], 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000004, 0x10012, r1, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000080)={0x4, 0x9, 0xfffffff7})

26.252023263s ago: executing program 4 (id=4479):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000002c0)='./file1\x00', 0x109042, 0x0)
fallocate(r0, 0x11, 0x0, 0x6fffffc)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x64842, 0x21)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)

26.099330266s ago: executing program 4 (id=4480):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x50, &(0x7f0000000440)={[{@delalloc}, {}, {@nobh}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@data_err_ignore}]}, 0x2, 0x3eb, &(0x7f0000000880)="$eJzs3M1uG0UcAPD/br5I+uEgcUCFQwQIgoCkDgQoQqJw5eMCPICVpKXCbarGSLTkUBAnThwQNw59AQ48QFUhJCRegRdAlSqU5gC3oLV3HTe2Qyw7der8ftLIM+txZv7ezWpmvTsBHFtzEXE+IsYiYikiSvn2NE9xs5Gyeve3Nle2tzZXktjZ+fjvJJJ8W/G3kvz1RF6YTyPSbyOeutne7sb1G59XqtW1a3l5sXb56uLG9RuvXLpcubh2ce1K+Y1z5fLy0pvl1wYW64/PvXhu7L3zZ376s3RneXJyOuvvyfy91jgGZS7mmt/JXsuDbmzIJofdAQAADiTNx/7j9fF/KcbquYZSLG4OtXMAAADAQOy8k78CAAAAIywx9wcAAIARV9wHcH9rc6VIB7pxoHRotyQ8VPfejYjZ3Webt5vxj8djeZ2JQ3y+dS4irj6flLIUh/QcMgBAqzvZ+Odsp/FfGk+21JuKqI+Hpgfc/tyecvv4J7074CYfkI3/3o6I7bbxX1pUmR3LS6fqQ8WJ5MKl6trZiDgdEfMxMZWVy/u08f4/P3/U7b0s/t+SU6eLlLWfve7WSO+OTz34mdVKrdJPzK3ufR1xZrxT/Elz/JtExEwfbYx9deutbu/9f/yHa+dWxAsd9//uyj3J/usTLdaPh8XiqGj37ze/fNit/WHHn+3/mf3jn01a12va6L2N25/98XQ90yGq1vlPL8f/ZPJJPV/My76s1GrXyhGTyQft25d2P1uUi/pZ/PPPdv7/L85/Sb6m1cn8HNCr777/9eX9azTiz1LWfjEXfBiy+Fd72v+9Z16//fun3dpv3f+d48/2f2MNsPl8y0HOfwftYD/fHQAAADwq0vp1jSRdaObTdGGhcb3jiZhJq+sbtZcurH9xZbVx/WM2JtLiSlep5XpoufEzerO8tKf8akQ8HhE/lKbr5YWV9erqsIMHAACAY+JEl/l/5q8RuccfAAAAyH+oBwAAAEab+T8AAACMtH7W9Tu+meybOwLdOPKZZ45GN4aQmYgj0Y0+MsM+MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADza/gsAAP//Bdqy/A==")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x63)
mknodat$null(r0, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x400, 0x103)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000700)={{'\x00', 0x41}, {0x20081}, 0x65c8617cc179f981, 0x0, 0x0, 0x0, &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})

25.973367238s ago: executing program 4 (id=4481):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00'})
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

25.571838594s ago: executing program 4 (id=4483):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f0000000840), 0x1, 0x4e6, &(0x7f0000001400)="$eJzs3U1vW0sZAODXzpeTm3uTe+kCENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYXSOT1I3tZvQfDiKn0c6OmdmHL8zdc9M/brxBNC3LkXEVkQMR8TDiJjI6nPZEXdbR/K4V9tP53e2n87notm8/89c2p7URdvPJD7KnrMQET/6XsRPc+/GrW9sLs9VKuW1rDzVqK5O1Tc2ry9V5xbLi+WVUml2Znb69o1bpWMb68XqcHb15Zd/2PrWz5NujWc17eM4Tq2hD+3FSQxGxA9OIlgPDGTjGe51R/gg+Yj4LCIup/f/RAykryYAcJ41mxPRnGgvAwDnXT7NgeXyxSwXMB75fLHYyuFdiLF8pVZvXHtUW19ZaOXKJmMo/2ipUp7OcoWTMZRLyjPp9ZtyaV/5RkR8GhG/GBlNy8X5WmWhl//wAYA+9tG+9f8/I631HwA45wq97gAAcOqs/wDQf6z/ANB/rP8A0H+s/wDQf6z/ANB/rP8A0Fd+eO9ecjR3su+/Xni8sb5ce3x9oVxfLlbX54vztbXV4mKttph+Z0/1oOer1GqrMzdj/cnkt1frjan6xuaDam19pfEg/V7vB+WhUxkVAPA+n1588edcRGzdGU2PaNvLwVoN51u+1x0Aemag1x0AesZuX9C/jvAeX3oAzokOW/S+pRARo/srm81m8+S6BJywq1+Q/4d+1Zb/97+Aoc/I/0P/kv+H/tVs5g67538c9oEAwNkmxw90+fz/s+z82+zDgZ8s7H/E85PsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxtu/v/FrO9wMcjny8WIz6OiMkYyj1aqpSnI+KTiPjTyNBIUp7pcZ8BgKPK/y2X7f91deLK+P7W4dzrkfQcET/71f1fPplrNNb+mNT/a6++8TyrL/Wi/wDAQXbX6fTc9kb+1fbT+d3jNPvz9+9GRKEVf2d7OHb24g/GYHouxFBEjP07l5Vbcm25i6PYehYRn+80/lyMpzmQ1s6n++MnsT8+1fj5t+Ln07bWOfmz+Nwx9AX6zYtk/rnb6f7Lx6X03Pn+L6Qz1NFl81/yVPM76Rz4Jv7u/DfQZf67dNgYN3///dbV6LttzyK+OBixG3unbf7ZjZ/rEv/KIeP/5UtfudytrfnriKvROX57rKlGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqTaU56qnuq8E/7lz7pFtbMv6xLvELB4z/64cc/2/++/DHX31P/G9+rVP8fFx4T/xkTfzGIePPjf2u0K0tib/QZfwHvf7XDhn/5V8339k2HADonfrG5vJcpVJec+Hi7F8kf2XPQDc6XnzntGINx//1U83mB8XqNmMcR9YNOAv2bvqIeN3rzgAAAAAAAAAAAAAAAB2dxm8s9XqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA///77dI4")
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000300), 0x12)
syz_read_part_table(0x5e9, &(0x7f0000000600)="$eJzs2zFo1FccB/DfxRwHSnFxclIHKcVFcfQoKnenohBOsxQpBhQRbzpBOOlBig56FMUbxG4uVrjFpFMuN2RKSCBzCBlSAhmytCRLIEuv3PUV2pSUXkkKwufDwY/3/r//+753vPUffNKG4pdut5uJiG4u4tCAb4+2CsWrJ0Yulm9FZOJ2RHz9/ec/9J5kUkdv1Z5Tabyaxu/fHe682LqSba3c3D59Z7Yx9MeS4/1fHPnQHt2H43HAPubnjj59Vi29rOUfLJfq68+XFm9MbBbK7euN5uS17OW7qW8+1eFUH0UtnsTDGIvh+DbuRXWP9b8bMP9ta+1s9nipNXX/wk6x82rmXL9r0Hv97/Xy+xc2Inr5j0++/qpZv3Tmx2NvztemF8obKbqS2/3m2IHtCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/y4bc0efPquWXtbyD5ZL9fXnS4s3JjYL5fb1RnPyWvby3dQ3n+pwqo+iFk/iYYxFJSpxL6p7Jnz250Fu99OP+b/mv22tnf31eKk1df/CTrHzauZc6hvZp/P+Q363l//45Osvm/VLZ3LH3pyvTS+UNw793lf5286j/+8BAAAAAAAAAAAAAAAAAADAfigUr54YuVi+FZGJ2xHxxc/fDPXmu+l790zqO5Xqapp//+5w58XWlWxr5eb26TuzjZ/S/HhkYjwijnxoj/7vh2FgvwUAAP//vTSRCQ==")

25.433022407s ago: executing program 4 (id=4485):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_to_bond\x00', 0x10)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000400)=0x80000000, 0x4)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
read$FUSE(r1, &(0x7f0000000f40)={0x2020}, 0x2020)

25.263123399s ago: executing program 8 (id=4490):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

25.19789724s ago: executing program 8 (id=4492):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, &(0x7f0000000000)={{&(0x7f0000416000/0x3000)=nil, 0x3000}, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0xb, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x4, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x10000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xf7, 0xaa, 0x8, 0x0, 0x4}, {0xdddd0000, 0xdddd0000, 0x8, 0x6, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c, 0x7d}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x40}, {0x8080000, 0x0, 0xa, 0x6, 0x5, 0x0, 0xe8}, {0x0, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xc, 0x26, 0x3, 0x10}, {0xf000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x1]})

25.105248272s ago: executing program 8 (id=4494):
setgid(0xee01)
r0 = syz_clone(0x6200500, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000002c0)='proc\x00', 0x0, 0x0)
syz_open_procfs(r0, &(0x7f00000000c0)='fd/3\x00')

25.031760403s ago: executing program 8 (id=4496):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfe, 0x46c, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
creat(&(0x7f0000000100)='./bus\x00', 0x8)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

24.787832227s ago: executing program 8 (id=4499):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xfffffeb7)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x90, 0x1b, "00bf46f8bbde7047bcd4a280000400"})
r1 = syz_open_pts(r0, 0x0)
dup3(r1, r0, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000400)=0x9)

24.181087136s ago: executing program 8 (id=4510):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000064000000060a010400000000000000000100000008000b40000000003c00048038000180080001006e6174002c00028008000540000000000800014000000000080006400000000d08000240ffff000a080006400000002509"], 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x1c, r0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r2, @ANYBLOB="020000000000800080001200080001007674693674000200"], 0xa0}}, 0x0)

24.059830538s ago: executing program 45 (id=4510):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000064000000060a010400000000000000000100000008000b40000000003c00048038000180080001006e6174002c00028008000540000000000800014000000000080006400000000d08000240ffff000a080006400000002509"], 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x1c, r0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r2, @ANYBLOB="020000000000800080001200080001007674693674000200"], 0xa0}}, 0x0)

21.928074362s ago: executing program 46 (id=4313):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)
pwrite64(r2, &(0x7f0000000940)='2', 0x1, 0x8000c61)

10.391586615s ago: executing program 47 (id=4485):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_to_bond\x00', 0x10)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000400)=0x80000000, 0x4)
r1 = dup(r0)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
read$FUSE(r1, &(0x7f0000000f40)={0x2020}, 0x2020)

7.300522734s ago: executing program 6 (id=4727):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000380)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nouid32}]}, 0xfd, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=")
symlink(&(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file2\x00')
symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

7.105440687s ago: executing program 6 (id=4728):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x8, r2, 0x3})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r2, 0xb})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x3, 0x0, 0x8, r2, 0x3})

7.027862549s ago: executing program 6 (id=4731):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1010040, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=cp874,utf8=1,uni_xlate=1,errors=remount-ro,shortname=wwn95,codepage=857,debug,shortname=winnt,shortname=mixed,rodir,uni_xlate=1,shortname=mixed,\x00'], 0x3, 0x351, &(0x7f0000000900)="$eJzs3U9oY1UXAPCTvjTpDMzXLj4YFISnO0HLTMWFrlqGDgxmoxL8sxCD01Fp6kCDwc6imboRl4JLXblzoQsXsxZBEXcu3DqCjIoLnd2Ag0+SvCQvTdpphSjF328RDueek3tfGpLX1+bm5dXYvDwfV27fvhULC6Uor15YjTulWIokBq7HpMqUHABwMtzJsvg96ztiS2nGSwIAZqz3/v/qmULm7S8Pq8+8+wPAiZf//n/qsJqFgwauzmRJAMCMTVz/f2hsuDL+p/5y4b8CAICT6tkXXnxqrRbxTJouRGy906636/HkaHztSrwezdiIc7EYdyP6Jwrdm1Lv9uKl2vq5NE078dNS1Lsd7XrEVqdd758prCW9/mqcj8VYyvvzs40sy5KLn9XWz6c9EXG905s/tkrt+nyczuf//nRsxEqk8f+J/ohLtfWVNL+D+tagvxOxN7pu0V3/cizGt6/E1WjG5ej2Dk5rauu759P0QlYb62/Xq726vgOvgAAAAAAAAAAAAAAAAAAAAAAAwN+ynA4tDfe/yUb79ywvTxnv7Y/T78/3B9rr7w+UVbPIst/eerT+bhJj+wPt35+nXS/HnO8SAAAAAAAAAAAAAAAAAAAAgJ7WTiUazebGdmvn2mYx6Gy3duYiopt54+tPvjgVkzX3CMr5HIWhNE9d22xkyaA4S8Zq8iDpTj7IfHxjuOJiTXV4FFOXUT14qNk88+CPH4wyDySDe/5zVJPE9ANM9i2jGGz9r7+k4zxQw2DlHjU3syw7qH33pcmuKEWUj/+DOzzIusFXt16777HW2cd7mc+zvocfWXzu5vsf/bLZaEa+t0OzWdlu3c02G4O9Ho45aTJ6/swNHtVS8ZlQPqx9bzzTSL779fn73/vmaLNnxcybEzURSf9wPt0/VOkH3WXuGzo1ba75KU/+GQRnP1xt3Nj94eejdhVeJOZm+AIEAAAAAAAAAAAAAAAAAAAMFT4rnss/7Dt/WNcTT89+ZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzxl9/38h2JvIHCX4oxOTQ9WN7VZE5d8+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/uP+CgAA///Jq2y4")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000000)='.pending_reads\x00', 0x0, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x40046721, &(0x7f00000000c0))

6.97249847s ago: executing program 6 (id=4732):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfc, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
chdir(&(0x7f0000000240)='./file0\x00')
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

6.848050001s ago: executing program 6 (id=4733):
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0xc00, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.667977175s ago: executing program 6 (id=4734):
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = dup(r0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/165, 0xa5}], 0x2, 0x9, 0x401)

6.649318615s ago: executing program 48 (id=4734):
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = dup(r0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/165, 0xa5}], 0x2, 0x9, 0x401)

5.733497099s ago: executing program 1 (id=4750):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000facf01406e0510401c200000000109021200010000000009044cfc0ba279c7da"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000001c0)={0x14, 0x0, &(0x7f0000000140)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x42b}}}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000300)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @string={0x0, 0x3, "a42e3fb210ddc16d8233ca08996b0f422e07f4425c9b7556f1be90e64cee5f24a57bcdc02e9dd91254465b5df49aa5732c881677f2fb7be76413082184d524478d94d95d49f1428d9445e2f13af685b484147f1c4df6a54bfdf14e7c50f259d09833d2e07fe3c1b4f36f54ec3a9c232a8db1d869e65af2e28480f4e717eb915d3afcf5c0af5a34173962f5077dca9f64309fea98dea44f6092361a46776d37adb7e9045dbd3d92b182e8c81f4031916a9e"}}}, 0x0)

3.712675091s ago: executing program 1 (id=4779):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x1000, 0x0, {0xa, 0x78, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x1000000, 0xfffff001}}]}, 0x40}}, 0x0)

3.685856412s ago: executing program 1 (id=4781):
socket$igmp(0x2, 0x3, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
timerfd_create(0x1, 0x80000)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@bridge_delneigh={0x28, 0x1d, 0x1, 0x70bd29, 0x25dfdbfd, {0x2, 0x0, 0x0, 0x0, 0x10, 0x9d, 0x7}, [@NDA_DST_MAC={0xa, 0x1, @local}]}, 0x28}}, 0x2)

3.622701463s ago: executing program 1 (id=4784):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000003980)=[{{0x0, 0x0, 0x0}, 0x3bd}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x7e, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

3.536341034s ago: executing program 1 (id=4789):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x2)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @random="24be2842400a", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)

3.077382381s ago: executing program 0 (id=4802):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2000044, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000b00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_nofollow}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)

2.987276093s ago: executing program 0 (id=4804):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

2.914577184s ago: executing program 0 (id=4806):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, &(0x7f00000000c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x8b, 0x4, 0x6, 0xb, "ab644d3b", "645481a3"}}, 0x0}, 0x0)

2.709942417s ago: executing program 1 (id=4811):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f00000003c0)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x1, 0xb07f, 0x0, 0xff}, {0x6}, [@mbim_extended={0x8, 0x24, 0x1c, 0x9, 0x8, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0xfc, 0x0, 0xfe}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x0, 0x0, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x2, 0x0, 0xdd}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x20, 0x80, 0x1c, {0x10, 0x10, 0xdcb, 0x6, 0x10, 0xe, 0x10, 0x1000, 0x10, 0xf, 0x12, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

2.464742651s ago: executing program 7 (id=4820):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
ioprio_set$pid(0x1, r0, 0x4000)

1.737236023s ago: executing program 7 (id=4835):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)

1.587627125s ago: executing program 7 (id=4837):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r0 = open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)
pwrite64(r0, &(0x7f0000000940)='2', 0x1, 0x8000c61)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
fallocate(r1, 0x0, 0x0, 0x7000000)
fallocate(r0, 0x8, 0x0, 0x10000)

1.387584368s ago: executing program 7 (id=4839):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000200), 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1.148132552s ago: executing program 2 (id=4842):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$netlink(r1, 0x10e, 0x9, 0x0, &(0x7f0000001100))
open(0x0, 0x0, 0x0)
chdir(0x0)

1.147819612s ago: executing program 7 (id=4843):
prctl$PR_SET_CHILD_SUBREAPER(0x37, 0x1)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0x4}, 0x0, [0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xd060], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0xffffff00, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xab, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x76c3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x17c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, 0x0, 0x0, 0x0, 0x6]}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCSABS2F(r1, 0x401845ef, 0x0)

1.134091842s ago: executing program 0 (id=4844):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
preadv2(r0, &(0x7f0000003240)=[{&(0x7f0000001900)=""/104, 0x68}], 0x1, 0x6700, 0x0, 0x8)

1.117535183s ago: executing program 2 (id=4845):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0xee00)

1.087566823s ago: executing program 0 (id=4846):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1.087357783s ago: executing program 2 (id=4847):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@empty}, 0x14)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'veth0_to_batadv\x00', <r2=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r2}, 0x14)

1.058240363s ago: executing program 0 (id=4849):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d34, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000000c0)={0x14, &(0x7f0000000000)={0x40, 0x24, 0x6, {0x6, 0xc, "fbeb4797"}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

1.007953984s ago: executing program 7 (id=4850):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x64)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)

980.330975ms ago: executing program 49 (id=4850):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x64)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)

977.869465ms ago: executing program 2 (id=4853):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f00000004c0)=""/41, 0x29)
getdents(r1, 0x0, 0x58)

958.653655ms ago: executing program 2 (id=4854):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x266, &(0x7f000001fe80)="$eJzs281OE1EYxvGHDwVBmCqKgjG+0Y1uJlCvoCGQGJtokBo/EpNBptp0aEmnwdQYYefW6yAu3ZkYb4CNV+DCHRuXLIxjmKnQlhrDQiba/29zXnJ4mnP6njZn0dl58Ha1XAzdoldXf59pUNrUrpRRvwaU6GuO/XF9Uq02dWMi/+XyvYePbufy+flFs4Xc0s2smY1f+fji1burn+qj99+PfxjSdubJzrfs1+3J7amdH0vPS6GVQqtU6+bZcrVa95YD31ZKYdk1uxv4XuhbqRL6tbb5YlBdW2uYV1kZG1mr+WFoXqVhZb9h9arVaw3znnmlirmua2Mjwp8UthYXvVzaq8DfVavlvDlJ04dmClupLAgAAKSK+38v4/7fC/bu/4+bn9923P8BAAAAAAAAAAAAAAAAAAAAAPgX7EaRE0WR82s8IcVP+ETNv09JGpE0Kum0pDFJ45IcSRlJZySdlTQh6Zyk85ImJV2QdFHSVMtrpb1XHEb/exv97230v7e1PLg7LK2+WS+sF5Ixmc8VVVIgXzNy9D3uZVNSL9zKz89YLKNLqxvN/MZ6YaA9Pytn78B0y88meWvPD8Xnbj+flbN3wLrls13zw7p+rSXvytHnp6oq0Ep8Jg/yr2fN5u7kO/LT8f/971zb17V/rvu7+SR/hPPR8f4Oanow3b1DChsvy14Q+DUKCgqK/SLtbyYch4Omp70SAAAAAAAAAAAAAAAAAMBRHMfPCdPeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnX4GAAD//5KSYE0=")
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mknod(&(0x7f0000000240)='./file3\x00', 0x0, 0x0)
ftruncate(r0, 0x81fd)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

869.529826ms ago: executing program 5 (id=4857):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

849.704367ms ago: executing program 5 (id=4858):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = epoll_create1(0x0)
epoll_pwait(r2, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x10000008})
dup3(r0, r1, 0x0)

844.066677ms ago: executing program 2 (id=4859):
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x10000011})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
write$P9_RVERSION(r1, &(0x7f0000000140)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13)

503.944312ms ago: executing program 5 (id=4860):
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNOr+luF4fxy1J0TYYrT27jR5ND0+2Vdkd5df0sLXuRNbfuvDYbWgQq9cXEam7Bqrjfzj6YuPSteF45dOuNg5YV5VKpdLs9blwvgL8j2XR7RYA3VG+0Kf3v+Vxm6Yed4TLL9beAKW4rxVH7Ur/0trBQMP7204ajYgj5//9Mh3RiXUIAICb+D7Nf55tNv/L44G6cvcUeygjEXFvRGyLiPsiYntE3B9RLftgRDy0xvobd0hunP/kl24psFVK878Xir2t5fO/cvYXI31Fbms1/oHs6PG52X3Fc7I3BoZSfmKFOn54+ffPy/SGhmv18790pPrLuWDRjkv9DQt0M1OLU+3GXbr8ScTO/mbxZ1Fu42QRsSMidt5iHcef/npXq2s3j38FK+wzrVblq4inav1/PpbFf72rspb7kxPPH5o8OL4h5mb3jZd3xY1++e3CG63qbyv+Dkj9v6np/b+0CzySbYhYOHP2RHW/dmHtdVz487O6Mb1sdznFn38bseb7fzB7q5oeLM59OLW4eHoiYjB77cbzk9d/t8yX5VP8e/c0H//b6lr8cESkm3h3RDxSbOKmvnssIh6PiD0rxP/TS0+81+pa6/5fYVW+g1L8Mzfr/6jv/7Un+k78+N3a4y+l/j9QTe0tzqzm799qG9jOcwcAAAB3i7z6GfgsH1tK5/nYWO0z/NtjUz43v7D4zNH5D07N1D4rPxIDebnSNVy3HjpRrA2X+cmG/P5i3fiLvo3V/Nj0/NxMt4OHHre5xfhP/urrduuAddeBfTTgLmX8Q+8y/qF3Gf/Qu4x/6F3Nxv/HXWgHcPt5/YfeZfxD7zL+oXcZ/9CTWn43Pm/rK/9dTpT/O+FOaU+XEhvXs4rIux9gTyT61/s2Hmp6qct/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrkvwAAAP//ZWPiyA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

256.644056ms ago: executing program 5 (id=4861):
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})

139.439698ms ago: executing program 5 (id=4862):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r1, 0x0, 0x0)
dup3(r0, r1, 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x7fffffffffffffff)

0s ago: executing program 5 (id=4863):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
sendmsg(r0, &(0x7f0000001680)={&(0x7f00000000c0)=@hci={0x1f, 0xffffffffffffffff, 0x3}, 0x80, 0x0, 0x0, &(0x7f00000015c0)=[{0x10, 0x112, 0x7fffffff}], 0x10}, 0x40000c5)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x4f, 0x4200000)
syz_emit_ethernet(0xfc0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

gnored when QUOTA feature is enabled
[  227.854176][T10368] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  227.863545][T10368] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=2816e11c, mo2=0002]
[  227.881094][T10368] System zones: 0-2, 18-18, 34-34
[  227.886614][T10368] EXT4-fs warning (device loop3): ext4_enable_quotas:6100: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  227.939025][T10381] SELinux: failed to load policy
[  228.148168][T10395] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  228.281393][   T23] kauditd_printk_skb: 2 callbacks suppressed
[  228.281406][   T23] audit: type=1326 audit(1878621781.910:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10414 comm="syz.5.3824" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57f5237169 code=0x0
[  229.245653][   T23] audit: type=1400 audit(1878621782.870:588): avc:  denied  { write } for  pid=10437 comm="syz.3.3835" name=".log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  229.336690][T10438] EXT4-fs warning (device loop8): ext4_multi_mount_protect:287: Invalid MMP block in superblock
[  229.564697][T10436] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  229.572624][T10436] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  229.589427][T10436] F2FS-fs (loop5): Found nat_bits in checkpoint
[  229.634415][T10436] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  229.650725][T10436] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  229.657579][T10436] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  229.759938][   T13] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  229.777440][T10456] netlink: 'syz.0.3840': attribute type 4 has an invalid length.
[  230.009754][   T13] usb 9-1: Using ep0 maxpacket: 8
[  230.129790][   T13] usb 9-1: config 135 has an invalid interface number: 230 but max is 0
[  230.149699][   T13] usb 9-1: config 135 has an invalid descriptor of length 246, skipping remainder of the config
[  230.189710][   T13] usb 9-1: config 135 has no interface number 0
[  230.195935][   T13] usb 9-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  230.399794][   T13] usb 9-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  230.428108][   T13] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.450082][   T13] usb 9-1: Product: syz
[  230.459170][   T13] usb 9-1: Manufacturer: syz
[  230.471523][   T13] usb 9-1: SerialNumber: syz
[  230.528444][T10471] EXT4-fs (loop3): Test dummy encryption mode enabled
[  230.546376][T10471] EXT4-fs (loop3): Ignoring removed orlov option
[  230.565313][T10471] EXT4-fs (loop3): Unsupported blocksize for fs encryption
[  230.721677][   T13] usb 9-1: USB disconnect, device number 13
[  230.876039][T10504] tipc: Failed to remove local publication {67,0,0}/3252655487
[  230.893629][T10504] tipc: Failed to remove local publication {67,0,0}/3252655487
[  231.099683][  T125] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  231.101363][T10500] F2FS-fs (loop3): Found nat_bits in checkpoint
[  231.154786][T10500] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  231.214481][ T5183] attempt to access beyond end of device
[  231.214481][ T5183] loop3: rw=2049, want=45104, limit=40427
[  231.489788][  T125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.506748][  T125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.528866][  T125] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  231.553702][  T125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.572417][  T125] usb 2-1: config 0 descriptor??
[  231.840298][T10535] EXT4-fs (loop5): bad geometry: block count 3098423767073024 exceeds size of device (256 blocks)
[  232.051236][  T125] arvo 0003:1E7D:30D4.004D: unknown main item tag 0x0
[  232.062774][  T125] arvo 0003:1E7D:30D4.004D: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.1-1/input0
[  232.139693][   T24] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  232.246617][T10546] F2FS-fs (loop5): Found nat_bits in checkpoint
[  232.254384][   T23] audit: type=1400 audit(1878621785.880:589): avc:  denied  { create } for  pid=10501 comm="syz.1.3859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  232.259935][  T125] arvo 0003:1E7D:30D4.004D: couldn't init struct arvo_device
[  232.281214][  T125] arvo 0003:1E7D:30D4.004D: couldn't install keyboard
[  232.288777][  T125] arvo: probe of 0003:1E7D:30D4.004D failed with error -71
[  232.316420][  T125] usb 2-1: USB disconnect, device number 28
[  232.336322][T10546] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  232.392425][ T5068] attempt to access beyond end of device
[  232.392425][ T5068] loop5: rw=2049, want=45104, limit=40427
[  232.410214][   T23] audit: type=1400 audit(1878621786.040:590): avc:  denied  { search } for  pid=146 comm="syslogd" name="/" dev="tmpfs" ino=10936 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  232.509756][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.520576][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.530411][   T24] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  232.543672][   T24] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  232.552648][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.561548][   T24] usb 9-1: config 0 descriptor??
[  232.569706][  T108] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  232.757038][T10567] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  232.811661][T10573] overlayfs: failed to resolve './file0': -2
[  232.835419][   T23] audit: type=1400 audit(1878621786.460:591): avc:  denied  { sys_nice } for  pid=10574 comm="syz.1.3884" capability=23  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  232.969822][  T108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.980927][  T108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.991282][  T108] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  233.000183][  T108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.008945][  T108] usb 1-1: config 0 descriptor??
[  233.031847][   T24] plantronics 0003:047F:FFFF.004E: No inputs registered, leaving
[  233.046016][   T24] plantronics 0003:047F:FFFF.004E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  233.059752][ T2022] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[  233.429755][ T2022] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  233.437800][ T2022] usb 6-1: config 0 has no interface number 0
[  233.443880][ T2022] usb 6-1: config 0 interface 184 has no altsetting 0
[  233.472639][  T108] wacom 0003:056A:0063.004F: ignoring exceeding usage max
[  233.484193][  T108] wacom 0003:056A:0063.004F: ignoring exceeding usage max
[  233.491865][  T108] wacom 0003:056A:0063.004F: Unknown device_type for 'HID 056a:0063'. Assuming pen.
[  233.502673][  T108] wacom 0003:056A:0063.004F: hidraw1: USB HID v0.00 Device [HID 056a:0063] on usb-dummy_hcd.0-1/input0
[  233.517333][  T108] input: Wacom Volito2 2x3 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0063.004F/input/input72
[  233.619797][ T2022] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  233.628913][ T2022] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.637260][ T2022] usb 6-1: Product: syz
[  233.641674][ T2022] usb 6-1: Manufacturer: syz
[  233.646158][ T2022] usb 6-1: SerialNumber: syz
[  233.656883][ T2022] usb 6-1: config 0 descriptor??
[  233.685346][   T24] usb 1-1: USB disconnect, device number 35
[  233.700445][ T2022] smsc75xx v1.0.0
[  233.705162][ T2022] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  233.715631][ T2022] smsc75xx: probe of 6-1:0.184 failed with error -22
[  233.905264][ T2022] usb 6-1: USB disconnect, device number 29
[  234.359706][  T125] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  234.719985][  T125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.733387][  T125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.744222][  T125] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  234.753837][  T125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.794129][  T125] usb 2-1: config 0 descriptor??
[  234.988262][T10661] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  235.172093][T10678] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3926'.
[  235.229677][   T24] usb 9-1: reset high-speed USB device number 14 using dummy_hcd
[  235.359745][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  235.489710][   T24] usb 9-1: Using ep0 maxpacket: 16
[  235.529800][   T24] usb 9-1: device firmware changed
[  235.575570][  T125] usb 2-1: string descriptor 0 read error: -22
[  235.581920][ T2022] usb 9-1: USB disconnect, device number 14
[  235.585453][T10655] F2FS-fs (loop3): Invalid segment/section count (31, 24 x 150994945)
[  235.602483][T10655] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  235.613793][T10655] F2FS-fs (loop3): invalid crc value
[  235.621507][T10655] F2FS-fs (loop3): Found nat_bits in checkpoint
[  235.663308][T10655] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  235.670382][T10655] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  235.677381][T10655] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  235.696827][T10655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  235.708249][  T125] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0050/input/input75
[  235.719953][T10655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  235.722713][  T125] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0050/input/input76
[  235.729336][T10655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  235.740784][ T2022] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  235.759862][  T125] uclogic 0003:256C:006D.0050: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  235.763857][T10655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=8000000, run fsck to fix.
[  235.908536][   T24] usb 2-1: USB disconnect, device number 29
[  235.992110][   T23] audit: type=1400 audit(1878621789.620:592): avc:  denied  { execute_no_trans } for  pid=10701 comm="syz.5.3934" path="/379/file0" dev="tmpfs" ino=97871 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  236.009715][ T2022] usb 9-1: Using ep0 maxpacket: 16
[  236.081355][   T23] audit: type=1326 audit(1878621789.710:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10707 comm="syz.0.3937" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9269119169 code=0x0
[  236.165634][ T2022] usb 9-1: config 0 has no interfaces?
[  236.329768][ T2022] usb 9-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  236.338612][ T2022] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.359681][ T2022] usb 9-1: Product: syz
[  236.363648][ T2022] usb 9-1: Manufacturer: syz
[  236.368075][ T2022] usb 9-1: SerialNumber: syz
[  236.385065][ T2022] usb 9-1: config 0 descriptor??
[  236.450837][T10720] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  236.458383][T10720] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  236.476523][T10720] F2FS-fs (loop3): Found nat_bits in checkpoint
[  236.519167][T10720] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  236.526132][T10720] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  236.549681][   T13] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[  236.564275][   T23] audit: type=1400 audit(1878621790.190:594): avc:  denied  { rename } for  pid=10719 comm="syz.3.3929" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  236.636831][   T24] usb 9-1: USB disconnect, device number 15
[  236.670356][T10740] netlink: 'syz.1.3949': attribute type 12 has an invalid length.
[  236.678096][T10740] netlink: 'syz.1.3949': attribute type 29 has an invalid length.
[  236.686009][T10740] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3949'.
[  236.695147][T10740] netlink: 'syz.1.3949': attribute type 1 has an invalid length.
[  236.949807][   T13] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  236.969723][   T13] usb 6-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  236.989674][   T13] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.999054][   T13] usb 6-1: config 0 descriptor??
[  237.019846][T10718] raw-gadget gadget: fail, usb_ep_enable returned -22
[  237.409688][   T24] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  237.422312][T10754] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  237.430103][T10754] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  237.444628][T10754] F2FS-fs (loop3): Found nat_bits in checkpoint
[  237.482482][   T13] wacom 0003:056A:0029.0051: Unknown device_type for 'HID 056a:0029'. Assuming pen.
[  237.496840][T10764] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  237.507475][T10754] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  237.514385][T10764] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  237.515069][T10754] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  237.527929][   T13] wacom 0003:056A:0029.0051: hidraw0: USB HID v1.01 Device [HID 056a:0029] on usb-dummy_hcd.5-1/input0
[  237.546884][   T13] input: Wacom Intuos5 S Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0029.0051/input/input77
[  237.560451][T10764] F2FS-fs (loop8): Found nat_bits in checkpoint
[  237.634672][T10764] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  237.642108][T10764] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  237.739901][   T13] usb 6-1: USB disconnect, device number 30
[  237.779845][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.794125][   T24] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  237.979868][   T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  237.989782][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.997577][   T24] usb 2-1: Product: syz
[  238.019696][   T24] usb 2-1: Manufacturer: syz
[  238.024189][   T24] usb 2-1: SerialNumber: syz
[  238.080460][   T24] cdc_ncm 2-1:1.0: skipping garbage
[  238.112054][T10789] mmap: syz.3.3964 (10789): VmData 40820736 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  238.161299][   T23] audit: type=1400 audit(1878621791.790:595): avc:  denied  { mounton } for  pid=10798 comm="syz.8.3969" path="/125/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  238.282188][T10815] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.289225][T10815] IPv6: NLM_F_CREATE should be set when creating new route
[  238.296283][T10815] IPv6: NLM_F_CREATE should be set when creating new route
[  238.612127][T10834] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a80ec029, mo2=0000]
[  238.619948][T10834] System zones: 0-2, 18-18, 34-34
[  238.640624][T10834] EXT4-fs (loop5): 1 orphan inode deleted
[  238.646290][T10834] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000001,resgid=0x0000000000000000,debug,nombcache,usrquota,
[  238.685393][T10834] ext4 filesystem being mounted at /387/file1 supports timestamps until (%ptR?) (0x7fffffff)
[  238.873820][T10851] erofs: (device loop5): mounted with opts: , root inode @ nid 36.
[  239.034949][T10811] F2FS-fs (loop8): Invalid segment/section count (31, 24 x 150994945)
[  239.059550][T10811] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  239.079385][T10811] F2FS-fs (loop8): invalid crc value
[  239.094033][T10845] F2FS-fs (loop3): Found nat_bits in checkpoint
[  239.101784][T10811] F2FS-fs (loop8): Found nat_bits in checkpoint
[  239.149780][   T24] cdc_ncm 2-1:1.0: SET_NTB_FORMAT failed
[  239.171823][   T23] audit: type=1400 audit(1878621792.800:596): avc:  denied  { append } for  pid=10868 comm="syz.5.3994" name="usbmon0" dev="devtmpfs" ino=1255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  239.195487][   T24] cdc_ncm 2-1:1.0: bind() failure
[  239.203627][   T24] cdc_ncm 2-1:1.1: bind() failure
[  239.210820][   T24] usb 2-1: USB disconnect, device number 30
[  239.216793][T10811] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  239.223752][T10845] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  239.232214][T10811] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  239.292622][T10845] attempt to access beyond end of device
[  239.292622][T10845] loop3: rw=2049, want=45112, limit=40427
[  239.318337][   T23] audit: type=1400 audit(1878621792.940:597): avc:  denied  { rename } for  pid=10810 comm="syz.8.3973" name="file0" dev="loop8" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  239.342082][ T5183] attempt to access beyond end of device
[  239.342082][ T5183] loop3: rw=2049, want=45120, limit=40427
[  240.059672][   T13] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  240.064507][T10902] input: syz1 as /devices/virtual/input/input81
[  240.075273][T10902] input: failed to attach handler leds to device input81, error: -6
[  240.260865][T10916] FAT-fs (loop8): error, corrupted directory (invalid entries)
[  240.268302][T10916] FAT-fs (loop8): Filesystem has been set read-only
[  240.309773][   T13] usb 6-1: Using ep0 maxpacket: 8
[  240.338473][T10923] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  240.352926][T10923] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  240.379765][  T390] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  240.502365][   T23] audit: type=1326 audit(1878621794.130:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="syz.8.4019" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa19c7e7169 code=0x0
[  240.589765][   T13] usb 6-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[  240.598736][   T13] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  240.608032][   T13] usb 6-1: Product: syz
[  240.616780][   T13] usb 6-1: Manufacturer: syz
[  240.627393][   T13] usb 6-1: SerialNumber: syz
[  240.629663][  T390] usb 1-1: Using ep0 maxpacket: 16
[  240.638138][   T13] usb 6-1: config 0 descriptor??
[  240.749771][  T390] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  240.760447][  T390] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  240.890682][T10944] syz.3.4025 (10944): /proc/10943/oom_adj is deprecated, please use /proc/10943/oom_score_adj instead.
[  240.929743][  T390] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  240.938605][  T390] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.946886][  T390] usb 1-1: Product: syz
[  240.950932][  T390] usb 1-1: Manufacturer: syz
[  240.959844][  T390] usb 1-1: SerialNumber: syz
[  240.971156][  T390] usb 1-1: config 0 descriptor??
[  241.001835][   T13] usb 6-1: USB disconnect, device number 31
[  241.003447][T10950] overlayfs: invalid origin (790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  241.024012][  T390] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[  241.078459][T10962] netlink: 'syz.1.4033': attribute type 280 has an invalid length.
[  241.105021][T10960] EXT4-fs (loop3): Test dummy encryption mode enabled
[  241.126845][T10960] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[  241.243647][T10970] erofs: (device loop3): mounted with opts: acl, root inode @ nid 36.
[  241.389705][ T2022] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  241.476842][T10977] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  241.495771][T10977] ext4 filesystem being mounted at /137/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  241.683496][  T620] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  241.691244][  T620] FAT-fs (loop3): Filesystem has been set read-only
[  241.697588][  T620] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  241.735834][  T390] usb 1-1: USB disconnect, device number 36
[  241.760011][ T2022] usb 2-1: config 0 has an invalid interface number: 239 but max is 0
[  241.768026][ T2022] usb 2-1: config 0 has no interface number 0
[  241.949845][ T2022] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  241.958701][ T2022] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.979651][ T2022] usb 2-1: Product: syz
[  241.983669][ T2022] usb 2-1: Manufacturer: syz
[  241.988169][ T2022] usb 2-1: SerialNumber: syz
[  241.999917][ T2022] usb 2-1: config 0 descriptor??
[  242.099692][  T108] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  242.289687][  T429] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  242.349671][  T108] usb 4-1: Using ep0 maxpacket: 8
[  242.629808][  T108] usb 4-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[  242.638999][  T108] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  242.647294][  T108] usb 4-1: Product: syz
[  242.651756][  T108] usb 4-1: Manufacturer: syz
[  242.656197][  T108] usb 4-1: SerialNumber: syz
[  242.666602][  T108] usb 4-1: config 0 descriptor??
[  242.849780][  T429] usb 9-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  242.858919][  T429] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.867047][  T429] usb 9-1: Product: syz
[  242.871334][  T429] usb 9-1: Manufacturer: syz
[  242.875781][  T429] usb 9-1: SerialNumber: syz
[  242.886007][  T429] usb 9-1: config 0 descriptor??
[  243.013868][  T108] usb 4-1: USB disconnect, device number 19
[  243.109811][ T2022] asix 2-1:0.239 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  243.126239][ T2022] asix: probe of 2-1:0.239 failed with error -71
[  243.133391][ T2022] usb 2-1: USB disconnect, device number 31
[  243.338711][T11037] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4061'.
[  243.348725][T11037] xt_CT: You must specify a L4 protocol and not use inversions on it
[  243.357205][T11020] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  243.390568][T11039] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4062'.
[  243.471991][T11045] EXT4-fs (loop3): Ignoring removed orlov option
[  243.496454][T11045] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,orlov,auto_da_alloc,,errors=continue
[  243.513857][T11045] ext4 filesystem being mounted at /401/bus supports timestamps until (%ptR?) (0x7fffffff)
[  243.589791][  T429] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  243.599958][  T429] asix: probe of 9-1:0.0 failed with error -71
[  243.617803][  T429] usb 9-1: USB disconnect, device number 16
[  243.715734][T11067] /dev/loop0: Can't open blockdev
[  243.740860][T11071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4076'.
[  243.845241][T11079] EXT4-fs (loop3): Test dummy encryption mode enabled
[  243.866560][T11079] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[  244.003119][T11096] EXT4-fs (loop3): Ignoring removed orlov option
[  244.010035][T11096] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  244.021502][T11096] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  244.190885][T11111] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  244.199756][T11111] ext4 filesystem being mounted at /143/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  244.226281][   T23] audit: type=1400 audit(1878621797.850:599): avc:  denied  { read } for  pid=11124 comm="syz.1.4096" name="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  244.255236][   T23] audit: type=1400 audit(1878621797.850:600): avc:  denied  { open } for  pid=11124 comm="syz.1.4096" path="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  244.436788][T11123] F2FS-fs (loop3): invalid crc value
[  244.452513][T11123] F2FS-fs (loop3): Found nat_bits in checkpoint
[  244.498867][T11123] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  244.560724][ T5183] attempt to access beyond end of device
[  244.560724][ T5183] loop3: rw=2049, want=45104, limit=40427
[  244.768898][   T23] audit: type=1326 audit(1878621798.390:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11089 comm="syz.5.4084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57f5237169 code=0x7fc00000
[  244.782888][T11160] FAT-fs (loop8): Directory bread(block 64) failed
[  244.815736][T11160] FAT-fs (loop8): Directory bread(block 65) failed
[  244.828813][T11160] FAT-fs (loop8): Directory bread(block 66) failed
[  244.842817][T11160] FAT-fs (loop8): Directory bread(block 67) failed
[  244.855782][T11160] FAT-fs (loop8): Directory bread(block 68) failed
[  244.868758][T11160] FAT-fs (loop8): Directory bread(block 69) failed
[  244.899783][T11160] FAT-fs (loop8): Directory bread(block 70) failed
[  244.906129][T11160] FAT-fs (loop8): Directory bread(block 71) failed
[  244.929728][T11160] FAT-fs (loop8): Directory bread(block 72) failed
[  244.936296][T11160] FAT-fs (loop8): Directory bread(block 73) failed
[  244.983842][   T23] audit: type=1326 audit(1878621798.610:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11165 comm="syz.3.4106" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff6d5011169 code=0x0
[  245.157292][T11170] FAT-fs (loop5): Directory bread(block 64) failed
[  245.165964][T11170] FAT-fs (loop5): Directory bread(block 65) failed
[  245.172728][T11170] FAT-fs (loop5): Directory bread(block 66) failed
[  245.179211][T11170] FAT-fs (loop5): Directory bread(block 67) failed
[  245.193209][T11170] FAT-fs (loop5): Directory bread(block 68) failed
[  245.200046][T11170] FAT-fs (loop5): Directory bread(block 69) failed
[  245.207032][T11170] FAT-fs (loop5): Directory bread(block 70) failed
[  245.214529][T11170] FAT-fs (loop5): Directory bread(block 71) failed
[  245.226915][T11170] FAT-fs (loop5): Directory bread(block 72) failed
[  245.240385][T11170] FAT-fs (loop5): Directory bread(block 73) failed
[  245.306174][ T5068] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  245.314189][ T5068] FAT-fs (loop5): Filesystem has been set read-only
[  245.413675][T11183] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  245.460873][ T5573] bridge0: port 3(syz_tun) entered disabled state
[  245.521833][ T5573] device syz_tun left promiscuous mode
[  245.527125][ T5573] bridge0: port 3(syz_tun) entered disabled state
[  245.605053][T11188] netlink: 'syz.8.4122': attribute type 4 has an invalid length.
[  245.641768][   T23] audit: type=1400 audit(1878621799.270:603): avc:  denied  { watch watch_reads } for  pid=11192 comm="syz.8.4125" path="/156/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  245.860142][T11203] netlink: 'syz.0.4128': attribute type 12 has an invalid length.
[  245.867985][T11203] netlink: 'syz.0.4128': attribute type 29 has an invalid length.
[  245.896861][T11203] netlink: 148 bytes leftover after parsing attributes in process `syz.0.4128'.
[  245.926215][T11197] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.943537][T11197] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.960424][T11197] device bridge_slave_0 entered promiscuous mode
[  245.972068][T11197] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.989088][T11197] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.007721][T11197] device bridge_slave_1 entered promiscuous mode
[  246.020029][T11212] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  246.164952][T11197] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.171955][T11197] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.179092][T11197] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.185952][T11197] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.210157][  T384] device bridge_slave_1 left promiscuous mode
[  246.216247][  T384] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.225172][  T384] device bridge_slave_0 left promiscuous mode
[  246.231450][  T384] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.273710][T11229] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpquota,nouid32,minixdf,,errors=continue
[  246.285079][T11229] ext4 filesystem being mounted at /161/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  246.307488][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  246.315519][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.323345][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.342299][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  246.349712][  T108] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  246.350879][  T703] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.364384][  T703] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.373058][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  246.381823][  T703] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.388672][  T703] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.404279][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  246.420551][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  246.439868][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  246.448936][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  246.456544][  T429] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  246.483337][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  246.491822][   T23] audit: type=1326 audit(1878621800.130:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11233 comm="syz.8.4140" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa19c7e7169 code=0x0
[  246.492072][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  246.523336][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  246.599720][  T108] usb 1-1: Using ep0 maxpacket: 16
[  246.719711][  T108] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  246.728493][  T429] usb 2-1: Using ep0 maxpacket: 32
[  246.849769][  T429] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.860770][  T429] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.870385][  T429] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  246.879311][  T429] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.887617][  T108] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  246.901921][  T429] usb 2-1: config 0 descriptor??
[  246.906920][  T108] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.914931][  T108] usb 1-1: Product: syz
[  246.919052][  T108] usb 1-1: Manufacturer: syz
[  246.923563][  T108] usb 1-1: SerialNumber: syz
[  246.933862][  T108] usb 1-1: config 0 descriptor??
[  246.972642][  T108] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  246.982105][  T108] usb 1-1: Detected FT232RL
[  247.062909][T11236] F2FS-fs (loop7): Invalid segment/section count (31, 24 x 150994945)
[  247.071143][T11236] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  247.092993][T11236] F2FS-fs (loop7): invalid crc value
[  247.107920][T11236] F2FS-fs (loop7): Found nat_bits in checkpoint
[  247.141264][T11236] F2FS-fs (loop7): Cannot turn on quotas: -2 on 2
[  247.148139][T11236] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  247.155300][T11236] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  247.179770][  T108] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  247.351701][T11252] 9pnet: p9_errstr2errno: server reported unknown error �1 g;-�~	
[  247.394317][  T429] savu 0003:1E7D:2D5A.0052: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  247.442763][  T108] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  247.557024][T11254] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  247.590149][T11254] fs-verity: sha256 using implementation "sha256-avx2"
[  247.645828][  T108] usb 1-1: USB disconnect, device number 37
[  247.653713][  T108] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  247.664104][  T108] ftdi_sio 1-1:0.0: device disconnected
[  247.664738][T11259] EXT4-fs (loop7): Ignoring removed orlov option
[  247.671308][  T429] usb 2-1: USB disconnect, device number 32
[  247.676289][T11259] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  247.702048][T11259] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  247.775890][T11268] EXT4-fs (loop3): Ignoring removed nobh option
[  247.788955][T11268] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue
[  247.859760][T11275] serio: Serial port ptm0
[  247.915207][T11276] EXT4-fs (loop7): Test dummy encryption mode enabled
[  247.928571][T11276] EXT4-fs (loop7): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[  247.998793][T11281] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  248.067818][T11281] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:2998: comm syz.3.4153: Allocating blocks 385-513 which overlap fs metadata
[  248.083387][T11281] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:2998: comm syz.3.4153: Allocating blocks 497-513 which overlap fs metadata
[  248.111347][T11281] EXT4-fs (loop3): pa ffff8881e9f2bd20: logic 16, phys. 129, len 24
[  248.119246][T11281] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:3895: group 0, free 0, pa_free 1
[  248.291326][T11299]  loop7: p2 < > p3 p4
[  248.308552][T11299] loop7: p3 start 65535 is beyond EOD, truncated
[  248.315812][T11299] loop7: p4 size 8192 extends beyond EOD, truncated
[  248.331508][T11313] erofs: (device loop3): mounted with opts: , root inode @ nid 36.
[  248.526963][T11299] EXT4-fs (loop7p2): unable to read superblock
[  248.636220][  T821] udevd[821]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  248.639809][  T820] udevd[820]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory
[  248.680977][T11350] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  248.709116][T11350] ext4 filesystem being mounted at /176/file1 supports timestamps until (%ptR?) (0x7fffffff)
[  248.715949][  T352] udevd[352]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  248.730824][  T820] udevd[820]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory
[  248.774177][T11350] EXT4-fs error (device loop8): ext4_validate_block_bitmap:418: comm syz.8.4182: bg 0: block 393: padding at end of block bitmap is not set
[  248.794899][T11364] input: syz0 as /devices/virtual/input/input83
[  248.821541][  T703] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 131587 with max blocks 1 with error 28
[  248.853196][  T703] EXT4-fs (loop8): This should not happen!! Data will be lost
[  248.853196][  T703] 
[  248.883196][  T703] EXT4-fs (loop8): Total free blocks count 0
[  248.889001][  T703] EXT4-fs (loop8): Free/Dirty block details
[  248.895292][  T703] EXT4-fs (loop8): free_blocks=0
[  248.909670][  T703] EXT4-fs (loop8): dirty_blocks=16
[  248.914599][  T703] EXT4-fs (loop8): Block reservation details
[  248.929937][  T703] EXT4-fs (loop8): i_reserved_data_blocks=1
[  248.930892][T11366] SELinux: ebitmap: truncated map
[  248.955837][T11366] SELinux: failed to load policy
[  248.999691][   T13] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  249.135421][T11375] EXT4-fs (loop7): Ignoring removed orlov option
[  249.148786][T11375] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  249.162244][T11375] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  249.239689][   T13] usb 4-1: Using ep0 maxpacket: 8
[  249.359839][   T13] usb 4-1: config 252 has an invalid interface number: 150 but max is 0
[  249.369781][   T13] usb 4-1: config 252 has no interface number 0
[  249.375928][   T13] usb 4-1: config 252 interface 150 altsetting 5 bulk endpoint 0x2 has invalid maxpacket 1023
[  249.393171][T11384] netlink: 'syz.8.4194': attribute type 4 has an invalid length.
[  249.399911][   T13] usb 4-1: config 252 interface 150 has no altsetting 0
[  249.410715][T11384] netlink: 17 bytes leftover after parsing attributes in process `syz.8.4194'.
[  249.503732][T11390] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  249.569907][   T13] usb 4-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=d9.3b
[  249.592355][   T13] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.616040][   T13] usb 4-1: Product: syz
[  249.625721][   T13] usb 4-1: Manufacturer: syz
[  249.635704][   T13] usb 4-1: SerialNumber: syz
[  249.660003][T11362] raw-gadget gadget: fail, usb_ep_enable returned -22
[  249.820157][T11414] syz.1.4205[11414] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.820212][T11414] syz.1.4205[11414] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.937771][T11362] EXT4-fs error (device loop3): ext4_orphan_get:1262: comm syz.3.4185: bad orphan inode 15
[  249.963332][T11362] ext4_test_bit(bit=14, block=18) = 1
[  249.968858][T11362] is_bad_inode(inode)=0
[  249.973118][T11362] NEXT_ORPHAN(inode)=1023
[  249.977302][T11362] max_ino=32
[  249.980940][T11362] i_nlink=0
[  249.984098][T11362] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2936: inode #15: comm syz.3.4185: corrupted xattr block 19
[  249.996829][T11362] EXT4-fs warning (device loop3): ext4_evict_inode:321: xattr delete (err -117)
[  250.006288][T11362] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  250.015133][T11362] ext4 filesystem being mounted at /425/�q�Y�3aK supports timestamps until (%ptR?) (0x7fffffff)
[  250.090985][   T13] usbhid 4-1:252.150: couldn't find an input interrupt endpoint
[  250.109027][   T13] usb 4-1: USB disconnect, device number 20
[  250.181567][T11435] EXT4-fs (loop7): mounted filesystem without journal. Opts: init_itable=0x0000000000000002,,errors=continue
[  250.256785][T11440] incfs: Error accessing: ./file0/file0.
[  250.262384][T11440] incfs: mount failed -2
[  250.790300][   T13] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  250.951404][T11483] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue
[  250.970156][T11483] ext4 filesystem being mounted at /32/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  251.020907][T11483] overlayfs: upper fs needs to support d_type.
[  251.038896][T11483] overlayfs: invalid origin (790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  251.052247][   T13] usb 9-1: Using ep0 maxpacket: 16
[  251.059816][T11493] kvm [11492]: vcpu0, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0x3
[  251.169813][   T13] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  251.185282][   T13] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  251.205698][   T13] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  251.295674][T11508] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4240'.
[  251.381792][   T23] audit: type=1400 audit(1878621805.010:605): avc:  denied  { write } for  pid=11512 comm="syz.7.4242" name="msr" dev="devtmpfs" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  251.405404][   T13] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  251.426776][   T13] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.446502][   T13] usb 9-1: Product: syz
[  251.455293][   T13] usb 9-1: Manufacturer: syz
[  251.465337][   T13] usb 9-1: SerialNumber: syz
[  251.613163][T11519] EXT4-fs (loop7): Ignoring removed bh option
[  251.619077][T11519] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  251.630921][T11522] netlink: 576 bytes leftover after parsing attributes in process `syz.1.4246'.
[  251.668688][T11519] EXT4-fs (loop7): 1 truncate cleaned up
[  251.683052][T11519] EXT4-fs (loop7): mounted filesystem without journal. Opts: quota,resgid=0x000000000000ee00,bh,noload,data_err=ignore,noload,,errors=continue
[  251.806345][T11531] netlink: 2104 bytes leftover after parsing attributes in process `syz.7.4249'.
[  251.959848][   T13] usb 9-1: 0:2 : does not exist
[  251.986353][T11534] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,acl,max_dir_size_kb=0x0000000000000001,
[  252.018929][T11534] ext4 filesystem being mounted at /39/bus supports timestamps until (%ptR?) (0x7fffffff)
[  252.119999][T11547] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4255'.
[  252.318314][T11565] overlayfs: failed to clone lowerpath
[  252.584621][T11580] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,nogrpid,nodelalloc,acl,noinit_itable,,errors=continue
[  252.629674][  T390] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  252.879656][  T390] usb 1-1: Using ep0 maxpacket: 16
[  252.982044][T11586] F2FS-fs (loop7): Invalid SB checksum offset: 0
[  252.988330][T11586] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  252.999726][  T390] usb 1-1: config 0 interface 0 has no altsetting 0
[  253.006601][  T390] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  253.009765][   T13] usb 9-1: 1:0: cannot get min/max values for control 6 (id 1)
[  253.025435][  T390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.034609][T11586] F2FS-fs (loop7): invalid crc value
[  253.040997][   T13] usb 9-1: USB disconnect, device number 17
[  253.062015][  T390] usb 1-1: config 0 descriptor??
[  253.126859][T11586] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0
[  253.143254][T11586] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  253.289328][T11597] �: renamed from pim6reg1
[  253.649749][  T429] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  253.676499][T11605] attempt to access beyond end of device
[  253.676499][T11605] loop3: rw=2051, want=1180690, limit=128
[  253.783292][T11616] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  253.793005][T11616] EXT4-fs (loop3): Unrecognized mount option "fsname=$}^" or missing value
[  253.904038][T11624] 9pnet: p9_errstr2errno: server reported unknown error �@~>�
[  253.995375][   T13] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=13 comm=kworker/0:1
[  254.009960][  T429] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.024079][  T429] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  254.035940][  T429] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.051678][  T429] usb 9-1: config 0 descriptor??
[  254.136820][T11646] erofs: (device loop7): mounted with opts: , root inode @ nid 36.
[  254.149965][T11646] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=46
[  254.161551][T11646] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=overlay ino=105307
[  254.380439][T11658] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  254.389557][T11658] ext4 filesystem being mounted at /63/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  254.421607][T11197] EXT4-fs error (device loop7): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /63/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  254.513372][T11669] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue
[  254.527145][T11669] ext4 filesystem being mounted at /440/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  254.538408][  T429] keytouch 0003:0926:3333.0053: fixing up Keytouch IEC report descriptor
[  254.558200][  T429] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.0053/input/input84
[  254.644045][  T429] keytouch 0003:0926:3333.0053: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0
[  254.719434][T11686] input: syz0 as /devices/virtual/input/input85
[  254.924305][T11699] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  254.935845][T11699] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  254.945111][T11699] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2227: inode #15: comm syz.7.4314: corrupted in-inode xattr
[  254.957672][T11699] EXT4-fs error (device loop7): ext4_orphan_get:1242: comm syz.7.4314: couldn't read orphan inode 15 (err -117)
[  254.970371][T11699] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,max_dir_size_kb=0x0000000000000002,,errors=continue
[  255.308752][T11707] F2FS-fs (loop7): invalid crc value
[  255.314476][   T24] usb 9-1: USB disconnect, device number 18
[  255.339802][T11707] F2FS-fs (loop7): Found nat_bits in checkpoint
[  255.394998][T11707] F2FS-fs (loop7): Start checkpoint disabled!
[  255.399855][  T390] usbhid 1-1:0.0: can't add hid device: -71
[  255.402001][T11707] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  255.420480][  T390] usbhid: probe of 1-1:0.0 failed with error -71
[  255.439824][  T390] usb 1-1: USB disconnect, device number 38
[  255.523896][  T703] attempt to access beyond end of device
[  255.523896][  T703] loop7: rw=2049, want=40992, limit=40427
[  255.671760][T11719] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4320'.
[  255.840380][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  255.931205][T11734] netlink: 104 bytes leftover after parsing attributes in process `syz.8.4326'.
[  255.950729][T11738] input: syz1 as /devices/virtual/input/input86
[  256.482224][T11774] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  256.498357][T11774] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  256.509002][T11774] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  257.090513][T11803] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  257.220963][T11823] overlayfs: invalid origin (7900c773000094326e6f64ff7600008c5a5f507603a7c108ec90518583cd16dc77278ae54e8c17fdc5ade1c4df65faf1)
[  257.515799][T11818] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  257.535606][T11818] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  257.563875][T11818] F2FS-fs (loop8): Found nat_bits in checkpoint
[  257.639884][T11818] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  257.647902][T11818] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  257.703650][   T23] audit: type=1400 audit(1878621811.330:606): avc:  denied  { watch } for  pid=11817 comm="syz.8.4361" path="/207/bus/file0" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  258.042499][T11855] 9pnet: p9_errstr2errno: server reported unknown error �<jqz�PL�������<�p�� �#���v�g�B�B���[R����e�ve
[  258.042499][T11855] c
[  258.320652][T11867] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,
[  258.353326][T11867] ext4 filesystem being mounted at /83/bus supports timestamps until (%ptR?) (0x7fffffff)
[  258.414077][   T23] audit: type=1400 audit(1878621812.040:607): avc:  denied  { mounton } for  pid=11864 comm="syz.7.4378" path="/83/bus/bus" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  258.455225][T11867] EXT4-fs error (device loop7): ext4_map_blocks:617: inode #4: block 16: comm syz.7.4378: lblock 0 mapped to illegal pblock 16 (length 1)
[  258.484920][T11867] EXT4-fs (loop7): Remounting filesystem read-only
[  258.499706][T11867] Quota error (device loop7): find_next_id: Can't read quota tree block 1
[  258.535120][T11197] EXT4-fs error (device loop7): ext4_map_blocks:617: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[  258.557747][T11875] EXT4-fs (loop8): 1 orphan inode deleted
[  258.569730][T11875] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  258.578490][T11875] ext4 filesystem being mounted at /211/file1 supports timestamps until (%ptR?) (0x7fffffff)
[  258.614471][T11884] SELinux: failed to load policy
[  258.747074][T11890] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  259.206780][T11907] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.237872][T11907] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.270338][T11907] device bridge_slave_0 entered promiscuous mode
[  259.287700][T11907] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.299675][T11907] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.321222][T11907] device bridge_slave_1 entered promiscuous mode
[  259.401285][  T703] device bridge_slave_1 left promiscuous mode
[  259.407253][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.433076][  T703] device bridge_slave_0 left promiscuous mode
[  259.452372][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.557898][   T23] audit: type=1400 audit(1878621813.180:608): avc:  denied  { create } for  pid=11937 comm="syz.0.4409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  259.636736][   T23] audit: type=1400 audit(1878621813.180:609): avc:  denied  { setopt } for  pid=11937 comm="syz.0.4409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  259.683134][T11907] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.683152][   T23] audit: type=1400 audit(1878621813.210:610): avc:  denied  { mounton } for  pid=11937 comm="syz.0.4409" path="/914/file1" dev="tmpfs" ino=107319 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  259.689988][T11907] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.690115][T11907] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.690131][T11907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.745527][   T23] audit: type=1400 audit(1878621813.210:611): avc:  denied  { block_suspend } for  pid=11935 comm="syz.1.4408" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  259.770015][   T23] audit: type=1400 audit(1878621813.230:612): avc:  denied  { read } for  pid=11940 comm="syz.0.4410" dev="nsfs" ino=4026532734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  259.771681][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.792217][   T23] audit: type=1400 audit(1878621813.230:613): avc:  denied  { open } for  pid=11940 comm="syz.0.4410" path="net:[4026532734]" dev="nsfs" ino=4026532734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  259.824719][T11918] F2FS-fs (loop8): invalid crc value
[  259.830060][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.833837][   T23] audit: type=1400 audit(1878621813.230:614): avc:  denied  { create } for  pid=11940 comm="syz.0.4410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  259.857656][T11918] F2FS-fs (loop8): Found nat_bits in checkpoint
[  259.881658][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  259.900023][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  259.934795][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  259.943033][  T390] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  259.955232][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  259.966935][T11918] F2FS-fs (loop8): Start checkpoint disabled!
[  259.973311][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.980170][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.988400][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  259.997217][T11918] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  260.020102][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  260.028253][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.035111][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.065653][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  260.074183][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  260.104615][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  260.121323][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  260.150464][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  260.161274][  T620] attempt to access beyond end of device
[  260.161274][  T620] loop8: rw=2049, want=45104, limit=40427
[  260.173819][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  260.190430][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  260.198745][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  260.214824][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  260.223371][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  260.239492][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  260.248972][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  260.257449][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  260.266469][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  260.330192][  T390] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.345681][  T390] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  260.439747][  T390] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  260.456255][  T390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  260.474401][  T390] usb 1-1: SerialNumber: syz
[  260.679699][  T429] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  260.770774][  T390] usb 1-1: 0:2 : does not exist
[  260.836669][T11974] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  260.848152][  T390] usb 1-1: USB disconnect, device number 39
[  260.897780][T11974] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:2998: comm syz.9.4422: Allocating blocks 497-513 which overlap fs metadata
[  260.912243][T11974] EXT4-fs (loop9): pa ffff8881e9f2b2a0: logic 128, phys. 385, len 8
[  260.920075][T11974] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:3895: group 0, free 0, pa_free 1
[  260.940914][T11974] EXT4-fs error (device loop9): mb_free_blocks:1458: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  260.955273][T11974] EXT4-fs error (device loop9): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 10 vs 11 free clusters
[  261.069751][  T429] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.081273][  T820] udevd[820]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  261.096875][  T429] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.107036][  T429] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  261.116936][  T429] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.139943][  T429] usb 2-1: config 0 descriptor??
[  261.165597][T11983] EXT4-fs (loop9): Ignoring removed orlov option
[  261.190722][T11983] EXT4-fs (loop9): Ignoring removed orlov option
[  261.230677][T11983] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,grpid,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,orlov,orlov,
[  261.272757][T11989] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  261.310166][T11983] EXT4-fs error (device loop9): __ext4_get_inode_loc:4710: comm syz.9.4424: Invalid inode table block 7016996765293437281 in block_group 0
[  261.345461][T11983] EXT4-fs (loop9): Remounting filesystem read-only
[  261.353085][T11983] EXT4-fs error (device loop9): ext4_get_max_inline_size:115: inode #18: comm syz.9.4424: can't get inode location 18
[  261.418080][T11907] EXT4-fs error (device loop9): ext4_map_blocks:617: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[  261.437298][T11907] EXT4-fs warning (device loop9): htree_dirblock_to_tree:1049: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[  261.793867][T12008] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.801110][T12008] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.808787][T12008] device bridge_slave_0 entered promiscuous mode
[  261.820262][T12008] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.834784][T12008] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.847282][T12008] device bridge_slave_1 entered promiscuous mode
[  261.912927][T12016] FAT-fs (loop8): Directory bread(block 64) failed
[  261.920449][T12016] FAT-fs (loop8): Directory bread(block 65) failed
[  261.937934][T12016] FAT-fs (loop8): Directory bread(block 66) failed
[  261.950925][T12016] FAT-fs (loop8): Directory bread(block 67) failed
[  261.967328][T12016] FAT-fs (loop8): Directory bread(block 68) failed
[  261.981946][T12016] FAT-fs (loop8): Directory bread(block 69) failed
[  261.998525][T12016] FAT-fs (loop8): Directory bread(block 70) failed
[  262.013730][T12016] FAT-fs (loop8): Directory bread(block 71) failed
[  262.028115][T12016] FAT-fs (loop8): Directory bread(block 72) failed
[  262.037207][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  262.037793][T12016] FAT-fs (loop8): Directory bread(block 73) failed
[  262.057181][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  262.074617][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  262.101060][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  262.112555][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.119440][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.142042][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  262.158354][  T620] device bridge_slave_1 left promiscuous mode
[  262.169849][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.186269][  T620] device bridge_slave_0 left promiscuous mode
[  262.193419][T12018] attempt to access beyond end of device
[  262.193419][T12018] loop8: rw=2049, want=1832, limit=256
[  262.196674][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.232312][T12018] attempt to access beyond end of device
[  262.232312][T12018] loop8: rw=2049, want=5288, limit=256
[  262.281645][T12018] attempt to access beyond end of device
[  262.281645][T12018] loop8: rw=2049, want=5992, limit=256
[  262.383968][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  262.400046][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  262.408216][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.415082][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.449087][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  262.463094][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  262.501258][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  262.509783][  T429] uclogic 0003:256C:006D.0054: failed retrieving string descriptor #100: -71
[  262.522499][  T429] uclogic 0003:256C:006D.0054: failed retrieving pen parameters: -71
[  262.537814][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  262.551110][  T429] uclogic 0003:256C:006D.0054: failed probing pen v1 parameters: -71
[  262.555064][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  262.573193][  T429] uclogic 0003:256C:006D.0054: failed probing parameters: -71
[  262.590422][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  262.594961][  T429] uclogic: probe of 0003:256C:006D.0054 failed with error -71
[  262.617794][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  262.630011][  T429] usb 2-1: USB disconnect, device number 33
[  262.692028][    T7] attempt to access beyond end of device
[  262.692028][    T7] loop8: rw=1, want=9752, limit=256
[  262.735575][    T7] attempt to access beyond end of device
[  262.735575][    T7] loop8: rw=1, want=13824, limit=256
[  262.762011][    T7] attempt to access beyond end of device
[  262.762011][    T7] loop8: rw=1, want=20864, limit=256
[  262.774338][T12023] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  262.781348][    T7] attempt to access beyond end of device
[  262.781348][    T7] loop8: rw=1, want=29016, limit=256
[  262.788085][   T23] kauditd_printk_skb: 94 callbacks suppressed
[  262.788103][   T23] audit: type=1400 audit(1878621816.410:709): avc:  denied  { mount } for  pid=12022 comm="syz.4.4435" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  262.801938][    T7] attempt to access beyond end of device
[  262.801938][    T7] loop8: rw=1, want=33800, limit=256
[  262.822119][T12023] ext4 filesystem being mounted at /0/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  262.878977][T12023] EXT4-fs (loop4): shut down requested (1)
[  262.880654][   T23] audit: type=1400 audit(1878621816.500:710): avc:  denied  { write } for  pid=12022 comm="syz.4.4435" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  262.932114][   T23] audit: type=1400 audit(1878621816.500:711): avc:  denied  { add_name } for  pid=12022 comm="syz.4.4435" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  262.953643][   T23] audit: type=1400 audit(1878621816.500:712): avc:  denied  { create } for  pid=12022 comm="syz.4.4435" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  262.975062][   T23] audit: type=1400 audit(1878621816.500:713): avc:  denied  { read write open } for  pid=12022 comm="syz.4.4435" path="/0/file0/file1" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  262.999792][   T23] audit: type=1400 audit(1878621816.500:714): avc:  denied  { setattr } for  pid=12022 comm="syz.4.4435" path="/0/file0/file1" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  263.067858][   T23] audit: type=1400 audit(1878621816.510:715): avc:  denied  { ioctl } for  pid=12022 comm="syz.4.4435" path="/0/file0/file1" dev="loop4" ino=18 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  263.180751][   T23] audit: type=1400 audit(1878621816.690:716): avc:  denied  { read } for  pid=12028 comm="syz.1.4441" name="kvm" dev="devtmpfs" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  263.218743][   T23] audit: type=1400 audit(1878621816.690:717): avc:  denied  { open } for  pid=12028 comm="syz.1.4441" path="/dev/kvm" dev="devtmpfs" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  263.276428][   T23] audit: type=1400 audit(1878621816.690:718): avc:  denied  { ioctl } for  pid=12029 comm="syz.4.4440" path="/dev/kvm" dev="devtmpfs" ino=1134 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  263.308810][T12054] incfs: iterate_incfs_dir / -22
[  263.319462][T12054] incfs: iterate_incfs_dir / -22
[  263.369370][T12063] input: syz0 as /devices/virtual/input/input87
[  263.530720][T12068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  263.552462][T12068] EXT4-fs error (device loop4): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  263.569811][T12068] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 1 with error 28
[  263.597299][T12068] EXT4-fs (loop4): This should not happen!! Data will be lost
[  263.597299][T12068] 
[  263.609794][T12068] EXT4-fs (loop4): Total free blocks count 0
[  263.616334][T12068] EXT4-fs (loop4): Free/Dirty block details
[  263.629795][T12068] EXT4-fs (loop4): free_blocks=2415919104
[  263.647569][T12068] EXT4-fs (loop4): dirty_blocks=16
[  263.664234][T12068] EXT4-fs (loop4): Block reservation details
[  263.682364][T12068] EXT4-fs (loop4): i_reserved_data_blocks=1
[  263.729654][  T345] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  263.955907][T12101] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  263.964660][  T125] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  263.979771][  T345] usb 9-1: Using ep0 maxpacket: 16
[  264.038847][T12101] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:2998: comm syz.4.4469: Allocating blocks 497-513 which overlap fs metadata
[  264.059996][T12101] EXT4-fs (loop4): pa ffff8881cb04f930: logic 128, phys. 385, len 8
[  264.067799][T12101] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:3895: group 0, free 0, pa_free 1
[  264.083855][T12105] EXT4-fs error (device loop4): mb_free_blocks:1458: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  264.098327][T12105] EXT4-fs error (device loop4): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 10 vs 11 free clusters
[  264.112885][  T345] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.129746][  T345] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.149500][  T345] usb 9-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00
[  264.169189][  T345] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.192999][  T345] usb 9-1: config 0 descriptor??
[  264.359749][  T125] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  264.379766][  T125] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  264.409313][  T125] usb 2-1: config 1 has no interface number 0
[  264.419902][  T125] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.435256][  T125] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  264.599796][  T125] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  264.618842][  T125] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.639074][  T125] usb 2-1: Product: syz
[  264.643305][  T125] usb 2-1: Manufacturer: syz
[  264.647703][  T125] usb 2-1: SerialNumber: syz
[  264.790852][  T345] apple 0003:05AC:0274.0055: fixing up MacBook JIS keyboard report descriptor
[  264.810144][  T345] apple 0003:05AC:0274.0055: unknown main item tag 0x4
[  264.827218][  T345] apple 0003:05AC:0274.0055: unexpected long global item
[  264.847635][  T345] apple 0003:05AC:0274.0055: parse failed
[  264.864643][  T345] apple: probe of 0003:05AC:0274.0055 failed with error -22
[  264.991518][  T345] usb 9-1: USB disconnect, device number 19
[  265.005301][T12118] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  265.019789][T12118] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  265.040366][T12118] F2FS-fs (loop4): invalid crc value
[  265.089533][T12118] F2FS-fs (loop4): Found nat_bits in checkpoint
[  265.139664][T12118] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  265.146566][T12118] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  265.179818][T12118] attempt to access beyond end of device
[  265.179818][T12118] loop4: rw=2051, want=45064, limit=40427
[  265.199906][T12118] attempt to access beyond end of device
[  265.199906][T12118] loop4: rw=2051, want=131072, limit=40427
[  265.229935][T12118] F2FS-fs (loop4): Issue discard(4614, 4614, 1019) failed, ret: -5
[  265.229951][T12118] F2FS-fs (loop4): Issue discard(5637, 5637, 10747) failed, ret: -5
[  265.622024][T12135] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  265.657757][T12135] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:2998: comm syz.4.4479: Allocating blocks 385-513 which overlap fs metadata
[  265.673569][T12135] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:2998: comm syz.4.4479: Allocating blocks 497-513 which overlap fs metadata
[  265.689496][T12135] EXT4-fs (loop4): pa ffff8881e9f2b150: logic 16, phys. 129, len 24
[  265.697370][T12135] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:3895: group 0, free 0, pa_free 1
[  265.786974][T12141] EXT4-fs (loop4): Ignoring removed nobh option
[  265.795732][T12141] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue
[  265.799970][  T125] cdc_ncm 2-1:1.1: bind() failure
[  266.014357][  T108] usb 2-1: USB disconnect, device number 34
[  266.262276][T12148] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  266.274421][T12148] ext4 filesystem being mounted at /18/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  266.391159][T12008] EXT4-fs error (device loop4): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /18/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  266.827189][T12182] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  266.856270][T12182] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  266.876220][T12182] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2227: inode #15: comm syz.8.4496: corrupted in-inode xattr
[  266.899845][T12182] EXT4-fs error (device loop8): ext4_orphan_get:1242: comm syz.8.4496: couldn't read orphan inode 15 (err -117)
[  266.930216][T12182] EXT4-fs (loop8): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue
[  267.028653][ T8829] EXT4-fs error (device loop8): ext4_readdir:260: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  267.100057][ T8829] EXT4-fs error (device loop8): ext4_empty_dir:3080: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  267.140009][ T8829] EXT4-fs error (device loop8): ext4_readdir:260: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  267.179973][ T8829] EXT4-fs error (device loop8): ext4_empty_dir:3080: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  267.220043][ T8829] EXT4-fs error (device loop8): ext4_readdir:260: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  267.240987][T12197] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  267.260339][ T8829] EXT4-fs error (device loop8): ext4_empty_dir:3080: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  267.300023][ T8829] EXT4-fs error (device loop8): ext4_readdir:260: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  267.340595][ T8829] EXT4-fs error (device loop8): ext4_empty_dir:3080: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  267.379993][ T8829] EXT4-fs error (device loop8): ext4_readdir:260: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  267.411436][ T8829] EXT4-fs error (device loop8): ext4_empty_dir:3080: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  267.983879][T12234] overlayfs: failed to resolve './file0': -2
[  268.083578][T12230] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.112287][T12230] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.131898][T12230] device bridge_slave_0 entered promiscuous mode
[  268.149306][    T7] device bridge_slave_1 left promiscuous mode
[  268.156246][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.170465][    T7] device bridge_slave_0 left promiscuous mode
[  268.182644][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.341287][T12230] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.351498][T12230] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.367669][T12230] device bridge_slave_1 entered promiscuous mode
[  268.382681][   T23] kauditd_printk_skb: 84 callbacks suppressed
[  268.382695][   T23] audit: type=1400 audit(2000000000.420:803): avc:  denied  { ioctl } for  pid=12256 comm="syz.0.4527" path="socket:[111953]" dev="sockfs" ino=111953 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  268.540373][T12230] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.547229][T12230] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.554381][T12230] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.561310][T12230] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.601766][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.620111][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.671469][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.681250][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.702537][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.720038][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.739734][  T703] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.746584][  T703] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.769646][  T390] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  268.781890][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.793443][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.811553][  T703] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.818404][  T703] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.840561][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.854911][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.874531][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.889119][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.920160][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  268.931703][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  268.979411][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  268.997659][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.019739][  T390] usb 1-1: Using ep0 maxpacket: 8
[  269.025431][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.040202][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.062506][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  269.071854][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.082669][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  269.090977][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.167759][T12272] input: syz1 as /devices/virtual/input/input89
[  269.186061][   T23] audit: type=1400 audit(2000000001.220:804): avc:  denied  { create } for  pid=12273 comm="syz.6.4513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  269.242377][T12276] netlink: 148 bytes leftover after parsing attributes in process `syz.6.4536'.
[  269.249666][   T23] audit: type=1400 audit(2000000001.220:805): avc:  denied  { write } for  pid=12273 comm="syz.6.4513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  269.252279][T12276] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  269.309745][   T23] audit: type=1400 audit(2000000001.220:806): avc:  denied  { nlmsg_write } for  pid=12273 comm="syz.6.4513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  269.309788][  T390] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  269.379825][  T390] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.387629][  T390] usb 1-1: Product: syz
[  269.402161][   T23] audit: type=1400 audit(2000000001.270:807): avc:  denied  { getopt } for  pid=12277 comm="syz.1.4537" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  269.409671][  T390] usb 1-1: Manufacturer: syz
[  269.449654][  T390] usb 1-1: SerialNumber: syz
[  269.455962][  T390] usb 1-1: config 0 descriptor??
[  269.464214][T12282] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable=0x0000000000000002,,errors=continue
[  269.507413][   T23] audit: type=1400 audit(2000000001.540:808): avc:  denied  { map } for  pid=12281 comm="syz.6.4539" path="/2/file1/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  269.543615][   T23] audit: type=1400 audit(2000000001.570:809): avc:  denied  { execute } for  pid=12281 comm="syz.6.4539" path="/2/file1/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  269.679692][ T2022] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  269.783758][T12294] EXT4-fs (loop6): Ignoring removed nobh option
[  269.809409][T12294] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue
[  269.947585][ T9287] bridge0: port 3(syz_tun) entered disabled state
[  269.966215][ T9287] device syz_tun left promiscuous mode
[  269.972134][ T9287] bridge0: port 3(syz_tun) entered disabled state
[  270.051609][T12300] EXT4-fs (loop6): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  270.089740][ T2022] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  270.109798][ T2022] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.113960][  T390] usb 1-1: USB disconnect, device number 40
[  270.120332][ T2022] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  270.143540][   T23] audit: type=1400 audit(2000000002.180:810): avc:  denied  { mount } for  pid=12299 comm="syz.6.4545" name="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  270.171288][ T2022] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  270.212365][T12302] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.217975][   T23] audit: type=1400 audit(2000000002.180:811): avc:  denied  { search } for  pid=12299 comm="syz.6.4545" name="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  270.219486][ T2022] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.250158][T12302] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.257698][T12302] device bridge_slave_0 entered promiscuous mode
[  270.265240][T12302] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.272191][T12302] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.285371][   T23] audit: type=1400 audit(2000000002.180:812): avc:  denied  { mounton } for  pid=12299 comm="syz.6.4545" path="/" dev="configfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  270.286512][T12302] device bridge_slave_1 entered promiscuous mode
[  270.321872][ T2022] usb 2-1: config 0 descriptor??
[  270.470602][T12302] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.477462][T12302] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.484757][T12302] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.491597][T12302] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.522470][  T620] Bluetooth: hci0: Frame reassembly failed (-84)
[  270.546846][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.555089][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.563300][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.580810][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.589169][  T620] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.596025][  T620] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.604027][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.612938][  T620] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.619794][  T620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.643095][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.660942][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.675919][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  270.695674][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  270.709925][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  270.725975][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.746146][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  270.781185][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.788594][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.796377][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.804234][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.813004][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.820348][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.827573][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.846003][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.860143][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.870292][ T2022] plantronics 0003:047F:FFFF.0056: unknown main item tag 0x0
[  270.879568][ T2022] plantronics 0003:047F:FFFF.0056: No inputs registered, leaving
[  270.890931][ T2022] plantronics 0003:047F:FFFF.0056: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  270.938117][T12324] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000002,,errors=continue
[  271.319696][ T2022] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  271.862282][T12343] overlayfs: invalid origin (790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  271.875467][ T2022] usb 3-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  271.886538][ T2022] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.901143][ T2022] usb 3-1: Product: syz
[  271.906103][ T2022] usb 3-1: Manufacturer: syz
[  271.911155][ T2022] usb 3-1: SerialNumber: syz
[  271.921693][ T2022] usb 3-1: config 0 descriptor??
[  272.390240][T12330] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  272.559647][   T24] Bluetooth: hci0: command 0x1003 tx timeout
[  272.565523][ T1965] Bluetooth: hci0: sending frame failed (-49)
[  272.619880][ T2022] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  272.633164][ T2022] asix: probe of 3-1:0.0 failed with error -71
[  272.645626][ T2022] usb 3-1: USB disconnect, device number 13
[  272.910245][  T379] usb 2-1: USB disconnect, device number 35
[  272.982120][T12366] input: syz0 as /devices/virtual/input/input90
[  272.988194][T12366] input: failed to attach handler leds to device input90, error: -6
[  273.026410][T12370] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4570'.
[  273.153852][T12383] TCP: TCP_TX_DELAY enabled
[  273.285443][T12389] SELinux: failed to load policy
[  273.537450][T12395] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  273.549691][T12395] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  273.569682][T12395] F2FS-fs (loop2): invalid crc value
[  273.581322][T12395] F2FS-fs (loop2): Found nat_bits in checkpoint
[  273.628156][T12395] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  273.635176][T12395] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  273.639680][  T379] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  273.652218][T12395] attempt to access beyond end of device
[  273.652218][T12395] loop2: rw=2051, want=131072, limit=40427
[  273.663454][T12395] F2FS-fs (loop2): Issue discard(8192, 8192, 8192) failed, ret: -5
[  273.899659][  T379] usb 1-1: Using ep0 maxpacket: 32
[  273.981171][T12405] EXT4-fs (loop2): mounted filesystem without journal. Opts: inlinecrypt,,errors=continue
[  273.991434][T12405] ext4 filesystem being mounted at /7/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  274.011312][   T23] kauditd_printk_skb: 7 callbacks suppressed
[  274.011324][   T23] audit: type=1400 audit(2000000006.050:820): avc:  denied  { setattr } for  pid=12404 comm="syz.2.4583" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  274.011727][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.047548][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.057783][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.059755][  T379] usb 1-1: config 4 has an invalid interface number: 128 but max is 0
[  274.066807][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.082220][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.083959][  T379] usb 1-1: config 4 has no interface number 0
[  274.092950][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.105699][   T23] audit: type=1400 audit(2000000006.150:821): avc:  denied  { rename } for  pid=12404 comm="syz.2.4583" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  274.105716][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.148637][  T379] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.167418][  T379] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.177122][  T379] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  274.177392][T12405] EXT4-fs error (device loop2) in ext4_do_update_inode:5534: error 27
[  274.186015][  T379] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.240543][  T379] hub 1-1:4.128: USB hub found
[  274.400788][   T23] audit: type=1400 audit(2000000006.430:822): avc:  denied  { transition } for  pid=12413 comm="syz.2.4586" path="/9/file0" dev="tmpfs" ino=113501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  274.454481][   T23] audit: type=1400 audit(2000000006.460:823): avc:  denied  { entrypoint } for  pid=12413 comm="syz.2.4586" path="/9/file0" dev="tmpfs" ino=113501 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  274.478086][  T379] hub 1-1:4.128: 2 ports detected
[  274.483301][  T379] hub 1-1:4.128: Using single TT (err -22)
[  274.489230][   T23] audit: type=1400 audit(2000000006.460:824): avc:  denied  { share } for  pid=12413 comm="syz.2.4586" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  274.508913][   T23] audit: type=1400 audit(2000000006.460:825): avc:  denied  { noatsecure } for  pid=12413 comm="syz.2.4586" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  274.639876][  T125] Bluetooth: hci0: command 0x1001 tx timeout
[  274.645860][ T1965] Bluetooth: hci0: sending frame failed (-49)
[  274.689736][  T379] hub 1-1:4.128: hub_hub_status failed (err = -71)
[  274.696070][  T379] hub 1-1:4.128: config failed, can't get hub status (err -71)
[  274.740590][  T379] usb 1-1: USB disconnect, device number 41
[  275.200770][T12421] SELinux: failed to load policy
[  275.243558][   T23] audit: type=1400 audit(2000000007.280:826): avc:  denied  { create } for  pid=12424 comm="syz.1.4590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  275.271925][   T23] audit: type=1400 audit(2000000007.300:827): avc:  denied  { read } for  pid=12424 comm="syz.1.4590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  275.318154][   T23] audit: type=1400 audit(2000000007.350:828): avc:  denied  { write } for  pid=12424 comm="syz.1.4590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  275.701413][T12447] hub 2-0:1.0: USB hub found
[  275.719781][T12447] hub 2-0:1.0: 1 port detected
[  276.369446][   T23] audit: type=1326 audit(2000000008.400:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12479 comm="syz.1.4613" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fab5dbc3169 code=0x0
[  276.719738][ T2022] Bluetooth: hci0: command 0x1009 tx timeout
[  277.255990][T12519] input: syz1 as /devices/virtual/input/input91
[  278.000145][  T379] Bluetooth: hci1: command 0x1003 tx timeout
[  278.006190][ T2066] Bluetooth: hci1: sending frame failed (-49)
[  278.117895][T12535] netlink: 'syz.1.4634': attribute type 16 has an invalid length.
[  278.125824][T12535] netlink: 'syz.1.4634': attribute type 17 has an invalid length.
[  278.159819][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  278.193699][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  278.202131][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  278.215375][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  278.227619][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  278.236156][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  278.244840][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  278.253386][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  278.262284][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  278.270157][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  278.602303][T12543] Disabled LAPIC found during irq injection
[  278.880697][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  278.989647][   T24] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  279.229644][   T24] usb 2-1: Using ep0 maxpacket: 8
[  279.349693][   T24] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  279.357759][   T24] usb 2-1: config 179 has no interface number 0
[  279.379711][   T24] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  279.390596][   T24] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  279.401627][   T24] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  279.412540][   T24] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  279.423750][   T24] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  279.436778][   T24] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  279.445640][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.479723][T12558] raw-gadget gadget: fail, usb_ep_enable returned -22
[  279.710848][   T24] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input92
[  279.804041][T12571] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4649'.
[  279.812980][T12571] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4649'.
[  280.079696][ T2022] Bluetooth: hci1: command 0x1001 tx timeout
[  280.085566][ T2066] Bluetooth: hci1: sending frame failed (-49)
[  280.110156][T12558] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  280.319580][  T108] usb 2-1: USB disconnect, device number 36
[  280.329647][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  280.621393][   T23] kauditd_printk_skb: 10 callbacks suppressed
[  280.621406][   T23] audit: type=1400 audit(2000000012.660:840): avc:  denied  { getopt } for  pid=12575 comm="syz.0.4651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  280.788403][   T23] audit: type=1400 audit(2000000012.820:841): avc:  denied  { create } for  pid=12587 comm="syz.0.4657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  280.881180][   T23] audit: type=1400 audit(2000000012.920:842): avc:  denied  { read } for  pid=12596 comm="syz.1.4661" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  280.929653][   T23] audit: type=1400 audit(2000000012.920:843): avc:  denied  { open } for  pid=12596 comm="syz.1.4661" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  281.015698][   T23] audit: type=1400 audit(2000000012.950:844): avc:  denied  { ioctl } for  pid=12596 comm="syz.1.4661" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x6208 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  281.200451][   T23] audit: type=1400 audit(2000000013.240:845): avc:  denied  { bind } for  pid=12610 comm="syz.6.4667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  281.258053][   T23] audit: type=1400 audit(2000000013.240:846): avc:  denied  { listen } for  pid=12610 comm="syz.6.4667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  281.387688][   T23] audit: type=1400 audit(2000000013.420:847): avc:  denied  { set_context_mgr } for  pid=12625 comm="syz.6.4674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  281.451261][   T23] audit: type=1400 audit(2000000013.440:848): avc:  denied  { write } for  pid=12625 comm="syz.6.4674" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  281.509071][   T23] audit: type=1400 audit(2000000013.530:849): avc:  denied  { setopt } for  pid=12628 comm="syz.6.4676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  281.550770][T12633] device batadv_slave_0 entered promiscuous mode
[  281.685990][T12640] sch_tbf: burst 3092 is lower than device lo mtu (65550) !
[  281.784713][T12636] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.799635][T12636] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.817203][T12636] device bridge_slave_0 entered promiscuous mode
[  281.825279][T12636] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.849655][T12636] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.870298][T12636] device bridge_slave_1 entered promiscuous mode
[  282.066938][T12636] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.073809][T12636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.080957][T12636] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.087703][T12636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.159703][  T379] Bluetooth: hci1: command 0x1009 tx timeout
[  282.176020][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  282.184180][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.197437][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.244327][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  282.260424][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.267269][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.281758][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  282.294938][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.301806][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.311033][T12672] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  282.337045][T12672] ext4 filesystem being mounted at /31/file1 supports timestamps until (%ptR?) (0x7fffffff)
[  282.350411][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  282.370799][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  282.404356][T12672] EXT4-fs error (device loop6): ext4_validate_block_bitmap:418: comm syz.6.4694: bg 0: block 393: padding at end of block bitmap is not set
[  282.427887][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  282.436685][T12672] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117
[  282.456379][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  282.466347][  T620] device bridge_slave_1 left promiscuous mode
[  282.472588][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.479950][T12672] EXT4-fs (loop6): This should not happen!! Data will be lost
[  282.479950][T12672] 
[  282.491117][  T620] device bridge_slave_0 left promiscuous mode
[  282.497076][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.656424][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  282.665003][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  282.712519][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  282.741432][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  282.769137][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  282.800819][  T703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.119576][T12694] EXT4-fs (loop6): Ignoring removed oldalloc option
[  283.128623][T12694] EXT4-fs (loop6): Ignoring removed orlov option
[  283.138669][T12694] EXT4-fs (loop6): Ignoring removed oldalloc option
[  283.159728][T12694] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  283.218965][T12694] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,errors=remount-ro,sysvgroups,norecovery,oldalloc,orlov,oldalloc,auto_da_alloc,nomblk_io_submit,
[  283.269613][T12694] EXT4-fs error (device loop6): ext4_map_blocks:617: inode #15: block 1803188595: comm syz.6.4701: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[  283.300004][T12694] EXT4-fs (loop6): Remounting filesystem read-only
[  283.879776][T12724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4714'.
[  283.889399][T12720] SELinux: failed to load policy
[  284.077026][T12692] F2FS-fs (loop5): invalid crc value
[  284.110996][T12692] F2FS-fs (loop5): Found nat_bits in checkpoint
[  284.189654][T12692] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  284.410854][T12751] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  284.430789][T12751] EXT4-fs error (device loop6): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  284.446607][T12751] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  284.459445][T12751] EXT4-fs (loop6): This should not happen!! Data will be lost
[  284.459445][T12751] 
[  284.469017][T12751] EXT4-fs (loop6): Total free blocks count 0
[  284.474915][T12751] EXT4-fs (loop6): Free/Dirty block details
[  284.481159][T12751] EXT4-fs (loop6): free_blocks=2415919104
[  284.487458][T12751] EXT4-fs (loop6): dirty_blocks=32
[  284.493780][T12751] EXT4-fs (loop6): Block reservation details
[  284.499682][T12751] EXT4-fs (loop6): i_reserved_data_blocks=1
[  284.514774][  T620] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  284.528143][  T620] EXT4-fs (loop6): This should not happen!! Data will be lost
[  284.528143][  T620] 
[  284.629755][  T379] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  284.665024][T12761] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000002,nouid32,,errors=continue
[  284.677796][T12761] ext4 filesystem being mounted at /52/file0 supports timestamps until (%ptR?) (0x7fffffff)
[  284.821300][T12777] FAT-fs (loop6): Unrecognized mount option "shortname=wwn95" or missing value
[  284.921163][T12780] EXT4-fs (loop6): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue
[  284.955454][T12230] EXT4-fs error (device loop6): ext4_lookup:1821: inode #2: comm syz-executor: deleted inode referenced: 11
[  284.967791][T12230] EXT4-fs error (device loop6): ext4_lookup:1821: inode #2: comm syz-executor: deleted inode referenced: 11
[  284.999765][  T379] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  285.010447][  T379] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.021661][  T379] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.031485][  T379] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  285.119895][  T379] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  285.128734][  T379] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  285.149642][  T379] usb 1-1: Manufacturer: syz
[  285.159952][  T379] usb 1-1: config 0 descriptor??
[  285.260864][T12786] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.267699][T12786] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.275250][T12786] device bridge_slave_0 entered promiscuous mode
[  285.282353][T12786] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.289183][T12786] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.296774][T12786] device bridge_slave_1 entered promiscuous mode
[  285.354366][T12786] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.361304][T12786] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.368440][T12786] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.375205][T12786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.403837][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  285.411461][  T384] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.418645][  T384] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.433858][  T384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  285.447574][  T384] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.454465][  T384] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.491056][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  285.499300][  T620] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.506189][  T620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.530919][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  285.539059][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  285.551915][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  285.579201][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  285.595210][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  285.622408][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  285.631288][  T379] appleir 0003:05AC:8243.0057: unknown main item tag 0x0
[  285.646078][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  285.660089][  T379] appleir 0003:05AC:8243.0057: No inputs registered, leaving
[  285.690295][  T379] appleir 0003:05AC:8243.0057: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  285.763871][T12807] 9pnet: p9_errstr2errno: server reported unknown error �@
[  285.915609][   T23] kauditd_printk_skb: 15 callbacks suppressed
[  285.915620][   T23] audit: type=1400 audit(2000000017.950:865): avc:  denied  { name_bind } for  pid=12815 comm="syz.1.4746" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  286.024856][T12805] F2FS-fs (loop7): fault_injection options not supported
[  286.045470][T12805] F2FS-fs (loop7): invalid crc value
[  286.067547][T12805] F2FS-fs (loop7): Found nat_bits in checkpoint
[  286.127400][T12805] F2FS-fs (loop7): Start checkpoint disabled!
[  286.135734][T12805] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  286.169736][   T23] audit: type=1400 audit(2000000018.200:866): avc:  denied  { create } for  pid=12804 comm="syz.7.4742" dev="anon_inodefs" ino=116454 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  286.217775][  T703] attempt to access beyond end of device
[  286.217775][  T703] loop7: rw=2049, want=40976, limit=40427
[  286.329740][  T379] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  286.491734][  T345] usb 1-1: USB disconnect, device number 42
[  286.550398][T12850] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  286.569737][  T125] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  286.590615][   T23] audit: type=1400 audit(2000000018.630:867): avc:  denied  { ioctl } for  pid=12849 comm="syz.7.4759" path="/4/file0/file2" dev="loop7" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  286.671931][T12854] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue
[  286.686024][T12854] ext4 filesystem being mounted at /22/bus supports timestamps until (%ptR?) (0x7fffffff)
[  286.689758][  T379] usb 2-1: config 0 has an invalid interface number: 76 but max is 0
[  286.713970][  T379] usb 2-1: config 0 has no interface number 0
[  286.728656][  T379] usb 2-1: config 0 interface 76 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 11
[  286.742049][  T379] usb 2-1: config 0 interface 76 has no altsetting 0
[  286.748554][  T379] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  286.757574][  T379] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.768429][  T379] usb 2-1: config 0 descriptor??
[  286.939760][  T125] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.949885][T12859] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  286.958735][  T125] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.964485][T12859] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  286.970899][  T125] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  286.991102][  T125] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  287.000403][  T125] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.019030][T12866] SELinux: failed to load policy
[  287.021563][  T125] usb 6-1: config 0 descriptor??
[  287.030370][T12859] F2FS-fs (loop7): Found nat_bits in checkpoint
[  287.092184][T12859] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  287.101866][T12859] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  287.117747][   T23] audit: type=1400 audit(2000000019.150:868): avc:  denied  { create } for  pid=12856 comm="syz.7.4761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  287.169721][   T23] audit: type=1400 audit(2000000019.190:869): avc:  denied  { write } for  pid=12856 comm="syz.7.4761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  287.221485][T12886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4772'.
[  287.369745][  T379] usb 2-1: string descriptor 0 read error: -22
[  287.510899][  T125] plantronics 0003:047F:FFFF.0058: unknown main item tag 0x3
[  287.518446][  T125] plantronics 0003:047F:FFFF.0058: No inputs registered, leaving
[  287.528706][  T125] plantronics 0003:047F:FFFF.0058: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  287.574321][  T429] usb 2-1: USB disconnect, device number 37
[  287.576166][T12896] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  287.599447][T12896] EXT4-fs error (device loop7): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  287.614524][T12896] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  287.626728][T12896] EXT4-fs (loop7): This should not happen!! Data will be lost
[  287.626728][T12896] 
[  287.636287][T12896] EXT4-fs (loop7): Total free blocks count 0
[  287.642054][T12896] EXT4-fs (loop7): Free/Dirty block details
[  287.647705][T12896] EXT4-fs (loop7): free_blocks=2415919104
[  287.653622][T12896] EXT4-fs (loop7): dirty_blocks=16
[  287.658549][T12896] EXT4-fs (loop7): Block reservation details
[  287.664556][T12896] EXT4-fs (loop7): i_reserved_data_blocks=1
[  287.671411][   T23] audit: type=1400 audit(2000000019.710:870): avc:  denied  { getopt } for  pid=12895 comm="syz.7.4770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  287.790637][  T125] usb 6-1: USB disconnect, device number 32
[  287.845300][T12902] EXT4-fs error (device loop7): ext4_orphan_get:1238: inode #15: comm syz.7.4775: iget: bad extended attribute block 1
[  287.857907][T12902] EXT4-fs error (device loop7): ext4_orphan_get:1242: comm syz.7.4775: couldn't read orphan inode 15 (err -117)
[  287.869846][T12902] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue
[  287.894927][T12902] EXT4-fs error (device loop7): ext4_mb_generate_buddy:748: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  288.051071][T12909] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,bsddf,,errors=continue
[  288.063521][T12909] ext4 filesystem being mounted at /9/file1 supports timestamps until (%ptR?) (0x7fffffff)
[  288.162412][   T23] audit: type=1400 audit(2000000020.200:871): avc:  denied  { read write } for  pid=12924 comm="syz.2.4783" name="uhid" dev="devtmpfs" ino=10822 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  288.220277][T12926] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  288.221883][   T23] audit: type=1400 audit(2000000020.200:872): avc:  denied  { open } for  pid=12924 comm="syz.2.4783" path="/dev/uhid" dev="devtmpfs" ino=10822 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  288.272819][T12940] device syz_tun left promiscuous mode
[  288.278705][T12940] bridge0: port 3(syz_tun) entered disabled state
[  288.287580][   T23] audit: type=1400 audit(2000000020.260:873): avc:  denied  { write } for  pid=12935 comm="syz.0.4786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  288.313462][T12942] xt_hashlimit: size too large, truncated to 1048576
[  288.358133][   T23] audit: type=1400 audit(2000000020.370:874): avc:  denied  { mount } for  pid=12943 comm="syz.5.4790" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  288.678059][  T384] EXT4-fs error (device loop7): ext4_validate_block_bitmap:418: comm kworker/u4:3: bg 0: block 345: padding at end of block bitmap is not set
[  288.699379][T12968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4799'.
[  288.712367][  T384] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  288.749686][  T384] EXT4-fs (loop7): This should not happen!! Data will be lost
[  288.749686][  T384] 
[  288.778269][T12973] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  288.785418][T12973] IPv6: NLM_F_CREATE should be set when creating new route
[  288.803948][T12975] overlayfs: failed to resolve './file0': -2
[  288.837021][  T384] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2039 with error 28
[  288.869665][  T384] EXT4-fs (loop7): This should not happen!! Data will be lost
[  288.869665][  T384] 
[  288.889315][  T384] EXT4-fs (loop7): Total free blocks count 0
[  288.909494][  T384] EXT4-fs (loop7): Free/Dirty block details
[  288.915384][  T703] device bridge_slave_1 left promiscuous mode
[  288.921768][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.938896][  T384] EXT4-fs (loop7): free_blocks=0
[  288.944019][  T384] EXT4-fs (loop7): dirty_blocks=2048
[  288.949280][  T384] EXT4-fs (loop7): Block reservation details
[  288.957270][  T703] device bridge_slave_0 left promiscuous mode
[  288.969779][  T384] EXT4-fs (loop7): i_reserved_data_blocks=128
[  288.970144][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.037385][T12985] syz.5.4808[12985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.037490][T12985] syz.5.4808[12985] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.076270][T12947] syz.1.4789 (12947) used greatest stack depth: 17976 bytes left
[  289.179758][  T390] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  289.381035][  T345] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  289.419664][  T390] usb 1-1: Using ep0 maxpacket: 32
[  289.539720][  T390] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.553996][  T390] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.565913][  T390] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  289.574954][  T390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.583765][  T390] usb 1-1: config 0 descriptor??
[  289.620155][  T390] hub 1-1:0.0: USB hub found
[  289.629792][  T345] usb 2-1: Using ep0 maxpacket: 8
[  289.650986][T13030] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,dioread_lock,noquota,noblock_validity,block_validity,
[  289.750162][  T345] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[  289.761434][  T345] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  289.919754][  T390] hub 1-1:0.0: config failed, can't read hub descriptor (err -90)
[  289.929763][  T345] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  289.938751][  T345] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.946575][  T345] usb 2-1: Product: syz
[  289.950623][  T345] usb 2-1: Manufacturer: syz
[  289.954941][  T345] usb 2-1: SerialNumber: syz
[  289.974772][T13046] netlink: 'syz.5.4832': attribute type 4 has an invalid length.
[  289.985130][T13046] netlink: 'syz.5.4832': attribute type 4 has an invalid length.
[  290.094091][T13052] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  290.201390][T12991] raw-gadget gadget: fail, usb_ep_enable returned -22
[  290.209833][  T390] usbhid 1-1:0.0: can't add hid device: -71
[  290.215596][  T390] usbhid: probe of 1-1:0.0 failed with error -71
[  290.260499][  T390] usb 1-1: USB disconnect, device number 43
[  290.365190][T13063] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue
[  290.404890][T13066] attempt to access beyond end of device
[  290.404890][T13066] loop5: rw=2049, want=1041, limit=128
[  290.503498][T13071] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  290.524262][T13071] EXT4-fs (loop7): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue
[  290.629153][T12786] EXT4-fs error (device loop7): ext4_lookup:1817: inode #14: comm syz-executor: iget: bad extra_isize 17960 (inode size 256)
[  290.642868][T12786] EXT4-fs error (device loop7): ext4_lookup:1817: inode #14: comm syz-executor: iget: bad extra_isize 17960 (inode size 256)
[  290.655882][T13074] attempt to access beyond end of device
[  290.655882][T13074] loop5: rw=0, want=1041, limit=128
[  290.842362][T12991] raw-gadget gadget: fail, usb_ep_enable returned -22
[  291.049651][  T390] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  291.088059][T13110] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.095099][T13110] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.099820][  T345] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  291.102971][T13110] device bridge_slave_0 entered promiscuous mode
[  291.119466][  T345] cdc_ncm 2-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[  291.119845][T13110] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.162040][   T23] kauditd_printk_skb: 20 callbacks suppressed
[  291.162061][   T23] audit: type=1400 audit(2000000023.200:895): avc:  denied  { read } for  pid=202 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  291.170289][T13110] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.223246][T13110] device bridge_slave_1 entered promiscuous mode
[  291.237571][  T620] device bridge_slave_1 left promiscuous mode
[  291.243829][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.259041][  T620] device bridge_slave_0 left promiscuous mode
[  291.271767][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.309231][  T108] usb 2-1: USB disconnect, device number 38
[  291.315432][  T108] cdc_ncm 2-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[  291.362922][T13120] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  291.383932][T13120] EXT4-fs (loop5): invalid journal inode
[  291.399459][T13120] EXT4-fs (loop5): can't get journal size
[  291.419948][T13120] EXT4-fs (loop5): 1 truncate cleaned up
[  291.428718][T13120] EXT4-fs (loop5): mounted filesystem without journal. Opts: norecovery,,errors=continue
[  291.449823][  T390] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.467472][  T390] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.488523][  T390] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  291.514351][  T390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.536044][  T390] usb 1-1: config 0 descriptor??
[  291.575279][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  291.584966][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  291.619082][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  291.655364][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  291.684129][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.691005][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.704314][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  291.713416][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  291.725063][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.731932][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.764405][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  291.786822][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  291.795137][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  291.822033][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  291.835123][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  291.840512][  T379] ==================================================================
[  291.850469][  T379] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa2/0x120
[  291.858102][  T379] Read of size 8 at addr ffff8881d7574b88 by task kworker/0:4/379
[  291.865731][  T379] 
[  291.867911][  T379] CPU: 0 PID: 379 Comm: kworker/0:4 Tainted: G        W         5.4.290-syzkaller-00002-g41adfeb3d639 #0
[  291.879062][  T379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  291.888934][  T379] Workqueue: events_long br_fdb_cleanup
[  291.894304][  T379] Call Trace:
[  291.897442][  T379]  dump_stack+0x1d8/0x241
[  291.901604][  T379]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  291.907241][  T379]  ? printk+0xd1/0x111
[  291.911239][  T379]  ? __list_del_entry_valid+0xa2/0x120
[  291.916531][  T379]  print_address_description+0x8c/0x600
[  291.921914][  T379]  ? p9_read_work+0x534/0x1010
[  291.926513][  T379]  ? __list_del_entry_valid+0xa2/0x120
[  291.931808][  T379]  __kasan_report+0xf3/0x120
[  291.936235][  T379]  ? __list_del_entry_valid+0xa2/0x120
[  291.941527][  T379]  kasan_report+0x30/0x60
[  291.945693][  T379]  __list_del_entry_valid+0xa2/0x120
[  291.950830][  T379]  process_one_work+0x471/0xd20
[  291.955507][  T379]  worker_thread+0xaef/0x1470
[  291.960020][  T379]  kthread+0x2da/0x360
[  291.963922][  T379]  ? worker_clr_flags+0x170/0x170
[  291.968781][  T379]  ? kthread_blkcg+0xd0/0xd0
[  291.973207][  T379]  ret_from_fork+0x1f/0x30
[  291.977456][  T379] 
[  291.979624][  T379] Allocated by task 345:
[  291.983799][  T379]  __kasan_kmalloc+0x171/0x210
[  291.988396][  T379]  kvmalloc_node+0x7e/0xf0
[  291.992648][  T379]  alloc_netdev_mqs+0x85/0xc70
[  291.997247][  T379]  usbnet_probe+0x1fc/0x28b0
[  292.001674][  T379]  usb_probe_interface+0x5aa/0xa90
[  292.006621][  T379]  really_probe+0x4dd/0xb80
[  292.010961][  T379]  driver_probe_device+0xe5/0x240
[  292.015821][  T379]  bus_for_each_drv+0x183/0x200
[  292.020508][  T379]  __device_attach+0x31c/0x490
[  292.025107][  T379]  bus_probe_device+0xbd/0x1e0
[  292.029712][  T379]  device_add+0x88d/0xbb0
[  292.033876][  T379]  usb_set_configuration+0x18ce/0x1e30
[  292.039168][  T379]  generic_probe+0x84/0x140
[  292.043507][  T379]  really_probe+0x4dd/0xb80
[  292.047858][  T379]  driver_probe_device+0xe5/0x240
[  292.052719][  T379]  bus_for_each_drv+0x183/0x200
[  292.057403][  T379]  __device_attach+0x31c/0x490
[  292.061995][  T379]  bus_probe_device+0xbd/0x1e0
[  292.066598][  T379]  device_add+0x88d/0xbb0
[  292.070770][  T379]  usb_new_device+0xbbc/0x1760
[  292.075362][  T379]  hub_event+0x2c62/0x4d50
[  292.079618][  T379]  process_one_work+0x765/0xd20
[  292.084304][  T379]  worker_thread+0xaef/0x1470
[  292.088813][  T379]  kthread+0x2da/0x360
[  292.092728][  T379]  ret_from_fork+0x1f/0x30
[  292.096971][  T379] 
[  292.099143][  T379] Freed by task 108:
[  292.102879][  T379]  __kasan_slab_free+0x1b5/0x270
[  292.107655][  T379]  kfree+0x123/0x370
[  292.111382][  T379]  device_release+0x6b/0x190
[  292.115809][  T379]  kobject_put+0x1e6/0x2f0
[  292.120065][  T379]  usb_unbind_interface+0x1d0/0x840
[  292.125096][  T379]  device_release_driver_internal+0x50a/0x7b0
[  292.130996][  T379]  bus_remove_device+0x2ca/0x340
[  292.135770][  T379]  device_del+0x65a/0xfa0
[  292.139936][  T379]  usb_disable_device+0x38c/0x750
[  292.144798][  T379]  usb_disconnect+0x32c/0x890
[  292.149311][  T379]  hub_event+0x1c75/0x4d50
[  292.153565][  T379]  process_one_work+0x765/0xd20
[  292.158254][  T379]  worker_thread+0xaef/0x1470
[  292.162763][  T379]  kthread+0x2da/0x360
[  292.166668][  T379]  ret_from_fork+0x1f/0x30
[  292.170918][  T379] 
[  292.173092][  T379] The buggy address belongs to the object at ffff8881d7574000
[  292.173092][  T379]  which belongs to the cache kmalloc-4k of size 4096
[  292.186984][  T379] The buggy address is located 2952 bytes inside of
[  292.186984][  T379]  4096-byte region [ffff8881d7574000, ffff8881d7575000)
[  292.200254][  T379] The buggy address belongs to the page:
[  292.205743][  T379] page:ffffea00075d5c00 refcount:1 mapcount:0 mapping:ffff8881f5c0c280 index:0x0 compound_mapcount: 0
[  292.216489][  T379] flags: 0x8000000000010200(slab|head)
[  292.221788][  T379] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5c0c280
[  292.230203][  T379] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  292.238617][  T379] page dumped because: kasan: bad access detected
[  292.244872][  T379] page_owner tracks the page as allocated
[  292.250425][  T379] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL)
[  292.266659][  T379]  prep_new_page+0x18f/0x370
[  292.271082][  T379]  get_page_from_freelist+0x2d13/0x2d90
[  292.276463][  T379]  __alloc_pages_nodemask+0x393/0x840
[  292.281672][  T379]  alloc_slab_page+0x39/0x3c0
[  292.286185][  T379]  new_slab+0x97/0x440
[  292.290090][  T379]  ___slab_alloc+0x2fe/0x490
[  292.294517][  T379]  __slab_alloc+0x62/0xa0
[  292.298685][  T379]  __kmalloc_track_caller+0x16d/0x2b0
[  292.303892][  T379]  __alloc_skb+0xb4/0x4d0
[  292.308059][  T379]  rtmsg_ifinfo_build_skb+0x81/0x180
[  292.313176][  T379]  rtmsg_ifinfo+0x71/0x120
[  292.317431][  T379]  netdev_state_change+0x15a/0x1e0
[  292.322376][  T379]  do_setlink+0x7a7/0x3b70
[  292.326630][  T379]  rtnl_newlink+0x1141/0x2060
[  292.331146][  T379]  rtnetlink_rcv_msg+0x983/0xc70
[  292.335918][  T379]  netlink_rcv_skb+0x1d5/0x420
[  292.340514][  T379] page last free stack trace:
[  292.345034][  T379]  __free_pages_ok+0x847/0x950
[  292.349634][  T379]  __free_pages+0x91/0x140
[  292.353884][  T379]  __free_slab+0x221/0x2e0
[  292.358136][  T379]  unfreeze_partials+0x14e/0x180
[  292.362913][  T379]  put_cpu_partial+0x44/0x180
[  292.367437][  T379]  __slab_free+0x297/0x360
[  292.371676][  T379]  qlist_free_all+0x43/0xb0
[  292.376017][  T379]  quarantine_reduce+0x1d9/0x210
[  292.380815][  T379]  __kasan_kmalloc+0x41/0x210
[  292.385306][  T379]  kmem_cache_alloc+0xd9/0x250
[  292.389904][  T379]  __alloc_skb+0x7a/0x4d0
[  292.394071][  T379]  sk_stream_alloc_skb+0x1f4/0xa70
[  292.399018][  T379]  tcp_sendmsg_locked+0xe07/0x3810
[  292.403964][  T379]  tcp_sendmsg+0x2c/0x40
[  292.408044][  T379]  sock_write_iter+0x344/0x470
[  292.412645][  T379]  __vfs_write+0x5d3/0x750
[  292.416891][  T379] 
[  292.419060][  T379] Memory state around the buggy address:
[  292.424533][  T379]  ffff8881d7574a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.432431][  T379]  ffff8881d7574b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.440331][  T379] >ffff8881d7574b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.448225][  T379]                       ^
[  292.452397][  T379]  ffff8881d7574c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.460290][  T379]  ffff8881d7574c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  292.468188][  T379] ==================================================================
[  292.476086][  T379] Disabling lock debugging due to kernel taint
[  292.491899][   T23] audit: type=1400 audit(2000000024.530:896): avc:  denied  { write } for  pid=342 comm="syz-executor" path="pipe:[11543]" dev="pipefs" ino=11543 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  292.741954][  T703] tipc: Left network mode
[  292.759830][  T390] hid-led: probe of 0003:1D34:000A.0059 failed with error -71
[  292.829767][  T390] usb 1-1: USB disconnect, device number 44
[  293.580326][  T703] device bridge_slave_0 left promiscuous mode
[  293.586438][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.321181][  T703] tipc: Disabling bearer <udp:syz2>
[  294.326286][  T703] tipc: Left network mode
[  295.440037][  T703] device bridge_slave_1 left promiscuous mode
[  295.446006][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.453341][  T703] device bridge_slave_0 left promiscuous mode
[  295.459279][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.466660][  T703] device bridge_slave_1 left promiscuous mode
[  295.472644][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.479914][  T703] device bridge_slave_0 left promiscuous mode
[  295.485844][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.493258][  T703] device bridge_slave_1 left promiscuous mode
[  295.499176][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.506462][  T703] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.513839][  T703] device bridge_slave_1 left promiscuous mode
[  295.520306][  T703] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.527484][  T703] device bridge_slave_0 left promiscuous mode
[  295.533515][  T703] bridge0: port 1(bridge_slave_0) entered disabled state