last executing test programs:

1m4.595791689s ago: executing program 3 (id=231):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000006c0)={0xfd, 0x1, 0xc})

1m4.459551752s ago: executing program 3 (id=239):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r3, 0x0, r1, 0x0, 0xf3a, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000008780))
write$binfmt_elf64(r2, &(0x7f0000003380)=ANY=[], 0x18c6)

1m4.28402015s ago: executing program 3 (id=245):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f0000000200)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x3, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@rr={0x7, 0x3, 0x32}]}}, {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x8000}}}}}}, 0x0)

1m4.278959651s ago: executing program 3 (id=247):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f00000002c0)={[{@nouid32}, {@i_version}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x80222a}}, {@delalloc}, {@test_dummy_encryption}]}, 0xfd, 0x461, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLb8EmhF/AGi4q9I/EFpQeXgRaOJB01M9IDHWgpBChi2JkIaW43BoyHxbjya+Bd40otRTyZe9W5IiOkF9LRmdma23W13acuWLd3PJ5nue/Pe9r23b97Om3nTBtC3DmY/koidEfFnRAzl0eYMB/OXm/MzE//Oz0wkUau9+09Sz3djfmaizFq+754iciiNSL9IikKaVS9dPjs+NTV5sYiPTJ/7aKR66fILZ86Nn548PXl+7PjxY0dHX35p7MWVNyZJ2ibtyuq6/9MLB/a9+f7VtydOXP3g1++z3DuL9MXtuB1pI7S9eK3VteZ7uhuFbSC7FoWTgVvnYWOoRETWXYP18T8UlVjovKF44/OeVg5YV9m5aWv75LkasIkl0esaAL1RnOdns+vfcrtTc4+N4Pqr+QXQjWRm4uZ8vuUpA41r+cF1vHY9GBEn5v77Jtuii/chAADa+TGb/zyfzzua539pPLAo3+5ibWg4Iu6NiD0RcV9E7I2I+yPqeR+MiIeWlJB2LL91aWjp/Ce9tubGrUA2/3ulWNtqnv816j1cKWK76u0fTE6dmZo8Unwmh2JwaxYf7VDGT6//8VW7tMXzv2zLyi/ngkU9rg203KA7OT49Xp+UdsH1zyL2DyzX/qSxEpBExL6I2L+6X727DJx59rsD7TLduv0dtFlnWo3atxHP5P0/Fy3tLyWd1ydHtsXU5JGR8qhY6rffr7zTrvzban8XZP2/o/n4b80ynMTswnptdfVlXPnry7bXNGs9/rck79X7ZUux75Px6emLoxFbkrfq8ab9YwvvLeNl/tJy439PkZaV83BEZAfxIxHxaEQ8VtT98Yh4IiKe7ND+X1576sOle2tDK2v/+sr6/+Sy7W8c/8NZqFqbzWMLB8KKA5WzP//Qrvx27Z9r5Mj6/1g9dKjYU//+u4WVVnDtnxwAAADcPdL6M/BJergRTtPDh/Nn+PfGjnTqQnX6uVMXPj5/Mn9WfjgG0/JO19Ci+6GjSXnFnsfHinvFZfrR4r7x15XtyamImOtxu4F8nC83/jN/V3pdO2DdrW4dbdu61QO481rHf+dHNoDNpAvP0QB3KeMf+pfxD/1rufE/2xK3FgCbk/M/9C/jH/qX8Q/9y/iHvrSGP+cXEKheuhzphqhGfwXK/9d5B8rq8RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl/wfAAD//ztj5Wo=")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000340)={{}, {0x6}, 0x90, 0x0, 0x0, 0x0, &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})

1m3.811223467s ago: executing program 3 (id=255):
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xe9c, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688f54c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m3.427383735s ago: executing program 3 (id=265):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime')

1m3.365162261s ago: executing program 32 (id=265):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime')

53.04766048s ago: executing program 5 (id=572):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2040a0, 0x0)

52.980800456s ago: executing program 5 (id=575):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

52.854347239s ago: executing program 5 (id=588):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x80)

52.84401105s ago: executing program 5 (id=590):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000480)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00')

52.787730435s ago: executing program 5 (id=593):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x51, 0x1000000, 0x0})

52.719396203s ago: executing program 5 (id=597):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f00000015c0)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

52.692381365s ago: executing program 33 (id=597):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f00000015c0)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

49.80599777s ago: executing program 6 (id=702):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)={0x128, r2, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xb, 0x28}}}}, [@NL80211_ATTR_IE={0x106, 0x2a, [@fast_bss_trans={0x37, 0x100, {0x8, 0x8, "516b7a3fa3f403deca9fc837387e0a0d", "4694a7ef94c05064c588f20b1dea7c675de288abd5842cdb0596cdf616e141c9", "e4695cbd24ad33726057952e6c0c977aff0e1cf7a97e6bd74293cf0fc7167ab9", [{0x1, 0x9, "b335361b098a60496a"}, {0x3, 0x20, "b4b47d4a1a0a9d20f2d56e4a075ddfefa929048542fa4a28c54106616554ec3d"}, {0x3, 0x1d, "a5aff40057cbefda22bc232849af5bb10798b0f9f128c81b86dcbf33ca"}, {0x3, 0x2, "ee41"}, {0x1, 0x21, "4e0929354fe38079ff8ea07dbb5561e9a41ea4d9d61b6c09647a9b2abe3b631d2b"}, {0x3, 0x4, "94efb3c1"}, {0x2, 0x26, "31bc223e311363bb544c14cf4ad6109f63130990e6e1839c608e473a5122b0e8b932e47936b9"}, {0x2, 0xb, "2af82fcfe3f64ce1e07b80"}]}}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x24048080}, 0x90)

49.743445526s ago: executing program 6 (id=704):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f0000000640), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x1164420, &(0x7f0000000180)={[], [{@smackfstransmute={'smackfstransmute', 0x3d, 'user_u'}}]})

49.742444207s ago: executing program 6 (id=706):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x3f, &(0x7f0000000380)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x9, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], {0x0, 0xe22, 0x9, 0x0, @opaque="7f"}}}}}}, 0x0)

49.735483607s ago: executing program 6 (id=709):
r0 = getegid()
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x2000802, &(0x7f0000000200)=ANY=[@ANYBLOB='iocharset=macceltic,time_offset=0x0000000000000003,gid=', @ANYRESHEX=r0, @ANYBLOB="2c666d61736b3d30303030303000303030263030303030303030303030362c696f636861727365743d63703836332c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c6e616d65636173653d312c6572726f72733d72656d6f756e742d726f2c757466382c646d61736b3d3030303030303030303030303030303030303030a930312c00"], 0x1, 0x1536, &(0x7f00000034c0)="$eJzs3AuYTlX7MPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJKkkSU4JSZO8kpAYQpKGJCSHIYkhJIeJSeN8Ph8SkqRJkpxyStZ3Tczn7V/v13voy3v95/5d176se/a+1773c8+zn733mPmu69DaTerUaERE8B/Bi/8kAkAsAAwEgLwAEABAhbgKcZnrc0pM/M92wv5cD6Vc6QrYlcT9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dmmaYWu4SX7Lvz8Pzvjz///RTLKjP1qTZnrugHE/LMp3P/sjfv/v1bwz2zE/c/euP/ZVeyVLoD9F+D3f3aQ4x+u4f5nb9x/xrKzK/38+UovEPkvew2O5LzYmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AGX+ZAoCs8ZWuizHGGGOMMcYYY38en+NKV8AYY4wxxhhjjLH//xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGSgLN0I5uAnKw81QAW6BinArVILKUAWqwm1QDW6H6nAH1IA7oSbUgtpQB+6CunA31IN7oD7cCw3gPrgfHoCG8CA0goegMTwMTeARaAqPQjNoDi2gJbT6t/JfgJ7wIvSC3pAIfaAvvAT9oD8MgJdhILwCg+BVGAyvQRIMgaHwOgyDN2A4vAkjYCSMgrdgNLwNY2AsjIPxkAwTYCK8A5PgXZgM78EUmAopMA2mw/swA2bCLPgAZsOHMAfmwjyYD6nwESyAhZAGH8Mi+ATSYTEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO+BR2wmewC3bDHvgc9sIX/2L+6f+R3w0BAQUKVKgwBmMwFmMxF+bC3Jgb82AejGAE4zAO82E+zI/5sSAWxHiMxyJYBA0aJCQsikUxilEsjsWxBJbAUlgKHTosi2WxHN6E5bE8VsAKWBErYiWsjJWxKlbFalgNq2N1rIE1sCbWxNpYG+/Cu7AP1sN6WB/rYwNskPV4ChthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YARMwATtiR+yEnbAzdsYu2AW7Ylfsht2xe8YLOQBfxBexN9YUfbAv9sV+mJRjAL6ML+MrOAhfxVfxNUzCITgUX8fX8Q0cjqdwBI7EUTgKq4m3cQyORRLjMRmTcSJOxEk4CTMLfQ+nYgpOw+k4HWfgTJyJH+Bs/BA/xLk4F+djKqbiAlyIaZiGi/A0puNiXIJLcRkux2W4ElfhSlyDa3ENrsf1uBE34mbcjFtxK27H7fgpKgD8DHfjbkzCvbgX9+E+3I/78QAewAzMwIN4EA/hITyMh/EIHsGjeAyP4zE8iSfxFJ7GM3gGz+E5PI/PxX/T+NOSq5NAZFJCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8ol8Ir/ILwqKgiJexIsioogwwggSYQwAiKiIiuKiuCghSohSopRwwomyoqwoJ8qJ8qK8qCBuERXFraKSqCzauqqiqqgm2rnq4g5RQ9QQNUUtUVvUEXVEXVFX1BP1RH1RXzQQDcT94gHRUPTBAfiQyOxMEzEEm4qh2Ew0F/LSGay1GI5tRFvRTjwhRuII7CBauwTxtOgoxmAn8TcxFp8VXcR47CqeF91Ed9FDvCB6ijaul+gtJmMf0VdMxX6ivxggXhYzsJb4AGfnrC1eE0liiBgqXhfz8Q0xXLwpRoiRYpR4S4wWb4sxYqwYJ8aLZDFBTBTviEniXSHEe2KKmCpSxDQxXbwvZoiZYpb4QMwWH4o5Yq6YJ+aLVPGRWCAWijTxsVgkPhHpYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CJiYZvYLnaIT8VO8ZnYJXaLPeJzsVd8IfaJL8V+8ZU4IL4WGeIbcVB8Kw6J78Rh8b04In4QR8UxcVycECfFj+KUOC3OiLPinPhJnBc/iwvCC5AohZRSyUDGyBwyVuaUueRVMrcMLr2618g4ea3MJ6+T+WUBWVAWkvGysCwitTTSSpKhLCqLyai8XhaXN8gSsqQsJUtLJ8vIsvJGWU7eJMvLm2UFeYusKG+VlWRlWUVWlbfJavJ2CZGL+6gpa8naso68SybC3bKevEfWl/fKBvI+eb98QDaUD8pG8iHZWD4sm8hHZFP5qGwmm8sWsqVsJR+TreXjso1sK9vJJ2R7+aTsIJ+SCfJp2VH6S98iz8ou8jnZVT4vu8nusof8WV6QXvaSvSX0AdlXviT7yf5yQCwAyFfkIPmqHCxfk0lyiBwqX5fD5BtyuHxTjpAj5Sj5lhwt35Zj5Fg5To6XyXKCnCjfkZPku3KyfE9OkVNlipwmB8iBv8w0S8o/zH/nd/IH/7L3jXKT3Cy3yK1ym9wud8hP5U65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbIDHlQHpSH5CF5WB6WR+QReVQek2flCXlS/ihPydPytDwrz8lz8vyl1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vfcOoUqq0cqqMKqtu/CU/60cMf5CviqsbVAlV8lf5WfUl/oP6WqlWqrVqrdqoNqqdaqfaq/aqg+qgElSC6qg6qk6qk+qsOqsuqovqqrqqbqqb6qF6qJ6qp+qleqlElaj6qpdUP9VfDVAvq4HqFTVIDVKD1WCVpJLUUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVLJKVhPVRDVJTVKT1WQ1RU1RKSpFTVfT1Qw1Q81Ss9RsNVvNUXPUPDVPpapUtUAtUGkqTS1Si1S6WqwWq6VqqVqulquVaqVarVartWqtWq/Wq3S1SW1SW9QWtU1tUzvUDrVT7VS7xC61R+1Re9VetU/tU/vVfnVAHVAZKkMdVAfVIXVIHVaH1RF1RB1VR9VxdVydVCfVKXVKnVFn1Dl1Tp1X59UFdSHzsi8QgQhUoIKYICaIDWKDXEGuIHeQO8gT5AkiQSSIC+KCfMF1Qf6gQFAwKBTEB4WDIoEOTGADcam30eD6oHhwQ1AiKBmUCkoHLigTlA1uDMoFNwXlg5uDCsEtQcXg1qBSUDmoElQNbguqBbcH1YM7ghrBnUHNoFZQO6gT3BXUDe4O6gX3BPWDe4MGwX3B/cEDQcPgwaBR8FDQOHg4aBI8EjQNHg2aBc2DFkHLoNWfOr/3pwo87nrp3jpR99F99Uu6n+6vB+iX9UD9ih6kX9WD9Ws6SQ/RQ/Xreph+Qw/Xb+oReqQepd/So/Xbeoweq8fp8TpZT9AT9Tt6kn5XT9bv6Sl6qk7R0/R0/b6eoWfqWfoDPVt/qOfouXqenq9T9Ud6gV6o0/THepH+RKfrxXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteof+VO/Un+lderfeoz/Xe/UXep/+Uu/XX+kD+mudob/RB/W3+pD+Th/W3+sj+gd9VB/Tx/UJfVL/qE/p0/qMPqvP6Z/0ef2zvqB95sV95se7UUaZGBNjYk2syWVymdwmt8lj8piIiZg4E2fymXwmv8lvCpqCJt7EmyKmiMlEhkxRU9RETdQUN8VNCVPClDKljDPOlDVlTTlTzpQ35U0FU8FUNBVNJVPJVDFVzG3mNnO7ud3cYe4wd5o7TS1Ty9QxdUxdU9fUM/VMfVPfNDANzP3mftPQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDAJJsF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TKJJNH1NX9PP9DMDzAAz0Aw0g8wgM9goAEgyQ81QM8wMM8PNcDPCjDSjMk9y5m0zxow148x4k2ySzUQz0Uwyk8xkM9lMMVNMikkx0810M8PMMLPMLDPbzDZzzBwzz8wzqSbVLDALTJpJM4vMIpNu0s0Ss8QsM8vMCrPCrDKrzBqzxqyDdWaD2WA2mU1mi9litpltZofZYXaanWaX2WX2mD1mr9lr9pl9Zr/Zbw6YAybDZJiD5qA5ZA6Zw+awOWKOmKPmqDlujpuT5qQ5ZU6ZM+aMOWcKXPq89CbrZJ7bXm3z2Lw21ua0uexVNisuaAvZeFvYFrHa5rcFfhUba20JW9KWsqWts2VsWXvjb+JKtrKtYqva22w1e7ut/pu4rr3b1rP32Pr2XlvH3vWruIG9z2ZenTREBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2yCfdp2tM/8Jl5gF9pVdrVdY9faXXa3PWPP2kP2O3vO/mR72d52oH3FDrKv2sH2NZtkh/wmHmXfsqPt23aMHWvH2fG/iafYqTbFTrPT7ft2hp35mzjVfmRn2zQ7x8618+z8X+LMmtLsx3aR/cSm2wCW2KV2mV1uV9iVWbX6vHa93WA32p32M7vFbrXb7Ha7I+tC2O62e+zndq/9wh6039r99it7wB62GfabX+LM4ztsv7dH7A/2qD1mj9sT9qT9UWVlZx77CfuzvWC9BUICkqQooBjKQbGUk3LRVZSbrqY8lJcidA3F0bWUj66j/FSAClIhiqfCVIQ0GbJEFFJRKkZRup6yyitFpclRGSpLN1I5uonK081UgW6hinQrVaLKVIWq0m1UjW6n6nQH1aA7qSbVotpUh+6iunQ31aN7qD7dSw3oPrqfHqCG9CA1ooeoMT1MTegRakqPUjNqTi2oJbWix6g1PU5tqC21oyeoPT1JHegpSqCnqSM9Q53ob9SZnqUu9Bx1peepG3WnHvQC9aQXKRZ6UyL1ob70EvWj/jSAXqaB9AoNoldpML1GSTSEhtLrNIzeoOH0Jo2gkTSK3qLR9DaNobE0jsZTMk2gifQOTaJ3aTK9R1NoKqXQNJpO79MMmkmz6AOaTR/SHJpL82g+pdJHtIAWUhp9TIvoE0qnxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoU9pJn9Eu2k176HPaS18Q0pe0n76iA/Q1ZdA3dJC+pUP0HR2m731v+oGO0jE6TifoJP1Ip+g0naGzdI5+ovP0M10gTxBiKEIZqjAIY8IcYWyYM8wVXhXmDq8O84R5w0h4TRgXXhvmC68L84cFwoJhoTA+LBwWCXVoQhtSGIZFw2JhNLw+LB7eEJYIS4alwtKhC8uEZcMbw3LhTWH58OawQnhLWDG8NawUVg4fubdqeFtYLbw9rB7eEdYI7wxrhrXC2mGd8K6wbnh3WC+8J6wf3huWD+8L7w8fCBuGD4aNwofCxuHDYZPwkbBp+GjYLGwetghbhq3Cx8LW4eNhm7Bt2C58ImwfPhl2CJ8KE8Knw47hM7+sv2/hP16fGPYJ+4YvhS+F3t8j50XnR1OjH0UXRBdG06IfRxdFP4mmRxdHl0SXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3Rr2vkwMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ5XF4Xcde4OHety+euc/ldAVfQFXLxrrAr4rQzzjpyoSvqirmou94Vdze4Eq6kK+VKO+fKuLKupWvlWrnW7nHXxrV17dwT7gn3pHvSPeWeck+7ju4Z18n9zXV2z7ou7jn3nHvedXPdXQ/3guvpJuS5+J5MdH2dz9HP9XMD3AA30A10g9wgN9gNdkkuyQ11Q90wN8wNd8PdCDfCjXKj3Gg32o1xY9w4N84lu2Q30U10k9wkN9lNdlPcFJfiUtx0N93NcDNctZkX9zLHzXHz3DyX6lLdApd5zZjmFrlFLt2luyVuiVvmlrkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra5HW6H2+l2ul0+78VJ3V63z+1z+91+d8B97TLcN+6g+9Ydct+5w+57d8T94I66Y+64O+FOuh/dKXfanXFn3Tn3kzvvfnYXnHfJkQmRiZF3IpMi70YmR96LTIlMjaREpkWmR96PzIjMjMyKfBCZHfkwMicyNzIvMj+SGvkosiCyMJIW+TiyKPJJJD2yOLIksjSyLLI84n3hLaEv6ov5qL/eF/c3+BK+pC/lS3vny/iy/kZfzt/ky/ubfQV/i6/ob/WVfGVfxT/qm/nmvoVv6XP6x3xr/7hv49v6dv4J394/6Tv4p3yCf9p39M/4Tv5vvrN/1nfxz/mu/nnfzXf3PfwLvqd/0ffyvX2i7+P7+pd8P9/fD/Av+4H+FT/Iv+oH+9d8kh/ih/rX/TD/hh/u3/Qj/Eg/KuYtPzrrFhnG+2Q/wU/07/hJ/l0/2b/np/ipPsVP89P9+36Gn+ln+Q/8bP+hn+Pn+nl+vk/1H/kFfqFP8x/7Rf4Tn+4XZz1U9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/c7/Kd+p//M7/K7/R7/ud/rv/D7/Jd+v//KH/Bf+wz/jT/ov/WH/Hf+sP/eH/E/+KP+mD/uT/iT/kd/yp/2Z/xZf87/5M/7n/0F/p01xhhjjLF/yoTLQ/HrNRefAPX5nRzxdxv3BYCrtxbK+Pv1mVeU6/JfHPcX8e0jAPB0764PZS01ayYmJl7aNl1CUGwuQNZPgjLFwOV4MbSDJyEB2kK5362/v+h+jv5g/ugtALn+LicWLseX5/8SABN/Z/7Hnhi1oGJ4Ju7/Mf9cgBLFLufkhMvxYmj3y/OVtlD+H9RfoPUf1J/zq2SANn+Xkxsux5frLwuPwzOQ8KstGWOMMcYYY4yxi/qLKp2z7j+z/sfn792fx6vLOTngcvxH9+eMMcYYY4wxxhi78p7t3uOpxxIS2nb+1wfV/3gbdfkruf/VXTSFf7cwHvxbA+8B/m/jAOA/nBAgcyD/yqPY/JfsK+nSW+d/rlp21gfw39HKP2NwhU9MjDHGGGOMsT/d5Yv+X39dXamCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxbOg//Rtv8E/8lb4rfYyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYlfZ/AgAA///aGvX/")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f0000000640), 0x0, 0x0)

49.627525258s ago: executing program 6 (id=713):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x181d82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14, 0x3ed}, [], {0x14, 0x3fa}}, 0x28}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="08000000000000006f02"])

49.539889127s ago: executing program 6 (id=714):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x1000})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

49.472057043s ago: executing program 34 (id=714):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x1000})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

43.925709311s ago: executing program 7 (id=855):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x3, 0xef, 0x9}]}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x65, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x3, 0x3, 0x100, @void}}}}}}}, 0x0)

43.906295453s ago: executing program 7 (id=856):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000200ffffffff", 0x58}], 0x1)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f00000003c0), &(0x7f0000000400)=0x8)

43.83491856s ago: executing program 7 (id=859):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000180)={0x200000, 0x200000})
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setresuid(0x0, 0x0, 0xee00)

43.807127923s ago: executing program 7 (id=860):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f00000002c0)={[{@nouid32}, {@i_version}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x80222a}}, {@delalloc}, {@test_dummy_encryption}]}, 0xfd, 0x461, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLb8EmhF/AGi4q9I/EFpQeXgRaOJB01M9IDHWgpBChi2JkIaW43BoyHxbjya+Bd40otRTyZe9W5IiOkF9LRmdma23W13acuWLd3PJ5nue/Pe9r23b97Om3nTBtC3DmY/koidEfFnRAzl0eYMB/OXm/MzE//Oz0wkUau9+09Sz3djfmaizFq+754iciiNSL9IikKaVS9dPjs+NTV5sYiPTJ/7aKR66fILZ86Nn548PXl+7PjxY0dHX35p7MWVNyZJ2ibtyuq6/9MLB/a9+f7VtydOXP3g1++z3DuL9MXtuB1pI7S9eK3VteZ7uhuFbSC7FoWTgVvnYWOoRETWXYP18T8UlVjovKF44/OeVg5YV9m5aWv75LkasIkl0esaAL1RnOdns+vfcrtTc4+N4Pqr+QXQjWRm4uZ8vuUpA41r+cF1vHY9GBEn5v77Jtuii/chAADa+TGb/zyfzzua539pPLAo3+5ibWg4Iu6NiD0RcV9E7I2I+yPqeR+MiIeWlJB2LL91aWjp/Ce9tubGrUA2/3ulWNtqnv816j1cKWK76u0fTE6dmZo8Unwmh2JwaxYf7VDGT6//8VW7tMXzv2zLyi/ngkU9rg203KA7OT49Xp+UdsH1zyL2DyzX/qSxEpBExL6I2L+6X727DJx59rsD7TLduv0dtFlnWo3atxHP5P0/Fy3tLyWd1ydHtsXU5JGR8qhY6rffr7zTrvzban8XZP2/o/n4b80ynMTswnptdfVlXPnry7bXNGs9/rck79X7ZUux75Px6emLoxFbkrfq8ab9YwvvLeNl/tJy439PkZaV83BEZAfxIxHxaEQ8VtT98Yh4IiKe7ND+X1576sOle2tDK2v/+sr6/+Sy7W8c/8NZqFqbzWMLB8KKA5WzP//Qrvx27Z9r5Mj6/1g9dKjYU//+u4WVVnDtnxwAAADcPdL6M/BJergRTtPDh/Nn+PfGjnTqQnX6uVMXPj5/Mn9WfjgG0/JO19Ci+6GjSXnFnsfHinvFZfrR4r7x15XtyamImOtxu4F8nC83/jN/V3pdO2DdrW4dbdu61QO481rHf+dHNoDNpAvP0QB3KeMf+pfxD/1rufE/2xK3FgCbk/M/9C/jH/qX8Q/9y/iHvrSGP+cXEKheuhzphqhGfwXK/9d5B8rq8RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl/wfAAD//ztj5Wo=")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000340)={{}, {0x6}, 0x90, 0x0, 0x0, 0x0, &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})

43.544153999s ago: executing program 7 (id=867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f}, 0x94)

43.211444011s ago: executing program 7 (id=875):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
mlockall(0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x7fff, 0x0)

43.186031824s ago: executing program 35 (id=875):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
mlockall(0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x7fff, 0x0)

2.296317763s ago: executing program 0 (id=1694):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
getsockname$packet(r1, &(0x7f0000000280)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0}}, {{&(0x7f00000000c0)={0x2, 0x4e24, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @dev={0xac, 0x14, 0x14, 0x2e}, @local}}}], 0x20}}], 0x2, 0x4000084)

2.288406704s ago: executing program 0 (id=1696):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448dd, &(0x7f0000000640))

1.21654425s ago: executing program 2 (id=1719):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000c00)={0x20071026}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
unshare(0x2a060400)

1.203344901s ago: executing program 2 (id=1721):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000)=<r0=>0x0)
r1 = eventfd(0x0)
io_submit(r0, 0x2, &(0x7f0000000200)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xc2, r1, &(0x7f0000000180)="0100fd6400000000", 0x8, 0x36}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1, r1}])
syz_clone3(&(0x7f0000001e80)={0x166002400, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)

811.452149ms ago: executing program 2 (id=1738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

730.583288ms ago: executing program 2 (id=1731):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

716.943559ms ago: executing program 8 (id=1733):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000440)={[{@delalloc}, {@data_err_abort}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobarrier}, {@user_xattr}, {@mblk_io_submit}, {@jqfmt_vfsv1}]}, 0x1, 0x566, &(0x7f0000000fc0)="$eJzs3d9rU+cbAPDnpK0/qt+vFUS2MUbBizmcrW33w8Eu3OXYZMJ270JzLNLUiEnFdsL0Yt7sZshgjAlj99v9LmX/wP4KYRNkSNkudpNx0pMa06SNNrXVfD5w5H3znuQ9zznneX1PTtIEMLDGs38KES9HxDdJxKGISPK24cgbx1fXW3l4fTZbkqjXP/0raayX1Zuv1XzegbzyUkT89lXEicL6fqtLy/PFcjm9ktcnawuXJ6tLyycvLhTn0rn00vTMzOm3Z6bfe/edvsX6xrl/vv/k7oenvz628t0v9w/fTuJMHMzbWuPYghutlfEYz/fJSJxpW3GqD53tJslObwBPZSjP85HIxoBDMZRnPfDi+zIi6sCASuQ/DKjmPKB5bd+n6+DnxoMPVi+A1sc/vPreSOxrXBuNriSPXRll17tjfeg/6+PXP+/czpbo3/sQAJu6cTMiTg0Prx//knz8e3qnelinvQ/jHzw7d7P5z5ud5j+FtflPdJj/HOiQu09j8/wv3O9DN11l87/3O85/125ajQ3ltf815nwjyYWL5TQb2/4fEcdjZG9W3+h+zumVe/Vuba3zv2zJ+m/OBfPtuD+89/HnlIq14lZibvXgZsQrHee/ydrxTzoc/2x/nOuxj6Ppndea5aG2ts3j3171nyJe73j8H93RSja+PznZOB8mm2fFen/fOvp7t/53Ov7s+I9G7I+IbvGPJa33a6tP3seP+/5Nu7U9Fn/0fv7vST5rlPfkj10r1mpXpiL2JB+vf3z60XOb9eb6WfzHj208/nU6/7Md9nmP8d868vOrPcW/Q8e/tPH533b8n7xw76MvfujWf2/j31uN0vH8kV7Gv143cCv7DgAAAAAAAHabQkQcjKQwsVYuFCYmVj/fcSRGC+VKtXbiQmXxUika35Udi5FC8073oZbPQ0zln4dt1qfb6jMRcTgivh3a36hPzFbKpZ0OHgAAAAAAAAAAAAAAAAAAAHaJA12+/5/5o/2P9QMvHj/5DYNr0/zvxy89AbuS//9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwaX/AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+Onf2bLbUVx5en83qpatLi/OVqydLaXU+9q2uc3lirlKZK6cTs5WFzV6vXKlcnpqOxWuTtbRam6wuLZ9fqCxeqp2/uFCcS8+nI9sfEgAAAAAAAAAAAAAAAAAAADx3qkvL88VyOb2yDYXRbXtlhWdcqNcjujQN744tVOhzYadHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45L8AAAD//7zCMlw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xae8, 0x863, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x19)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0xb000)

666.220954ms ago: executing program 1 (id=1734):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x0, 0xffffffff}]}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888a82f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

666.049674ms ago: executing program 2 (id=1735):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x6}, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f00000000c0)=0xbfe, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0)

595.347801ms ago: executing program 2 (id=1736):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x800448f0, &(0x7f0000000140))

563.888454ms ago: executing program 8 (id=1737):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffffffffffd)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0xffffffff)

535.690337ms ago: executing program 1 (id=1740):
chdir(0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x60142, 0x40)
r1 = open(&(0x7f0000000a00)='./bus\x00', 0x189a40, 0x80)
copy_file_range(r1, 0x0, r0, 0x0, 0x6, 0x0)

507.908859ms ago: executing program 1 (id=1742):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

476.136073ms ago: executing program 1 (id=1743):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
io_getevents(0x0, 0x2, 0x0, 0x0, 0x0)

459.490734ms ago: executing program 1 (id=1745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000008600850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000007c0)="d2205d96c717ab96f0ded75d88a8", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

432.039997ms ago: executing program 8 (id=1747):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x3, &(0x7f0000002480))
r0 = timerfd_create(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
timerfd_settime(r0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

355.245765ms ago: executing program 1 (id=1749):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x10000007}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'tunl0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000fdffffff"], 0x0, 0xd}, 0x94)
sendto$inet(r1, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)

301.80606ms ago: executing program 4 (id=1750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000002140)={r0, 0x0, 0x0}, 0x20)

275.641133ms ago: executing program 4 (id=1751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)

249.164605ms ago: executing program 4 (id=1752):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x0, 0xffffffff}]}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888a82f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

234.959797ms ago: executing program 8 (id=1753):
chdir(0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x60142, 0x40)
r1 = open(&(0x7f0000000a00)='./bus\x00', 0x189a40, 0x80)
copy_file_range(r1, 0x0, r0, 0x0, 0x6, 0x0)

221.791878ms ago: executing program 8 (id=1754):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000001740)={'syz0\x00', {0x8000}, 0x0, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0xc0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x1000, 0x10], [0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x8001, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x80, 0x0, 0x0, 0xfffffffe, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x400, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x806, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28000000], [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x681, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xe]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)

132.995227ms ago: executing program 0 (id=1755):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x100, @remote, 0x4}}}, 0x108)

132.232887ms ago: executing program 8 (id=1756):
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "efb9ce47"}]}}, 0x0}, 0x0)

91.263941ms ago: executing program 0 (id=1757):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote, r2}, 0x14)
sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=[@pktinfo={{0x24, 0x29, 0x32, {@remote, r2}}}], 0x28}}], 0x1, 0x4000001)

77.350342ms ago: executing program 0 (id=1758):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x31)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000000400007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70400000000000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0xfffffffffffffdf3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

70.817443ms ago: executing program 4 (id=1759):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="17fa00000000090000000400000000001c110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

42.491966ms ago: executing program 4 (id=1760):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
fstat(0xffffffffffffffff, 0x0)

13.724799ms ago: executing program 4 (id=1761):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000140)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4400, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "69eb047c187e143bddcbe699ef7a74fd2c1a7c6b59dd637719d6395dda566f42", "6e8ae37dc217c78b70a4dc5eeb6f624200e45176f0c8444ad4b18c65ce5eb8dbb3b30234e8bea411688bf272fdef179d", "ff2a09d662def3d2eb45734d1b7067384ff2442258e9fc1dfc1701ba", {"18b0a3516f6b94835c625da017fdd035", "7fa6bc2b0e933988c64a103320cfe3d2"}}}}}}}, 0x0)

0s ago: executing program 0 (id=1762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)

kernel console output (not intermixed with test programs):

 netlink: 'syz.5.309': attribute type 280 has an invalid length.
[   40.897916][   T19] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   40.918888][   T19] usb 2-1: config 0 interface 0 has no altsetting 0
[   40.925761][   T19] usb 2-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00
[   40.935088][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.944131][   T19] usb 2-1: config 0 descriptor??
[   41.098425][  T575] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   41.278342][  T575] usb 5-1: Using ep0 maxpacket: 16
[   41.284657][  T575] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[   41.293636][  T575] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   41.305215][  T575] usb 5-1: config 0 has no interface number 0
[   41.314143][  T575] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   41.323534][  T575] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   41.331798][  T575] usb 5-1: Product: syz
[   41.336233][  T575] usb 5-1: Manufacturer: syz
[   41.341218][  T575] usb 5-1: SerialNumber: syz
[   41.346736][  T575] usb 5-1: config 0 descriptor??
[   41.353790][   T19] wacom 0003:056A:0003.000E: Unknown device_type for 'HID 056a:0003'. Assuming pen.
[   41.365094][   T19] wacom 0003:056A:0003.000E: hidraw0: USB HID v0.04 Device [HID 056a:0003] on usb-dummy_hcd.1-1/input0
[   41.377162][  T575] usb 5-1: Found UVC 0.00 device syz (046d:08f3)
[   41.383732][  T575] usb 5-1: No valid video chain found.
[   41.390482][   T19] input: Wacom Cintiq Partner Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0003.000E/input/input10
[   41.398334][   T39] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   41.429482][ T1309] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   41.440244][ T1309] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   41.556040][ T1309] usb 2-1: USB disconnect, device number 5
[   41.596340][ T1401] SELinux: failed to load policy
[   41.608437][   T39] usb 6-1: Using ep0 maxpacket: 32
[   41.618088][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.630401][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.640548][   T39] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   41.649872][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.668881][   T39] usb 6-1: config 0 descriptor??
[   41.764851][ T1418] syz.0.344[1418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.764928][ T1418] syz.0.344[1418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.818370][  T575] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   41.889196][ T1437] loop2: detected capacity change from 0 to 128
[   42.073786][ T1309] usb 5-1: USB disconnect, device number 3
[   42.087507][   T39] savu 0003:1E7D:2D5A.000F: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[   42.100334][ T1448] loop4: detected capacity change from 0 to 16
[   42.107163][ T1448] erofs: (device loop4): mounted with root inode @ nid 36.
[   42.157340][   T28] kauditd_printk_skb: 73 callbacks suppressed
[   42.157355][   T28] audit: type=1400 audit(2000000006.710:368): avc:  denied  { ioctl } for  pid=1451 comm="syz.4.358" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=19982 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   42.189843][   T28] audit: type=1400 audit(2000000006.730:369): avc:  denied  { execute } for  pid=1453 comm="syz.1.359" path="/60/pids.events" dev="tmpfs" ino=329 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   42.220330][ T1457] netlink: 'syz.1.360': attribute type 5 has an invalid length.
[   42.248968][ T1460] SELinux: failed to load policy
[   42.291064][ T1466] loop1: detected capacity change from 0 to 512
[   42.298070][ T1466] EXT4-fs (loop1): Test dummy encryption mode enabled
[   42.305385][ T1466] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   42.317811][ T1466] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.365: corrupted in-inode xattr
[   42.330167][ T1466] EXT4-fs (loop1): 1 orphan inode deleted
[   42.335908][ T1466] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   42.347251][   T28] audit: type=1400 audit(2000000006.910:370): avc:  denied  { read write } for  pid=1465 comm="syz.1.365" path="/65/file2/file0/file2" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.371375][   T28] audit: type=1400 audit(2000000006.910:371): avc:  denied  { unlink } for  pid=1465 comm="syz.1.365" name="file2" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.381485][ T1309] usb 6-1: USB disconnect, device number 2
[   42.400095][  T283] EXT4-fs (loop1): unmounting filesystem.
[   42.408405][  T575] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   42.488881][ T1476] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   42.588347][  T575] usb 3-1: Using ep0 maxpacket: 8
[   42.602331][  T575] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[   42.617231][  T575] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   42.620221][ T1483] loop1: detected capacity change from 0 to 256
[   42.626022][  T575] usb 3-1: Product: syz
[   42.636087][  T575] usb 3-1: Manufacturer: syz
[   42.641012][  T575] usb 3-1: SerialNumber: syz
[   42.647239][  T575] usb 3-1: config 0 descriptor??
[   42.712485][   T28] audit: type=1400 audit(2000000007.270:372): avc:  denied  { write } for  pid=1485 comm="syz.1.372" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   42.848980][   T28] audit: type=1400 audit(2000000007.410:373): avc:  denied  { write } for  pid=1492 comm="syz.1.375" name="001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   43.058092][   T28] audit: type=1326 audit(2000000007.610:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1456 comm="syz.4.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97aed8eec9 code=0x7fc00000
[   43.389793][   T28] audit: type=1400 audit(2000000007.950:375): avc:  denied  { create } for  pid=1513 comm="syz.5.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   43.434300][   T28] audit: type=1400 audit(2000000007.950:376): avc:  denied  { setopt } for  pid=1513 comm="syz.5.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   43.493487][   T28] audit: type=1400 audit(2000000007.950:377): avc:  denied  { write } for  pid=1513 comm="syz.5.384" path="socket:[19268]" dev="sockfs" ino=19268 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   43.675424][ T1538] overlayfs: missing 'lowerdir'
[   43.979442][ T1567] fuse: Unknown parameter 'fd00000000000000000000'
[   44.283807][ T1594] loop4: detected capacity change from 0 to 128
[   44.436217][ T1614] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   44.586227][ T1640] tipc: Started in network mode
[   44.591618][ T1640] tipc: Node identity 48, cluster identity 4711
[   44.597932][ T1640] tipc: Node number set to 72
[   44.617615][ T1645] loop5: detected capacity change from 0 to 512
[   44.628486][ T1645] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.446: inode #1: comm syz.5.446: iget: illegal inode #
[   44.641572][ T1645] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.446: error while reading EA inode 1 err=-117
[   44.654083][ T1645] EXT4-fs (loop5): 1 orphan inode deleted
[   44.659984][ T1645] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   44.678323][ T1309] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   44.679658][ T1257] EXT4-fs (loop5): unmounting filesystem.
[   44.828395][ T1309] usb 2-1: device descriptor read/64, error -71
[   44.857919][ T1669] loop5: detected capacity change from 0 to 1024
[   44.869462][ T1669] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   44.892198][ T1257] EXT4-fs (loop5): unmounting filesystem.
[   44.944289][ T1678] overlayfs: invalid origin (0000)
[   44.954125][  T292] usb 3-1: USB disconnect, device number 5
[   45.063056][ T1694] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1694 comm=syz.5.467
[   45.091753][ T1697] syz.0.469[1697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.091851][ T1697] syz.0.469[1697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.129936][ T1309] usb 2-1: device descriptor read/64, error -71
[   45.201247][ T1715] loop2: detected capacity change from 0 to 1024
[   45.209117][ T1715] EXT4-fs: Ignoring removed i_version option
[   45.218897][ T1715] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 2: comm syz.2.477: lblock 2 mapped to illegal pblock 2 (length 1)
[   45.241136][ T1715] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 48: comm syz.2.477: lblock 0 mapped to illegal pblock 48 (length 1)
[   45.255965][ T1715] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.477: Failed to acquire dquot type 0
[   45.267407][ T1715] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   45.277211][ T1715] EXT4-fs error (device loop2): ext4_evict_inode:279: inode #11: comm syz.2.477: mark_inode_dirty error
[   45.288613][ T1715] EXT4-fs warning (device loop2): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   45.299237][ T1715] EXT4-fs (loop2): 1 orphan inode deleted
[   45.305064][ T1715] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   45.318362][  T732] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:149: lblock 1 mapped to illegal pblock 1 (length 1)
[   45.337636][ T1715] EXT4-fs error (device loop2): __ext4_get_inode_loc:4509: comm syz.2.477: Invalid inode table block 1 in block_group 0
[   45.351057][  T732] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:149: Failed to release dquot type 0
[   45.369230][ T1715] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   45.371733][ T1724] loop5: detected capacity change from 0 to 128
[   45.385503][ T1724] EXT4-fs: Ignoring removed nobh option
[   45.394799][ T1715] EXT4-fs error (device loop2): ext4_setattr:5515: inode #2: comm syz.2.477: mark_inode_dirty error
[   45.414893][ T1724] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   45.428185][ T1724] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   45.439375][ T1309] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[   45.466394][ T1257] EXT4-fs (loop5): unmounting filesystem.
[   45.472890][  T732] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:149: lblock 1 mapped to illegal pblock 1 (length 1)
[   45.473161][  T284] EXT4-fs (loop2): unmounting filesystem.
[   45.487511][  T732] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:149: Failed to release dquot type 0
[   45.517232][  T284] EXT4-fs error (device loop2): __ext4_get_inode_loc:4509: comm syz-executor: Invalid inode table block 1 in block_group 0
[   45.533404][  T284] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   45.546038][  T284] EXT4-fs error (device loop2): ext4_quota_off:7109: inode #3: comm syz-executor: mark_inode_dirty error
[   45.590031][ T1740] syz.4.487 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   45.615448][ T1309] usb 2-1: device descriptor read/64, error -71
[   45.780195][ T1761] loop4: detected capacity change from 0 to 512
[   45.782733][ T1758] loop5: detected capacity change from 0 to 8192
[   45.800592][ T1761] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -13
[   45.820093][ T1758] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   45.844311][ T1761] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #13: comm syz.4.496: iget: bad i_size value: 12154757448730
[   45.860944][ T1761] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.496: couldn't read orphan inode 13 (err -117)
[   45.887373][ T1761] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   45.962169][ T1309] usb 2-1: device descriptor read/64, error -71
[   46.002569][ T1761] EXT4-fs (loop4): shut down requested (1)
[   46.034037][  T287] EXT4-fs (loop4): unmounting filesystem.
[   46.088369][ T1309] usb usb2-port1: attempt power cycle
[   46.230723][ T1806] binder: 1802:1806 ioctl c0306201 0 returned -14
[   46.235552][ T1808] 9pnet: p9_errstr2errno: server reported unknown error 
[   46.348461][ T1818] xt_bpf: check failed: parse error
[   46.508306][ T1309] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[   46.539320][ T1309] usb 2-1: device descriptor read/8, error -71
[   46.663037][ T1832] loop2: detected capacity change from 0 to 256
[   46.689402][ T1309] usb 2-1: device descriptor read/8, error -71
[   46.821627][ T1842] loop2: detected capacity change from 0 to 128
[   46.842485][ T1842] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   46.858624][ T1842] FAT-fs (loop2): Filesystem has been set read-only
[   46.865349][ T1842] syz.2.531: attempt to access beyond end of device
[   46.865349][ T1842] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   46.879337][ T1842] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   46.887198][ T1842] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   46.898938][ T1842] syz.2.531: attempt to access beyond end of device
[   46.898938][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.918157][ T1842] syz.2.531: attempt to access beyond end of device
[   46.918157][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.932428][ T1842] syz.2.531: attempt to access beyond end of device
[   46.932428][ T1842] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   46.946416][ T1842] syz.2.531: attempt to access beyond end of device
[   46.946416][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.959814][ T1309] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[   46.967520][ T1842] syz.2.531: attempt to access beyond end of device
[   46.967520][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.981102][ T1842] syz.2.531: attempt to access beyond end of device
[   46.981102][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.994654][ T1842] syz.2.531: attempt to access beyond end of device
[   46.994654][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   47.008119][ T1842] syz.2.531: attempt to access beyond end of device
[   47.008119][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   47.028075][ T1842] syz.2.531: attempt to access beyond end of device
[   47.028075][ T1842] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   47.042001][ T1309] usb 2-1: device descriptor read/8, error -71
[   47.118801][ T1853] loop4: detected capacity change from 0 to 256
[   47.161440][ T1853] exfat: Deprecated parameter 'utf8'
[   47.190850][ T1853] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   47.209289][ T1309] usb 2-1: device descriptor read/8, error -71
[   47.233205][   T28] kauditd_printk_skb: 65 callbacks suppressed
[   47.233220][   T28] audit: type=1400 audit(2000000011.790:439): avc:  denied  { execute_no_trans } for  pid=1852 comm="syz.4.535" path=2F6D656D66643A5B0BDB58AE5B35A990FF631F1AA9FDFAADD16D64E7E27F9BD55210F3B6FF54BFD1C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1064 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   47.313640][ T1859] loop4: detected capacity change from 0 to 512
[   47.338332][ T1309] usb usb2-port1: unable to enumerate USB device
[   47.351077][ T1859] EXT4-fs (loop4): Test dummy encryption mode enabled
[   47.394975][ T1859] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   47.459474][ T1863] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   47.470217][ T1859] EXT4-fs (loop4): shut down requested (1)
[   47.488668][ T1863] FAT-fs (loop3): unable to read boot sector
[   47.501838][  T287] EXT4-fs (loop4): unmounting filesystem.
[   47.580236][ T1871] loop1: detected capacity change from 0 to 512
[   47.611906][ T1871] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   47.668112][ T1871] EXT4-fs (loop1): 1 truncate cleaned up
[   47.674406][ T1871] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   47.691509][ T1871] EXT4-fs error (device loop1): mb_free_blocks:1810: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   47.696409][ T1879] loop5: detected capacity change from 0 to 128
[   47.747228][ T1879] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   47.758652][ T1879] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   47.785223][  T283] EXT4-fs (loop1): unmounting filesystem.
[   47.842822][   T28] audit: type=1400 audit(2000000012.400:440): avc:  denied  { read write } for  pid=1894 comm="syz.1.553" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   47.866750][ T1257] EXT4-fs (loop5): unmounting filesystem.
[   47.886339][   T28] audit: type=1400 audit(2000000012.420:441): avc:  denied  { open } for  pid=1894 comm="syz.1.553" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   47.919918][   T28] audit: type=1400 audit(2000000012.440:442): avc:  denied  { unmount } for  pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   47.964081][   T28] audit: type=1400 audit(2000000012.520:443): avc:  denied  { remount } for  pid=1901 comm="syz.5.554" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   47.997006][ T1908] loop2: detected capacity change from 0 to 256
[   48.052271][   T28] audit: type=1326 audit(2000000012.610:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1917 comm="syz.2.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1e58eec9 code=0x7ffc0000
[   48.081531][   T28] audit: type=1326 audit(2000000012.610:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1917 comm="syz.2.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1e58eec9 code=0x7ffc0000
[   48.105565][   T28] audit: type=1326 audit(2000000012.650:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1917 comm="syz.2.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fad1e58eec9 code=0x7ffc0000
[   48.133812][   T28] audit: type=1326 audit(2000000012.650:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1917 comm="syz.2.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1e58eec9 code=0x7ffc0000
[   48.167268][   T28] audit: type=1326 audit(2000000012.650:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1917 comm="syz.2.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1e58eec9 code=0x7ffc0000
[   48.472991][ T1957] netlink: 20 bytes leftover after parsing attributes in process `syz.2.582'.
[   48.629150][  T666] tipc: Left network mode
[   48.708309][  T334] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[   48.838696][ T2002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.604'.
[   48.906089][  T334] usb 2-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.920103][  T334] usb 2-1: config 0 interface 0 has no altsetting 0
[   48.926925][  T334] usb 2-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[   48.936264][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.946291][  T334] usb 2-1: config 0 descriptor??
[   48.957953][ T2004] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.972780][ T2004] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.980606][ T2004] device bridge_slave_0 entered promiscuous mode
[   48.997214][ T2004] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.004415][ T2004] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.026246][ T2004] device bridge_slave_1 entered promiscuous mode
[   49.124275][  T712] Bluetooth: hci0: Frame reassembly failed (-84)
[   49.187432][ T2004] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.194559][ T2004] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.201947][ T2004] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.209106][ T2004] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.229075][  T666] device bridge_slave_1 left promiscuous mode
[   49.235301][  T666] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.243266][  T666] device bridge_slave_0 left promiscuous mode
[   49.249590][  T666] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.257892][  T666] device veth1_macvtap left promiscuous mode
[   49.264535][  T666] device veth0_vlan left promiscuous mode
[   49.358481][  T334] sony 0003:054C:0BA0.0010: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.1-1/input0
[   49.371052][  T334] sony 0003:054C:0BA0.0010: failed to claim input
[   49.403574][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.415859][  T712] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.424184][  T712] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.434249][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.442655][  T712] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.449722][  T712] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.460080][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.468590][  T712] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.475627][  T712] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.488152][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.500393][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.517044][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   49.530944][ T2004] device veth0_vlan entered promiscuous mode
[   49.537433][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   49.546094][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   49.555017][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   49.562967][   T59] usb 2-1: USB disconnect, device number 10
[   49.576639][ T2004] device veth1_macvtap entered promiscuous mode
[   49.585912][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   49.597714][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   49.606199][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   49.624449][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   49.632943][  T712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   49.757737][ T2091] loop6: detected capacity change from 0 to 8192
[   50.085347][ T2116] loop1: detected capacity change from 0 to 256
[   50.119038][   T59] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   50.290522][ T2134] loop1: detected capacity change from 0 to 512
[   50.307438][ T2134] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.319618][   T59] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   50.336867][   T59] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[   50.355249][ T2134] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.659: invalid indirect mapped block 4294967295 (level 1)
[   50.370632][   T59] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   50.380223][   T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   50.381443][ T2134] EXT4-fs (loop1): Remounting filesystem read-only
[   50.388466][   T59] usb 7-1: SerialNumber: syz
[   50.401385][ T2134] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.659: invalid indirect mapped block 4294967295 (level 1)
[   50.416119][ T2134] EXT4-fs (loop1): Remounting filesystem read-only
[   50.423299][ T2134] EXT4-fs (loop1): 2 truncates cleaned up
[   50.429243][ T2134] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   50.445436][ T2134] EXT4-fs (loop1): shut down requested (2)
[   50.451986][ T2134] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   50.467022][  T283] EXT4-fs (loop1): unmounting filesystem.
[   50.607154][ T2146] loop2: detected capacity change from 0 to 40427
[   50.619457][ T2146] F2FS-fs (loop2): fault_injection options not supported
[   50.624993][   T59] usb 7-1: 0:2 : does not exist
[   50.641293][ T2146] F2FS-fs (loop2): invalid crc value
[   50.650546][   T59] usb 7-1: USB disconnect, device number 2
[   50.673499][ T2146] F2FS-fs (loop2): Found nat_bits in checkpoint
[   50.704955][ T2146] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   50.869428][  T355] udevd[355]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   50.911361][ T2173] loop2: detected capacity change from 0 to 128
[   50.918447][ T2173] FAT-fs (loop2): bogus sectors per cluster 0
[   50.924626][ T2173] FAT-fs (loop2): Can't find a valid FAT filesystem
[   51.057729][ T2182] batadv0: tun_chr_ioctl cmd 1074025677
[   51.063403][ T2182] batadv0: linktype set to 773
[   51.068730][ T2182] batadv0: tun_chr_ioctl cmd 1074812117
[   51.174529][ T2196] loop6: detected capacity change from 0 to 512
[   51.175229][ T2194] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   51.184340][ T2039] Bluetooth: hci0: command 0x1003 tx timeout
[   51.188768][  T483] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   51.208485][ T2196] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   51.226753][ T2196] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   51.243650][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   51.252038][ T2196] EXT4-fs (loop6): 1 truncate cleaned up
[   51.253905][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   51.266224][ T2196] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   51.267217][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   51.294234][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   51.307496][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   51.315911][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   51.327549][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   51.336052][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   51.346548][ T2004] EXT4-fs (loop6): unmounting filesystem.
[   51.572272][ T2229] input: syz1 as /devices/virtual/input/input14
[   51.680855][ T2246] loop6: detected capacity change from 0 to 256
[   51.728830][ T2246] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x235fdaa5, utbl_chksum : 0xe619d30d)
[   51.828324][  T338] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   51.986570][ T2269] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   52.029397][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   52.040405][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.051287][  T338] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[   52.060465][  T338] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.071379][  T338] usb 5-1: config 0 descriptor??
[   52.123091][ T2275] loop2: detected capacity change from 0 to 512
[   52.133886][ T2275] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   52.144324][ T2270] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.151460][ T2270] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.159692][ T2270] device bridge_slave_0 entered promiscuous mode
[   52.166959][ T2270] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.167618][ T2275] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   52.184245][ T2270] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.195924][ T2275] EXT4-fs (loop2): 1 truncate cleaned up
[   52.196497][ T2270] device bridge_slave_1 entered promiscuous mode
[   52.201957][ T2275] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   52.242438][  T284] EXT4-fs (loop2): unmounting filesystem.
[   52.314623][ T2270] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.321694][ T2270] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.329004][ T2270] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.336058][ T2270] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.360242][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.368030][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.376225][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.387952][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.396319][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.403403][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.412610][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.421022][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.428078][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.444725][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.460760][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.472269][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.496034][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.504320][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.512121][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   52.520487][ T2270] device veth0_vlan entered promiscuous mode
[   52.536001][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.538315][   T59] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   52.546844][ T2270] device veth1_macvtap entered promiscuous mode
[   52.565523][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.576037][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   52.599423][  T666] device bridge_slave_1 left promiscuous mode
[   52.605981][  T666] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.617365][  T666] device bridge_slave_0 left promiscuous mode
[   52.624489][  T666] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.632870][  T666] device veth1_macvtap left promiscuous mode
[   52.639018][  T666] device veth0_vlan left promiscuous mode
[   52.688763][  T338] hid-led: probe of 0003:27B8:01ED.0011 failed with error -71
[   52.700323][  T338] usb 5-1: USB disconnect, device number 4
[   52.749385][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   52.760477][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.770399][   T59] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   52.783770][   T59] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   52.793098][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.802779][   T59] usb 3-1: config 0 descriptor??
[   52.934174][   T28] kauditd_printk_skb: 50 callbacks suppressed
[   52.934190][   T28] audit: type=1326 audit(2000000017.490:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   52.963829][   T28] audit: type=1326 audit(2000000017.510:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.003650][   T28] audit: type=1326 audit(2000000017.530:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.031362][   T28] audit: type=1326 audit(2000000017.530:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.056711][ T2311] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   53.064064][   T28] audit: type=1326 audit(2000000017.540:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.090402][   T28] audit: type=1326 audit(2000000017.550:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.092204][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   53.131551][ T2313] loop7: detected capacity change from 0 to 256
[   53.140396][   T28] audit: type=1326 audit(2000000017.550:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.165467][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   53.173869][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   53.182170][ T2313] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[   53.182329][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   53.203367][   T28] audit: type=1326 audit(2000000017.550:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.234217][   T59] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[   53.243561][   T59] plantronics 0003:047F:FFFF.0012: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   53.256543][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.267201][   T28] audit: type=1326 audit(2000000017.550:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.300625][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   53.311534][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.320316][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   53.336259][   T28] audit: type=1326 audit(2000000017.550:508): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2307 comm="syz.1.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9e858eec9 code=0x7ffc0000
[   53.360933][  T338] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   53.509283][  T338] usb 3-1: USB disconnect, device number 6
[   53.588308][  T334] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   53.769495][  T334] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   53.780417][  T334] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[   53.790110][  T334] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   53.799193][  T334] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   53.807282][  T334] usb 8-1: SerialNumber: syz
[   54.019481][  T334] usb 8-1: 0:2 : does not exist
[   54.039135][  T334] usb 8-1: USB disconnect, device number 2
[   54.418352][  T338] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   54.576727][ T2379] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   54.577769][ T2381] loop2: detected capacity change from 0 to 128
[   54.584492][ T2379] SELinux: failed to load policy
[   54.599507][ T2381] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   54.600065][  T338] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   54.623294][ T2381] ext4 filesystem being mounted at /189/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.627922][  T338] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   54.653011][  T338] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   54.667307][  T284] EXT4-fs (loop2): unmounting filesystem.
[   54.673346][  T338] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   54.683125][  T338] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.703347][  T338] usb 2-1: config 0 descriptor??
[   54.818377][  T292] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   54.896701][ T2409] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   54.904454][ T2409] SELinux: failed to load policy
[   54.923455][ T2411] loop4: detected capacity change from 0 to 128
[   54.933965][ T2411] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   54.943377][ T2411] ext4 filesystem being mounted at /135/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.966306][  T287] EXT4-fs (loop4): unmounting filesystem.
[   55.020590][  T292] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   55.031620][  T292] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   55.041539][  T292] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   55.054569][  T292] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   55.064108][  T292] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.072972][  T292] usb 8-1: config 0 descriptor??
[   55.113739][  T338] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[   55.122693][  T338] plantronics 0003:047F:FFFF.0013: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   55.278281][ T1309] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   55.389438][   T39] usb 2-1: USB disconnect, device number 11
[   55.458295][ T1309] usb 5-1: Using ep0 maxpacket: 16
[   55.464787][ T1309] usb 5-1: unable to get BOS descriptor or descriptor too short
[   55.473280][ T1309] usb 5-1: config 8 has an invalid interface number: 132 but max is 0
[   55.481502][ T1309] usb 5-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[   55.492663][  T292] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[   55.500505][ T1309] usb 5-1: config 8 has no interface number 0
[   55.506586][ T1309] usb 5-1: config 8 interface 132 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[   55.520332][ T1309] usb 5-1: config 8 interface 132 has no altsetting 0
[   55.527886][  T292] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[   55.541439][ T1309] usb 5-1: New USB device found, idVendor=07cf, idProduct=1001, bcdDevice=8f.8b
[   55.551194][ T1309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.559471][ T1309] usb 5-1: Product: syz
[   55.563666][ T1309] usb 5-1: Manufacturer: syz
[   55.568514][ T1309] usb 5-1: SerialNumber: syz
[   55.769228][  T292] usb 8-1: USB disconnect, device number 3
[   55.777237][ T1309] usb-storage 5-1:8.132: USB Mass Storage device detected
[   55.787158][ T1309] usb-storage 5-1:8.132: Quirks match for vid 07cf pid 1001: a
[   55.830158][ T1309] usb 5-1: USB disconnect, device number 5
[   56.308322][ T1309] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   56.462060][ T2491] netlink: 165 bytes leftover after parsing attributes in process `syz.4.815'.
[   56.499376][ T1309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.518303][ T1309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.533673][ T1309] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   56.559805][ T1309] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   56.569875][ T1309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.583603][ T1309] usb 3-1: config 0 descriptor??
[   56.928521][  T334] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[   56.929323][ T2532] loop7: detected capacity change from 0 to 256
[   56.960340][ T2532] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[   57.004152][ T2539] block device autoloading is deprecated and will be removed.
[   57.019156][ T2539] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   57.070188][ T1309] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[   57.086988][ T2545] loop0: detected capacity change from 0 to 4096
[   57.095082][ T1309] plantronics 0003:047F:FFFF.0015: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   57.095559][ T2549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.843'.
[   57.118203][ T2549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.843'.
[   57.127599][  T334] usb 2-1: config index 0 descriptor too short (expected 19492, got 36)
[   57.144936][  T334] usb 2-1: config 0 has too many interfaces: 36, using maximum allowed: 32
[   57.169242][  T334] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 36
[   57.174370][ T2545] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   57.178313][  T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   57.198177][  T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.210453][  T334] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   57.223635][  T334] usb 2-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.00
[   57.235380][  T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.247890][  T334] usb 2-1: config 0 descriptor??
[   57.273594][  T286] EXT4-fs (loop0): unmounting filesystem.
[   57.292884][ T2558] netlink: 16 bytes leftover after parsing attributes in process `syz.7.846'.
[   57.349745][ T1309] usb 3-1: USB disconnect, device number 7
[   57.433858][ T2572] loop4: detected capacity change from 0 to 256
[   57.440816][ T2572] FAT-fs (loop4): bogus number of FAT sectors
[   57.447024][ T2572] FAT-fs (loop4): Can't find a valid FAT filesystem
[   57.548498][ T2584] device bridge0 entered promiscuous mode
[   57.554712][ T2584] device macsec1 entered promiscuous mode
[   57.564930][ T2584] bridge0: port 3(macsec1) entered blocking state
[   57.572097][ T2584] bridge0: port 3(macsec1) entered disabled state
[   57.588296][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   57.598436][ T2584] device bridge0 left promiscuous mode
[   57.615892][ T2588] loop7: detected capacity change from 0 to 512
[   57.638982][ T2588] EXT4-fs: Ignoring removed i_version option
[   57.645162][ T2588] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.653686][ T2588] EXT4-fs (loop7): Test dummy encryption mode enabled
[   57.666863][ T2588] EXT4-fs error (device loop7): ext4_orphan_get:1400: comm syz.7.860: inode #13: comm syz.7.860: iget: illegal inode #
[   57.666948][  T334] lg-g15 0003:046D:C225.0016: hidraw0: USB HID v1.01 Device [HID 046d:c225] on usb-dummy_hcd.1-1/input0
[   57.692735][ T2588] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.860: couldn't read orphan inode 13 (err -117)
[   57.713545][ T2588] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[   57.827418][ T2270] EXT4-fs error (device loop7): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   57.836302][ T2600] syz.4.865[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.847806][ T2600] syz.4.865[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.854829][ T2270] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz-executor: invalid indirect mapped block 131072 (level 2)
[   57.896995][   T24] usb 2-1: USB disconnect, device number 12
[   57.903478][ T2270] EXT4-fs error (device loop7): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 15
[   57.925778][ T2270] EXT4-fs error (device loop7): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 15
[   57.958630][   T28] kauditd_printk_skb: 78 callbacks suppressed
[   57.958648][   T28] audit: type=1400 audit(2000000022.510:587): avc:  denied  { rmdir } for  pid=2270 comm="syz-executor" name=".index" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   57.979673][ T2617] syz.4.873[2617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.986780][ T2617] syz.4.873[2617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.989714][   T28] audit: type=1400 audit(2000000022.520:588): avc:  denied  { read } for  pid=2616 comm="syz.4.873" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.036830][   T28] audit: type=1400 audit(2000000022.520:589): avc:  denied  { open } for  pid=2616 comm="syz.4.873" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.061527][   T28] audit: type=1400 audit(2000000022.580:590): avc:  denied  { ioctl } for  pid=2616 comm="syz.4.873" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   58.111059][ T2270] EXT4-fs (loop7): unmounting filesystem.
[   58.222819][   T28] audit: type=1400 audit(2000000022.780:591): avc:  denied  { execmem } for  pid=2626 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   58.408873][   T28] audit: type=1400 audit(2000000022.970:592): avc:  denied  { mounton } for  pid=2638 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   58.473299][   T28] audit: type=1400 audit(2000000023.030:593): avc:  denied  { setcurrent } for  pid=2639 comm="syz.0.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   58.509290][   T28] audit: type=1401 audit(2000000023.030:594): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   58.579693][ T2638] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.586775][ T2638] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.594457][ T2638] device bridge_slave_0 entered promiscuous mode
[   58.608941][ T2638] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.616239][ T2638] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.624239][ T2638] device bridge_slave_1 entered promiscuous mode
[   58.691818][   T28] audit: type=1400 audit(2000000023.250:595): avc:  denied  { create } for  pid=2656 comm="syz.0.890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   58.719463][   T28] audit: type=1400 audit(2000000023.250:596): avc:  denied  { ioctl } for  pid=2656 comm="syz.0.890" path="socket:[26171]" dev="sockfs" ino=26171 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   58.891384][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   58.903746][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.932332][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   58.947460][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.965980][  T666] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.973115][  T666] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.998129][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   59.016082][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   59.034527][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.053615][  T666] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.060732][  T666] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.095631][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.119051][  T666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.160566][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.177255][ T2676] netlink: 8 bytes leftover after parsing attributes in process `syz.4.896'.
[   59.216419][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.225071][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.250351][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.259477][ T2638] device veth0_vlan entered promiscuous mode
[   59.292527][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.312573][ T2638] device veth1_macvtap entered promiscuous mode
[   59.330904][  T781] device bridge_slave_1 left promiscuous mode
[   59.337084][  T781] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.348629][  T781] device bridge_slave_0 left promiscuous mode
[   59.357001][  T781] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.388359][  T781] device veth1_macvtap left promiscuous mode
[   59.394440][  T781] device veth0_vlan left promiscuous mode
[   60.796765][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   60.829478][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   60.848717][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   60.867245][  T732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   61.030033][ T2701] loop8: detected capacity change from 0 to 256
[   61.140460][ T2714] loop4: detected capacity change from 0 to 512
[   61.170098][ T2714] EXT4-fs (loop4): Test dummy encryption mode enabled
[   61.175765][ T2716] loop8: detected capacity change from 0 to 128
[   61.180178][ T2714] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   61.199567][ T2716] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.246604][ T2716] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.258950][ T2722] device batadv_slave_1 entered promiscuous mode
[   61.269354][ T2714] EXT4-fs (loop4): 1 truncate cleaned up
[   61.275111][ T2714] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   61.276551][ T2721] device batadv_slave_1 left promiscuous mode
[   61.346073][  T732] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.504010][ T2714] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.4.912: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   61.588573][ T2714] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem
[   61.682650][  T287] EXT4-fs (loop4): unmounting filesystem.
[   61.763091][ T2762] loop4: detected capacity change from 0 to 256
[   62.175871][ T2772] loop4: detected capacity change from 0 to 40427
[   62.183050][ T2772] F2FS-fs (loop4): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[   62.192905][ T2772] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   62.201559][ T2772] F2FS-fs (loop4): fault_type options not supported
[   62.208504][ T2772] F2FS-fs (loop4): fault_injection options not supported
[   62.215688][ T2772] F2FS-fs (loop4): Image doesn't support compression
[   62.223782][ T2772] F2FS-fs (loop4): invalid crc value
[   62.245799][ T2772] F2FS-fs (loop4): Found nat_bits in checkpoint
[   62.319925][ T2772] F2FS-fs (loop4): Start checkpoint disabled!
[   62.334149][ T2772] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   62.342452][ T2772] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   62.446362][ T2772] bio_check_eod: 18362 callbacks suppressed
[   62.446383][ T2772] syz.4.939: attempt to access beyond end of device
[   62.446383][ T2772] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   62.548689][  T732] kworker/u4:149: attempt to access beyond end of device
[   62.548689][  T732] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   63.098308][   T24] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   63.279432][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.290395][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.300197][   T24] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   63.313239][   T24] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   63.322330][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.331075][   T24] usb 9-1: config 0 descriptor??
[   63.739904][   T24] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[   63.758926][   T24] plantronics 0003:047F:FFFF.0017: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[   63.868305][  T334] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   63.898332][   T59] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   64.009187][   T24] usb 9-1: USB disconnect, device number 2
[   64.049486][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.060631][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.070511][  T334] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   64.083513][  T334] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   64.089526][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.092905][  T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.103859][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.112350][  T334] usb 5-1: config 0 descriptor??
[   64.122736][   T59] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   64.135345][   T59] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   64.143414][   T59] usb 2-1: Manufacturer: syz
[   64.148975][   T59] usb 2-1: config 0 descriptor??
[   64.534601][  T334] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[   64.560161][   T59] pyra 0003:1E7D:2CF6.0019: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[   64.560641][  T334] plantronics 0003:047F:FFFF.0018: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   64.831721][  T338] usb 5-1: USB disconnect, device number 6
[   64.934706][ T2872] loop8: detected capacity change from 0 to 512
[   64.953435][ T2872] EXT4-fs: Ignoring removed oldalloc option
[   64.968738][ T2872] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   64.981983][ T2872] EXT4-fs (loop8): 1 truncate cleaned up
[   64.987686][ T2872] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   65.038643][   T28] kauditd_printk_skb: 31 callbacks suppressed
[   65.038694][   T28] audit: type=1400 audit(2000000029.580:628): avc:  denied  { append } for  pid=2871 comm="syz.8.982" path="/20/bus/cgroup.stat" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   65.068820][    T6] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   65.080855][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   65.162828][   T59] pyra 0003:1E7D:2CF6.0019: couldn't init struct pyra_device
[   65.172849][   T59] pyra 0003:1E7D:2CF6.0019: couldn't install mouse
[   65.180475][   T59] pyra: probe of 0003:1E7D:2CF6.0019 failed with error -71
[   65.189827][   T59] usb 2-1: USB disconnect, device number 13
[   65.219569][ T2875] fido_id[2875]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[   65.258291][    T6] usb 3-1: Using ep0 maxpacket: 16
[   65.278011][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   65.290839][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   65.305343][    T6] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[   65.314738][    T6] usb 3-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[   65.323002][    T6] usb 3-1: Manufacturer: syz
[   65.332693][    T6] usb 3-1: config 0 descriptor??
[   65.678280][  T338] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   65.775356][    T6] playstation 0003:054C:0DF2.001A: hidraw0: USB HID v0.09 Device [syz] on usb-dummy_hcd.2-1/input0
[   65.825481][ T2884] loop8: detected capacity change from 0 to 40427
[   65.833394][ T2884] F2FS-fs (loop8): invalid crc value
[   65.840027][ T2884] F2FS-fs (loop8): Found nat_bits in checkpoint
[   65.858298][  T338] usb 5-1: Using ep0 maxpacket: 32
[   65.864570][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   65.875782][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   65.881590][ T2884] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   65.885634][  T338] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   65.902518][  T338] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.911358][  T338] usb 5-1: config 0 descriptor??
[   65.921588][   T28] audit: type=1400 audit(2000000030.480:629): avc:  denied  { ioctl } for  pid=2882 comm="syz.8.987" path="/22/file0/file1" dev="loop8" ino=10 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   65.921630][ T2884] syz.8.987: attempt to access beyond end of device
[   65.921630][ T2884] loop8: rw=0, sector=77824, nr_sectors = 8 limit=40427
[   65.972480][ T2638] syz-executor: attempt to access beyond end of device
[   65.972480][ T2638] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   65.975341][    T6] playstation 0003:054C:0DF2.001A: Invalid reportID received, expected 9 got 43
[   65.995602][    T6] playstation 0003:054C:0DF2.001A: Failed to retrieve DualSense pairing info: -22
[   66.004887][    T6] playstation 0003:054C:0DF2.001A: Failed to get MAC address from DualSense
[   66.013683][    T6] playstation 0003:054C:0DF2.001A: Failed to create dualsense.
[   66.022165][    T6] playstation: probe of 0003:054C:0DF2.001A failed with error -22
[   66.058314][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   66.135472][   T28] audit: type=1326 audit(2000000000.020:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.163091][   T28] audit: type=1326 audit(2000000000.050:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.198167][   T28] audit: type=1326 audit(2000000000.050:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.218128][   T59] usb 3-1: USB disconnect, device number 8
[   66.227356][   T28] audit: type=1326 audit(2000000000.050:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.252822][   T28] audit: type=1326 audit(2000000000.050:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.276343][   T28] audit: type=1326 audit(2000000000.050:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.299781][   T28] audit: type=1326 audit(2000000000.050:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.327126][  T338] savu 0003:1E7D:2D5A.001B: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[   66.334322][   T28] audit: type=1326 audit(2000000000.050:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2900 comm="syz.0.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51ba18eec9 code=0x7ffc0000
[   66.610497][    T6] usb 5-1: USB disconnect, device number 7
[   66.694337][ T2947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1010'.
[   67.286634][ T2980] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1024'.
[   67.322473][ T2984] loop8: detected capacity change from 0 to 1024
[   67.340589][ T2984] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   67.366995][ T2984] EXT4-fs (loop8): Online resizing not supported with bigalloc
[   67.382738][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   67.508497][    T6] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   67.699468][    T6] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[   67.707797][    T6] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[   67.716758][    T6] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[   67.727128][    T6] usb 5-1: config 220 has no interface number 2
[   67.733454][    T6] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[   67.746639][    T6] usb 5-1: config 220 interface 0 has no altsetting 0
[   67.753452][    T6] usb 5-1: config 220 interface 76 has no altsetting 0
[   67.760343][    T6] usb 5-1: config 220 interface 1 has no altsetting 0
[   67.768949][    T6] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[   67.777995][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.786244][    T6] usb 5-1: Product: syz
[   67.790494][    T6] usb 5-1: Manufacturer: syz
[   67.795090][    T6] usb 5-1: SerialNumber: syz
[   68.004424][    T6] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[   68.011026][    T6] usb 5-1: No valid video chain found.
[   68.016538][    T6] usb 5-1: selecting invalid altsetting 0
[   68.024820][    T6] usb 5-1: USB disconnect, device number 8
[   68.531314][ T3006] 9pnet: p9_errstr2errno: server reported unknown error 
[   68.661454][ T3022] xt_bpf: check failed: parse error
[   68.752569][ T3037] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   68.921777][ T3057] loop4: detected capacity change from 0 to 512
[   68.927644][ T3059] loop8: detected capacity change from 0 to 256
[   68.937314][ T3057] EXT4-fs: Ignoring removed i_version option
[   68.963950][ T3057] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   68.983291][ T3057] EXT4-fs (loop4): 1 truncate cleaned up
[   68.989645][ T3057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   69.036462][  T287] EXT4-fs (loop4): unmounting filesystem.
[   69.194442][ T3078] netlink: 104 bytes leftover after parsing attributes in process `syz.8.1068'.
[   69.281694][ T3090] loop8: detected capacity change from 0 to 256
[   69.294358][ T3090] exfat: Deprecated parameter 'namecase'
[   69.318643][ T3090] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   69.324541][ T3094] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   69.355965][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   69.369185][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   69.387670][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   69.414280][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   69.426892][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   69.437446][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   69.445948][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   69.461340][  T781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   69.480147][   T24] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   69.848318][   T59] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   69.938661][ T3126] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1085'.
[   69.968280][  T334] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   70.049363][   T59] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   70.068302][   T59] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   70.078181][   T59] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   70.091605][   T59] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   70.100835][   T59] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.112691][   T59] usb 9-1: config 0 descriptor??
[   70.158361][  T334] usb 5-1: Using ep0 maxpacket: 16
[   70.164644][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   70.188253][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   70.198048][  T334] usb 5-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[   70.228262][  T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.237265][  T334] usb 5-1: config 0 descriptor??
[   70.522800][   T59] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving
[   70.531706][   T59] plantronics 0003:047F:FFFF.001C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[   70.645025][  T334] apple 0003:05AC:024B.001D: fixing up MacBook JIS keyboard report descriptor
[   70.654313][  T334] apple 0003:05AC:024B.001D: unknown global tag 0xe
[   70.661039][  T334] apple 0003:05AC:024B.001D: item 0 1 1 14 parsing failed
[   70.668391][  T334] apple 0003:05AC:024B.001D: parse failed
[   70.674120][  T334] apple: probe of 0003:05AC:024B.001D failed with error -22
[   70.789229][  T334] usb 9-1: USB disconnect, device number 3
[   70.851196][    T6] usb 5-1: USB disconnect, device number 9
[   71.312940][   T28] kauditd_printk_skb: 142 callbacks suppressed
[   71.312956][   T28] audit: type=1326 audit(2000000004.720:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.371942][   T28] audit: type=1326 audit(2000000004.750:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.427984][   T28] audit: type=1326 audit(2000000004.750:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.452105][   T28] audit: type=1326 audit(2000000004.750:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.453897][ T3160] netlink: 'syz.1.1103': attribute type 6 has an invalid length.
[   71.497403][   T28] audit: type=1326 audit(2000000004.750:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.522888][   T28] audit: type=1326 audit(2000000004.750:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.564231][   T28] audit: type=1326 audit(2000000004.750:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.589878][   T28] audit: type=1326 audit(2000000004.750:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.623446][   T28] audit: type=1326 audit(2000000004.770:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.647145][ T3179] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1111'.
[   71.649841][   T28] audit: type=1326 audit(2000000004.770:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3143 comm="syz.8.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94bb58eec9 code=0x7ffc0000
[   71.680124][  T334] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   71.706216][ T3182] overlayfs: missing 'lowerdir'
[   71.785660][  T732] Bluetooth: hci0: Frame reassembly failed (-84)
[   71.868286][  T334] usb 5-1: Using ep0 maxpacket: 16
[   71.874795][  T334] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   71.885852][  T334] usb 5-1: config 0 interface 0 altsetting 3 has an invalid endpoint with address 0x0, skipping
[   71.896383][  T334] usb 5-1: config 0 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   71.909340][  T334] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.915964][  T334] usb 5-1: New USB device found, idVendor=056a, idProduct=0097, bcdDevice= 0.00
[   71.925048][  T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.934506][  T334] usb 5-1: config 0 descriptor??
[   72.018283][  T338] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[   72.199400][  T338] usb 3-1: config index 0 descriptor too short (expected 19492, got 36)
[   72.207799][  T338] usb 3-1: config 0 has too many interfaces: 36, using maximum allowed: 32
[   72.216462][  T338] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 36
[   72.225463][  T338] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   72.236472][  T338] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   72.251398][  T338] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   72.264512][  T338] usb 3-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.00
[   72.273940][  T338] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.290672][  T338] usb 3-1: config 0 descriptor??
[   72.343269][  T334] wacom 0003:056A:0097.001E: unknown main item tag 0x0
[   72.355025][  T334] wacom 0003:056A:0097.001E: unknown main item tag 0x0
[   72.369601][  T334] wacom 0003:056A:0097.001E: unknown main item tag 0x0
[   72.386738][  T334] wacom 0003:056A:0097.001E: unknown main item tag 0x0
[   72.394034][  T334] wacom 0003:056A:0097.001E: unknown main item tag 0x0
[   72.409477][  T334] wacom 0003:056A:0097.001E: hidraw0: USB HID v0.00 Device [HID 056a:0097] on usb-dummy_hcd.4-1/input0
[   72.553031][    T6] usb 5-1: USB disconnect, device number 10
[   72.647832][ T3217] overlayfs: missing 'lowerdir'
[   72.702459][  T338] lg-g15 0003:046D:C225.001F: hidraw0: USB HID v1.01 Device [HID 046d:c225] on usb-dummy_hcd.2-1/input0
[   72.850841][ T3214] loop8: detected capacity change from 0 to 131072
[   72.860488][ T3214] F2FS-fs (loop8): invalid crc value
[   72.867612][ T3214] F2FS-fs (loop8): Found nat_bits in checkpoint
[   72.904548][ T3214] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   72.912619][    T6] usb 3-1: USB disconnect, device number 9
[   73.200919][ T3242] block device autoloading is deprecated and will be removed.
[   73.218455][ T3242] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   73.231627][ T3244] loop8: detected capacity change from 0 to 4096
[   73.245889][ T3244] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   73.258292][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   73.275335][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   73.307455][ T3252] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1141'.
[   73.316560][ T3252] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1141'.
[   73.347214][ T3256] loop0: detected capacity change from 0 to 256
[   73.347914][ T3258] loop8: detected capacity change from 0 to 128
[   73.364088][ T3258] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.391655][ T3258] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.397440][ T3256] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[   73.435183][ T3262] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1150'.
[   73.542179][ T3280] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   73.545913][ T3276] loop4: detected capacity change from 0 to 256
[   73.551719][ T3280] FAT-fs (loop17): unable to read boot sector
[   73.564856][ T3279] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   73.581195][ T3276] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[   73.818271][ T2039] Bluetooth: hci0: command 0x1003 tx timeout
[   73.818288][  T483] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   73.988295][    T6] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[   74.158357][    T6] usb 5-1: device descriptor read/64, error -71
[   74.428286][    T6] usb 5-1: device descriptor read/64, error -71
[   74.484633][ T3315] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   74.578107][  T732] Bluetooth: hci0: Frame reassembly failed (-84)
[   74.698332][    T6] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[   74.848291][    T6] usb 5-1: device descriptor read/64, error -71
[   74.868284][ T2870] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   75.049435][ T2870] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   75.060458][ T2870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.071365][ T2870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   75.081132][ T2870] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   75.094840][ T2870] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   75.103922][ T2870] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   75.112049][ T2870] usb 3-1: Manufacturer: syz
[   75.117191][ T2870] usb 3-1: config 0 descriptor??
[   75.128287][    T6] usb 5-1: device descriptor read/64, error -71
[   75.248330][    T6] usb usb5-port1: attempt power cycle
[   75.342895][ T3345] syz.0.1187[3345] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.342987][ T3345] syz.0.1187[3345] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.525579][ T2870] appleir 0003:05AC:8243.0020: unknown main item tag 0x0
[   75.544183][ T2870] appleir 0003:05AC:8243.0020: No inputs registered, leaving
[   75.553257][ T2870] appleir 0003:05AC:8243.0020: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[   75.668335][    T6] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[   75.699320][    T6] usb 5-1: device descriptor read/8, error -71
[   75.799028][  T338] usb 3-1: USB disconnect, device number 10
[   75.849681][    T6] usb 5-1: device descriptor read/8, error -71
[   76.118309][    T6] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[   76.149440][    T6] usb 5-1: device descriptor read/8, error -71
[   76.299396][    T6] usb 5-1: device descriptor read/8, error -71
[   76.318766][ T3351] loop0: detected capacity change from 0 to 512
[   76.325091][   T28] kauditd_printk_skb: 86 callbacks suppressed
[   76.325108][   T28] audit: type=1400 audit(2000000009.730:876): avc:  denied  { name_bind } for  pid=3347 comm="syz.1.1199" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   76.362238][ T3351] EXT4-fs (loop0): Test dummy encryption mode enabled
[   76.378435][ T3351] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   76.393535][ T3351] EXT4-fs (loop0): 1 truncate cleaned up
[   76.399864][ T3351] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   76.418347][    T6] usb usb5-port1: unable to enumerate USB device
[   76.428002][   T28] audit: type=1400 audit(2000000009.830:877): avc:  denied  { execmem } for  pid=3350 comm="syz.0.1189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   76.532570][ T3351] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.1189: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   76.538294][   T28] audit: type=1400 audit(2000000009.940:878): avc:  denied  { rmdir } for  pid=3350 comm="syz.0.1189" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   76.574974][ T3351] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem
[   76.618282][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   76.624380][ T3301] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   76.648694][  T286] EXT4-fs (loop0): unmounting filesystem.
[   76.764319][   T28] audit: type=1400 audit(2000000010.160:879): avc:  denied  { ioctl } for  pid=3365 comm="syz.4.1196" path="socket:[29967]" dev="sockfs" ino=29967 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   76.866400][   T28] audit: type=1400 audit(2000000010.260:880): avc:  denied  { read } for  pid=3371 comm="syz.8.1198" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   76.952908][   T28] audit: type=1400 audit(2000000010.260:881): avc:  denied  { open } for  pid=3371 comm="syz.8.1198" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   77.004316][   T28] audit: type=1400 audit(2000000010.260:882): avc:  denied  { ioctl } for  pid=3371 comm="syz.8.1198" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   77.035343][ T3381] loop8: detected capacity change from 0 to 8192
[   77.075618][   T28] audit: type=1400 audit(2000000010.260:883): avc:  denied  { set_context_mgr } for  pid=3371 comm="syz.8.1198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   77.102951][   T28] audit: type=1400 audit(2000000010.270:884): avc:  denied  { create } for  pid=3375 comm="syz.0.1200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   77.122687][   T28] audit: type=1400 audit(2000000010.270:885): avc:  denied  { connect } for  pid=3375 comm="syz.0.1200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   77.192089][ T3401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1212'.
[   77.246193][ T3399] FAT-fs (loop8): error, corrupted directory (invalid entries)
[   77.254061][ T3399] FAT-fs (loop8): Filesystem has been set read-only
[   77.279678][ T3408] netlink: 'syz.0.1227': attribute type 280 has an invalid length.
[   77.322582][ T3381] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   77.391074][ T3420] loop9: detected capacity change from 0 to 7
[   77.477527][ T3436] loop0: detected capacity change from 0 to 512
[   77.477913][ T3438] syz.1.1231[3438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.484513][ T3438] syz.1.1231[3438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.505267][ T3436] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.1230: bad orphan inode 15
[   77.527732][ T3436] ext4_test_bit(bit=14, block=5) = 0
[   77.533218][ T3436] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   77.556621][  T286] EXT4-fs (loop0): unmounting filesystem.
[   77.579754][ T3442] device batadv_slave_1 entered promiscuous mode
[   77.592331][ T3441] device batadv_slave_1 left promiscuous mode
[   77.639052][ T3445] loop0: detected capacity change from 0 to 8192
[   77.779903][ T3445] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   77.787582][ T3445] FAT-fs (loop0): Filesystem has been set read-only
[   77.797772][ T3460] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   77.888329][ T1309] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[   78.056273][ T3470] syz.0.1243[3470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.056356][ T3470] syz.0.1243[3470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.069397][ T1309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.088302][    T6] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   78.091913][ T1309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.111298][ T1309] usb 2-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[   78.122077][ T1309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.141941][ T1309] usb 2-1: config 0 descriptor??
[   78.288309][    T6] usb 9-1: Using ep0 maxpacket: 16
[   78.294633][    T6] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   78.305841][    T6] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   78.319410][    T6] usb 9-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[   78.328765][    T6] usb 9-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[   78.336859][    T6] usb 9-1: Manufacturer: syz
[   78.342163][    T6] usb 9-1: config 0 descriptor??
[   78.551485][ T1309] aureal 0003:0755:2626.0021: unknown main item tag 0x0
[   78.558623][ T1309] aureal 0003:0755:2626.0021: unknown main item tag 0x0
[   78.565716][ T1309] aureal 0003:0755:2626.0021: unknown main item tag 0x0
[   78.572914][ T1309] aureal 0003:0755:2626.0021: unknown main item tag 0x0
[   78.579983][ T1309] aureal 0003:0755:2626.0021: unknown main item tag 0x0
[   78.587668][ T1309] aureal 0003:0755:2626.0021: hidraw0: USB HID v0.00 Device [HID 0755:2626] on usb-dummy_hcd.1-1/input0
[   78.751664][    T6] playstation 0003:054C:0DF2.0022: hidraw1: USB HID v0.09 Device [syz] on usb-dummy_hcd.8-1/input0
[   78.763792][  T334] usb 2-1: USB disconnect, device number 14
[   78.950181][    T6] playstation 0003:054C:0DF2.0022: Invalid reportID received, expected 9 got 43
[   78.959385][    T6] playstation 0003:054C:0DF2.0022: Failed to retrieve DualSense pairing info: -22
[   78.968858][    T6] playstation 0003:054C:0DF2.0022: Failed to get MAC address from DualSense
[   78.977588][    T6] playstation 0003:054C:0DF2.0022: Failed to create dualsense.
[   78.985998][    T6] playstation: probe of 0003:054C:0DF2.0022 failed with error -22
[   79.157552][  T334] usb 9-1: USB disconnect, device number 4
[   79.303721][ T3502] SELinux: failed to load policy
[   79.672995][ T3518] syz.8.1263[3518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.673109][ T3518] syz.8.1263[3518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.896336][ T3554] loop8: detected capacity change from 0 to 512
[   79.914790][ T3554] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[   79.923264][ T3554] EXT4-fs (loop8): invalid journal inode
[   79.929124][ T3554] EXT4-fs (loop8): can't get journal size
[   79.936223][ T3554] EXT4-fs (loop8): 1 truncate cleaned up
[   79.942044][ T3554] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   79.958332][   T24] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[   79.965989][  T334] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[   79.966850][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   80.012863][ T3560] netlink: 'syz.8.1286': attribute type 5 has an invalid length.
[   80.048905][ T3564] SELinux: failed to load policy
[   80.064850][ T3566] syz.1.1300[3566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.064932][ T3566] syz.1.1300[3566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.078665][    T6] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   80.148864][  T334] usb 5-1: Using ep0 maxpacket: 16
[   80.154987][   T24] usb 3-1: too many endpoints for config 0 interface 0 altsetting 7: 253, using maximum allowed: 30
[   80.167578][  T334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   80.182142][   T24] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.192271][  T334] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   80.205361][   T24] usb 3-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   80.218936][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[   80.225844][   T24] usb 3-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00
[   80.235463][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.238398][ T3582] loop8: detected capacity change from 0 to 512
[   80.243947][  T334] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[   80.259398][  T334] usb 5-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[   80.262141][ T3582] EXT4-fs (loop8): Test dummy encryption mode enabled
[   80.268161][  T334] usb 5-1: Manufacturer: syz
[   80.278658][ T3582] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   80.285730][   T24] usb 3-1: config 0 descriptor??
[   80.290997][ T3582] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.1295: corrupted in-inode xattr
[   80.303322][  T334] usb 5-1: config 0 descriptor??
[   80.310982][    T6] usb 1-1: Using ep0 maxpacket: 16
[   80.316427][ T3582] EXT4-fs (loop8): 1 orphan inode deleted
[   80.318849][    T6] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[   80.324842][ T3582] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   80.343397][    T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   80.361377][    T6] usb 1-1: config 0 has no interface number 0
[   80.378454][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   80.389392][    T6] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   80.398567][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.408126][    T6] usb 1-1: Product: syz
[   80.413820][    T6] usb 1-1: Manufacturer: syz
[   80.419091][    T6] usb 1-1: SerialNumber: syz
[   80.430076][    T6] usb 1-1: config 0 descriptor??
[   80.440739][    T6] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[   80.452166][ T3588] loop8: detected capacity change from 0 to 256
[   80.457321][    T6] usb 1-1: No valid video chain found.
[   80.700784][   T24] wacom 0003:056A:0003.0023: Unknown device_type for 'HID 056a:0003'. Assuming pen.
[   80.721681][   T24] wacom 0003:056A:0003.0023: hidraw0: USB HID v0.04 Device [HID 056a:0003] on usb-dummy_hcd.2-1/input0
[   80.735297][  T334] playstation 0003:054C:0DF2.0024: hidraw1: USB HID v0.09 Device [syz] on usb-dummy_hcd.4-1/input0
[   80.752025][   T24] input: Wacom Cintiq Partner Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0003.0023/input/input22
[   80.778334][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   80.912224][   T24] usb 3-1: USB disconnect, device number 11
[   80.933380][  T334] playstation 0003:054C:0DF2.0024: Invalid reportID received, expected 9 got 43
[   80.942712][  T334] playstation 0003:054C:0DF2.0024: Failed to retrieve DualSense pairing info: -22
[   80.952261][  T334] playstation 0003:054C:0DF2.0024: Failed to get MAC address from DualSense
[   80.961323][  T334] playstation 0003:054C:0DF2.0024: Failed to create dualsense.
[   80.970051][  T334] playstation: probe of 0003:054C:0DF2.0024 failed with error -22
[   80.997426][ T3602] fido_id[3602]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[   81.153402][    T6] usb 5-1: USB disconnect, device number 15
[   81.159119][   T24] usb 1-1: USB disconnect, device number 8
[   81.411256][ T3617] device bridge0 entered promiscuous mode
[   81.417071][ T3617] device macsec1 entered promiscuous mode
[   81.423039][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   81.432488][ T3617] bridge0: port 3(macsec1) entered blocking state
[   81.439388][ T3617] bridge0: port 3(macsec1) entered disabled state
[   81.446697][ T3617] device bridge0 left promiscuous mode
[   81.458329][ T1309] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[   81.529346][   T28] kauditd_printk_skb: 39 callbacks suppressed
[   81.529363][   T28] audit: type=1400 audit(2000000014.940:925): avc:  denied  { setopt } for  pid=3629 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   81.670088][ T1309] usb 2-1: Using ep0 maxpacket: 16
[   81.680561][ T1309] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[   81.698269][ T1309] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   81.718253][ T1309] usb 2-1: config 0 has no interface number 0
[   81.725922][ T1309] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   81.732147][   T28] audit: type=1400 audit(2000000015.140:926): avc:  denied  { write } for  pid=3641 comm="syz.8.1318" name="raw6" dev="proc" ino=4026533082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   81.745420][ T1309] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.772979][ T1309] usb 2-1: Product: syz
[   81.777495][ T1309] usb 2-1: Manufacturer: syz
[   81.797673][ T1309] usb 2-1: SerialNumber: syz
[   81.814452][ T1309] usb 2-1: config 0 descriptor??
[   81.825025][ T1309] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[   81.838320][ T1309] usb 2-1: No valid video chain found.
[   81.998274][ T1309] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[   82.179394][ T1309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.190434][ T1309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.200214][ T1309] usb 5-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[   82.209280][ T1309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.217765][ T1309] usb 5-1: config 0 descriptor??
[   82.534520][  T338] usb 2-1: USB disconnect, device number 15
[   82.549512][   T28] audit: type=1400 audit(2000000015.960:927): avc:  denied  { read } for  pid=3653 comm="syz.0.1337" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   82.577926][   T28] audit: type=1400 audit(2000000015.960:928): avc:  denied  { open } for  pid=3653 comm="syz.0.1337" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   82.619078][   T28] audit: type=1400 audit(2000000015.960:929): avc:  denied  { ioctl } for  pid=3653 comm="syz.0.1337" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   82.624843][ T3657] device bridge0 entered promiscuous mode
[   82.647239][   T28] audit: type=1400 audit(2000000016.010:930): avc:  denied  { setopt } for  pid=3660 comm="syz.0.1330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   82.651149][ T1309] aureal 0003:0755:2626.0025: unknown main item tag 0x0
[   82.669529][   T28] audit: type=1400 audit(2000000016.010:931): avc:  denied  { read } for  pid=3660 comm="syz.0.1330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   82.677301][ T3657] device macsec1 entered promiscuous mode
[   82.702028][ T1309] aureal 0003:0755:2626.0025: unknown main item tag 0x0
[   82.709164][ T1309] aureal 0003:0755:2626.0025: unknown main item tag 0x0
[   82.716169][ T1309] aureal 0003:0755:2626.0025: unknown main item tag 0x0
[   82.718421][   T28] audit: type=1400 audit(2000000016.100:932): avc:  denied  { write } for  pid=3660 comm="syz.0.1330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   82.723936][ T3657] bridge0: port 3(macsec1) entered blocking state
[   82.748940][ T1309] aureal 0003:0755:2626.0025: unknown main item tag 0x0
[   82.756973][ T1309] aureal 0003:0755:2626.0025: hidraw0: USB HID v0.00 Device [HID 0755:2626] on usb-dummy_hcd.4-1/input0
[   82.770205][ T3657] bridge0: port 3(macsec1) entered disabled state
[   82.777612][ T3657] device bridge0 left promiscuous mode
[   82.845498][   T28] audit: type=1400 audit(2000000016.250:933): avc:  denied  { write } for  pid=3664 comm="syz.8.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   82.896868][ T1309] usb 5-1: USB disconnect, device number 16
[   83.138330][  T334] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[   83.218296][  T338] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   83.318314][  T334] usb 2-1: Using ep0 maxpacket: 16
[   83.324529][  T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   83.335694][  T334] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   83.350290][  T334] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[   83.359397][  T334] usb 2-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[   83.367484][  T334] usb 2-1: Manufacturer: syz
[   83.372675][  T334] usb 2-1: config 0 descriptor??
[   83.410087][  T338] usb 3-1: Using ep0 maxpacket: 16
[   83.433226][   T28] audit: type=1400 audit(2000000016.840:934): avc:  denied  { create } for  pid=3696 comm="syz.0.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   83.453964][ T3697] fuse: Unknown parameter 'fd00000000000000000000'
[   83.460803][  T338] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[   83.469428][  T338] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   83.479862][  T338] usb 3-1: config 0 has no interface number 0
[   83.508730][  T338] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   83.527968][  T338] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.536934][  T338] usb 3-1: Product: syz
[   83.541282][  T338] usb 3-1: Manufacturer: syz
[   83.545891][  T338] usb 3-1: SerialNumber: syz
[   83.572763][  T338] usb 3-1: config 0 descriptor??
[   83.580428][  T338] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[   83.586860][  T338] usb 3-1: No valid video chain found.
[   83.788575][  T334] playstation 0003:054C:0DF2.0026: hidraw0: USB HID v0.09 Device [syz] on usb-dummy_hcd.1-1/input0
[   83.984567][  T334] playstation 0003:054C:0DF2.0026: Invalid reportID received, expected 9 got 43
[   84.005320][  T334] playstation 0003:054C:0DF2.0026: Failed to retrieve DualSense pairing info: -22
[   84.021402][  T334] playstation 0003:054C:0DF2.0026: Failed to get MAC address from DualSense
[   84.030452][  T334] playstation 0003:054C:0DF2.0026: Failed to create dualsense.
[   84.039282][  T334] playstation: probe of 0003:054C:0DF2.0026 failed with error -22
[   84.132018][ T3745] block device autoloading is deprecated and will be removed.
[   84.150049][ T3745] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.159954][ T3745] F2FS-fs (loop1): Unable to read 1th superblock
[   84.166388][ T3745] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.175903][ T3745] F2FS-fs (loop1): Unable to read 2th superblock
[   84.194023][  T334] usb 2-1: USB disconnect, device number 16
[   84.289181][ T3741] loop8: detected capacity change from 0 to 40427
[   84.293592][ T2870] usb 3-1: USB disconnect, device number 12
[   84.310241][ T3741] F2FS-fs (loop8): fault_injection options not supported
[   84.326037][ T3741] F2FS-fs (loop8): invalid crc value
[   84.353093][ T3741] F2FS-fs (loop8): Found nat_bits in checkpoint
[   84.415555][ T3769] tipc: Started in network mode
[   84.427767][ T3769] tipc: Node identity 48, cluster identity 4711
[   84.434447][ T3769] tipc: Node number set to 72
[   84.439271][ T3741] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   84.470204][ T3774] block device autoloading is deprecated and will be removed.
[   84.488138][ T3774] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.500892][ T3774] F2FS-fs (loop5): Unable to read 1th superblock
[   84.507434][ T3774] I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.517847][ T3774] F2FS-fs (loop5): Unable to read 2th superblock
[   84.545997][ T2638] syz-executor: attempt to access beyond end of device
[   84.545997][ T2638] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   84.560815][ T3779] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   84.718033][ T3794] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   84.733298][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   84.752079][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   84.770255][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   84.782935][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   84.791580][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.804731][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   84.831546][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.848149][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   84.866645][ T1309] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   84.971645][ T3822] loop8: detected capacity change from 0 to 1024
[   85.008727][ T3822] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   85.056110][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   85.178903][ T3836] overlayfs: invalid origin (0000)
[   85.279962][ T3846] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   85.336250][ T3855] syz.4.1418[3855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.336324][ T3855] syz.4.1418[3855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   85.348360][  T338] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   85.446763][ T3871] loop1: detected capacity change from 0 to 128
[   85.468303][ T3871] EXT4-fs: Ignoring removed nobh option
[   85.486851][ T3871] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   85.500172][ T3871] ext4 filesystem being mounted at /228/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.556685][  T283] EXT4-fs (loop1): unmounting filesystem.
[   85.562555][  T338] usb 1-1: Using ep0 maxpacket: 8
[   85.585428][  T338] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[   85.604795][  T338] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.619458][  T338] usb 1-1: Product: syz
[   85.623808][  T338] usb 1-1: Manufacturer: syz
[   85.638602][  T338] usb 1-1: SerialNumber: syz
[   85.652073][  T338] usb 1-1: config 0 descriptor??
[   85.771703][ T3887] loop1: detected capacity change from 0 to 40427
[   85.788995][ T3887] F2FS-fs (loop1): fault_injection options not supported
[   85.797073][ T3887] F2FS-fs (loop1): invalid crc value
[   85.810876][ T3887] F2FS-fs (loop1): Found nat_bits in checkpoint
[   85.857463][ T3887] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   85.899667][  T283] syz-executor: attempt to access beyond end of device
[   85.899667][  T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   86.108320][ T3930] loop1: detected capacity change from 0 to 1024
[   86.115112][ T3930] EXT4-fs: Ignoring removed i_version option
[   86.123864][ T3930] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.1448: lblock 2 mapped to illegal pblock 2 (length 1)
[   86.138126][ T3930] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.1448: lblock 0 mapped to illegal pblock 48 (length 1)
[   86.152468][ T3930] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1448: Failed to acquire dquot type 0
[   86.166224][ T3930] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   86.176043][ T3930] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.1448: mark_inode_dirty error
[   86.187687][ T3930] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   86.198172][ T3930] EXT4-fs (loop1): 1 orphan inode deleted
[   86.204245][ T3930] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   86.212864][  T732] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:149: lblock 1 mapped to illegal pblock 1 (length 1)
[   86.236655][  T732] EXT4-fs error (device loop1): ext4_release_dquot:6839: comm kworker/u4:149: Failed to release dquot type 0
[   86.236685][ T3930] EXT4-fs error (device loop1): __ext4_get_inode_loc:4509: comm syz.1.1448: Invalid inode table block 1 in block_group 0
[   86.261111][ T3930] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   86.271001][ T3930] EXT4-fs error (device loop1): ext4_setattr:5515: inode #2: comm syz.1.1448: mark_inode_dirty error
[   86.298475][  T283] EXT4-fs (loop1): unmounting filesystem.
[   86.304732][  T712] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:129: lblock 1 mapped to illegal pblock 1 (length 1)
[   86.319321][  T338] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[   86.327100][  T712] EXT4-fs error (device loop1): ext4_release_dquot:6839: comm kworker/u4:129: Failed to release dquot type 0
[   86.339000][  T283] EXT4-fs error (device loop1): __ext4_get_inode_loc:4509: comm syz-executor: Invalid inode table block 1 in block_group 0
[   86.352103][  T283] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   86.361858][  T283] EXT4-fs error (device loop1): ext4_quota_off:7109: inode #3: comm syz-executor: mark_inode_dirty error
[   86.540542][  T338] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   86.553983][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.565292][  T338] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.636042][  T338] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   86.654245][ T3948] loop8: detected capacity change from 0 to 8192
[   86.662038][ T3948] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   86.672782][  T338] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   86.681904][  T338] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   86.717620][   T28] kauditd_printk_skb: 23 callbacks suppressed
[   86.717634][   T28] audit: type=1400 audit(2000000020.120:954): avc:  denied  { watch } for  pid=3947 comm="syz.8.1454" path="/135/file1" dev="loop8" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   86.746817][  T338] usb 5-1: Manufacturer: syz
[   86.753128][  T338] usb 5-1: config 0 descriptor??
[   87.171450][  T338] appleir 0003:05AC:8243.0027: unknown main item tag 0x0
[   87.189489][  T338] appleir 0003:05AC:8243.0027: No inputs registered, leaving
[   87.204289][  T338] appleir 0003:05AC:8243.0027: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[   87.263400][   T28] audit: type=1400 audit(2000000020.670:955): avc:  denied  { write } for  pid=3983 comm="syz.8.1469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   87.287997][   T28] audit: type=1400 audit(2000000020.670:956): avc:  denied  { nlmsg_write } for  pid=3983 comm="syz.8.1469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   87.347177][ T3989] loop1: detected capacity change from 0 to 512
[   87.359245][ T3989] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[   87.369733][ T3989] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #13: comm syz.1.1471: iget: bad i_size value: 12154757448730
[   87.387234][ T3989] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1471: couldn't read orphan inode 13 (err -117)
[   87.400930][ T3989] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   87.416364][ T3989] EXT4-fs (loop1): shut down requested (1)
[   87.423200][   T28] audit: type=1400 audit(2000000020.830:957): avc:  denied  { read } for  pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   87.445639][  T283] EXT4-fs (loop1): unmounting filesystem.
[   87.451407][   T28] audit: type=1400 audit(2000000020.830:958): avc:  denied  { search } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   87.483709][   T28] audit: type=1400 audit(2000000020.830:959): avc:  denied  { append } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   87.507759][ T2870] usb 5-1: USB disconnect, device number 17
[   87.525147][   T28] audit: type=1400 audit(2000000020.830:960): avc:  denied  { open } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   87.549435][   T28] audit: type=1400 audit(2000000020.830:961): avc:  denied  { getattr } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   87.624325][ T3994] loop1: detected capacity change from 0 to 8192
[   87.647765][ T3994] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   87.756660][ T3996] 9pnet: p9_errstr2errno: server reported unknown error 
[   87.891693][  T334] usb 1-1: USB disconnect, device number 9
[   88.257837][   T28] audit: type=1400 audit(2000000021.660:962): avc:  denied  { watch } for  pid=4023 comm="syz.4.1486" path="/264" dev="tmpfs" ino=1380 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   88.314363][ T4033] 9pnet: p9_errstr2errno: server reported unknown error 
[   88.388258][  T338] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[   88.538374][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   88.578673][  T338] usb 9-1: Using ep0 maxpacket: 8
[   88.587253][  T338] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[   88.600856][  T338] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.611425][  T338] usb 9-1: Product: syz
[   88.615620][  T338] usb 9-1: Manufacturer: syz
[   88.622049][  T338] usb 9-1: SerialNumber: syz
[   88.631507][  T338] usb 9-1: config 0 descriptor??
[   88.637142][   T28] audit: type=1400 audit(2000000022.040:963): avc:  denied  { execute_no_trans } for  pid=4046 comm="syz.0.1497" path=2F6D656D66643A5B0BDB58AE5B35A990FF631F1AA9FDFAADD16D64E7E27F9BD55210F3B6FF54BFD1C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   88.778360][   T59] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[   88.836795][ T4061] loop1: detected capacity change from 0 to 128
[   88.850342][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.858527][ T4061] FAT-fs (loop1): Filesystem has been set read-only
[   88.865159][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.865159][ T4061] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   88.883957][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.892205][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.901635][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.909595][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.909595][ T4061] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   88.923412][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.931321][ T4061] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   88.939308][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.939308][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   88.952663][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.952663][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   88.966047][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.966047][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   88.968269][   T59] usb 3-1: Using ep0 maxpacket: 32
[   88.979416][  T334] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[   88.989371][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.992468][ T4061] syz.1.1503: attempt to access beyond end of device
[   88.992468][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.012935][   T59] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.016354][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.016354][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.037791][   T59] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   89.039757][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.039757][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.049347][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.090557][   T59] usb 3-1: config 0 descriptor??
[   89.208242][  T334] usb 1-1: device descriptor read/64, error -71
[   89.478263][  T334] usb 1-1: device descriptor read/64, error -71
[   89.507765][   T59] savu 0003:1E7D:2D5A.0028: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[   89.548267][ T4061] bio_check_eod: 25819 callbacks suppressed
[   89.548297][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.548297][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.590821][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.590821][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.604753][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.604753][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.619118][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.619118][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.632532][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.632532][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.645996][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.645996][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.659444][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.659444][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.672902][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.672902][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.686530][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.686530][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.700255][ T4061] syz.1.1503: attempt to access beyond end of device
[   89.700255][ T4061] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   89.748335][  T334] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[   89.819245][   T59] usb 3-1: USB disconnect, device number 13
[   89.898266][  T334] usb 1-1: device descriptor read/64, error -71
[   90.168343][  T334] usb 1-1: device descriptor read/64, error -71
[   90.288320][  T334] usb usb1-port1: attempt power cycle
[   90.698246][  T334] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[   90.739413][  T334] usb 1-1: device descriptor read/8, error -71
[   90.889271][  T334] usb 1-1: device descriptor read/8, error -71
[   90.921864][  T292] usb 9-1: USB disconnect, device number 5
[   90.942641][ T4081] loop8: detected capacity change from 0 to 512
[   90.957572][ T4081] EXT4-fs: Ignoring removed i_version option
[   90.964076][ T4081] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   90.982457][ T4081] EXT4-fs (loop8): 1 truncate cleaned up
[   90.988134][ T4081] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   91.078835][ T2638] EXT4-fs (loop8): unmounting filesystem.
[   91.159162][  T334] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[   91.204426][ T4099] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   91.216626][  T334] usb 1-1: device descriptor read/8, error -71
[   91.231276][ T4099] FAT-fs (loop17): unable to read boot sector
[   91.374939][  T334] usb 1-1: device descriptor read/8, error -71
[   91.499942][  T334] usb usb1-port1: unable to enumerate USB device
[   91.520195][ T4139] loop1: detected capacity change from 0 to 128
[   91.561212][ T4139] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   91.580191][ T4139] ext4 filesystem being mounted at /255/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   91.727392][  T283] EXT4-fs (loop1): unmounting filesystem.
[   91.832261][   T28] kauditd_printk_skb: 5 callbacks suppressed
[   91.832277][   T28] audit: type=1400 audit(2000000025.240:969): avc:  denied  { create } for  pid=4156 comm="syz.1.1545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   91.913069][ T4164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1549'.
[   92.002612][   T28] audit: type=1400 audit(2000000025.410:970): avc:  denied  { shutdown } for  pid=4171 comm="syz.0.1564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.043848][   T28] audit: type=1400 audit(2000000025.430:971): avc:  denied  { read } for  pid=4171 comm="syz.0.1564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.268602][   T28] audit: type=1400 audit(2000000025.680:972): avc:  denied  { read write } for  pid=4186 comm="syz.8.1558" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   92.322040][   T28] audit: type=1400 audit(2000000025.680:973): avc:  denied  { open } for  pid=4186 comm="syz.8.1558" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   92.393536][ T4197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1563'.
[   92.396124][   T28] audit: type=1400 audit(2000000025.700:974): avc:  denied  { mount } for  pid=4186 comm="syz.8.1558" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   92.467237][   T28] audit: type=1400 audit(2000000025.730:975): avc:  denied  { unmount } for  pid=2638 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   92.663682][   T28] audit: type=1400 audit(2000000026.070:976): avc:  denied  { create } for  pid=4222 comm="syz.4.1577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   92.708796][   T28] audit: type=1400 audit(2000000026.100:977): avc:  denied  { connect } for  pid=4222 comm="syz.4.1577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   92.748497][   T28] audit: type=1400 audit(2000000026.100:978): avc:  denied  { setopt } for  pid=4222 comm="syz.4.1577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   94.281739][ T4305] batadv0: tun_chr_ioctl cmd 1074025677
[   94.287754][ T4305] batadv0: linktype set to 773
[   94.293918][ T4305] batadv0: tun_chr_ioctl cmd 1074812117
[   94.569533][  T781] Bluetooth: hci0: Frame reassembly failed (-84)
[   94.636122][ T4330] loop1: detected capacity change from 0 to 128
[   94.654622][ T4330] FAT-fs (loop1): bogus sectors per cluster 0
[   94.661062][ T4330] FAT-fs (loop1): Can't find a valid FAT filesystem
[   94.978312][  T338] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[   95.169498][  T338] usb 1-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.179486][  T338] usb 1-1: config 0 interface 0 has no altsetting 0
[   95.186131][  T338] usb 1-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[   95.195350][  T338] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.205795][  T338] usb 1-1: config 0 descriptor??
[   95.616863][  T338] sony 0003:054C:0BA0.0029: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.0-1/input0
[   95.628194][  T338] sony 0003:054C:0BA0.0029: failed to claim input
[   95.825130][  T334] usb 1-1: USB disconnect, device number 14
[   96.138301][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   96.146250][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   96.618368][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   96.618680][ T3301] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   96.938327][  T338] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[   97.119433][  T338] usb 9-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.129379][  T338] usb 9-1: config 0 interface 0 has no altsetting 0
[   97.135994][  T338] usb 9-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[   97.145102][  T338] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.154022][  T338] usb 9-1: config 0 descriptor??
[   97.563932][  T338] sony 0003:054C:0BA0.002A: hidraw0: USB HID v80.00 Device [HID 054c:0ba0] on usb-dummy_hcd.8-1/input0
[   97.575046][  T338] sony 0003:054C:0BA0.002A: failed to claim input
[   97.767642][  T338] usb 9-1: USB disconnect, device number 6
[   98.302165][  T712] Bluetooth: hci0: Frame reassembly failed (-84)
[   98.386473][ T4414] syz.4.1658 uses obsolete (PF_INET,SOCK_PACKET)
[   98.564769][   T28] kauditd_printk_skb: 24 callbacks suppressed
[   98.564785][   T28] audit: type=1400 audit(2000000031.970:1003): avc:  denied  { ioctl } for  pid=4434 comm="syz.8.1667" path="/dev/input/event0" dev="devtmpfs" ino=260 ioctlcmd=0x45a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   98.606900][ T4437] 9pnet: p9_errstr2errno: server reported unknown error �00000000000000000000004����
[   98.997405][ T4479] input: syz0 as /devices/virtual/input/input25
[   99.044329][   T28] audit: type=1400 audit(2000000032.450:1004): avc:  denied  { append } for  pid=4484 comm="syz.4.1692" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   99.110794][  T732] Bluetooth: hci1: Frame reassembly failed (-84)
[   99.388697][   T28] audit: type=1400 audit(2000000032.800:1005): avc:  denied  { connect } for  pid=4520 comm="syz.2.1706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.408403][   T28] audit: type=1400 audit(2000000032.800:1006): avc:  denied  { write } for  pid=4520 comm="syz.2.1706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   99.910873][ T4544] binder: 4541:4544 ioctl c0306201 0 returned -14
[   99.928875][ T4544] binder: 4541:4544 ioctl c0306201 200000000540 returned -11
[  100.378341][ T3301] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  100.379988][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  100.398557][ T4495] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  100.696438][ T4585] loop8: detected capacity change from 0 to 1024
[  100.711382][ T4585] EXT4-fs: Ignoring removed mblk_io_submit option
[  100.784459][ T4585] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  100.802776][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  100.827876][ T2638] EXT4-fs (loop8): unmounting filesystem.
[  100.838913][ T4596] input: syz0 as /devices/virtual/input/input26
[  100.940150][ T4612] binder: 4610:4612 ioctl c0306201 0 returned -14
[  100.947209][ T4612] binder: 4610:4612 ioctl c0306201 200000000540 returned -11
[  101.178235][ T2039] Bluetooth: hci1: command 0x1003 tx timeout
[  101.178251][  T483] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  101.183793][ T4632] input: syz0 as /devices/virtual/input/input27
[  101.263781][ T4634] syz.0.1755[4634] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.263859][ T4634] syz.0.1755[4634] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.398327][  T292] ==================================================================
[  101.417780][  T292] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[  101.424811][  T292] Write of size 8 at addr ffff88810ce80a00 by task kworker/1:2/292
[  101.432809][  T292] 
[  101.435182][  T292] CPU: 1 PID: 292 Comm: kworker/1:2 Not tainted syzkaller #0
[  101.442629][  T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  101.452795][  T292] Workqueue: usb_hub_wq hub_event
[  101.457859][  T292] Call Trace:
[  101.461131][  T292]  <TASK>
[  101.464057][  T292]  __dump_stack+0x21/0x24
[  101.468384][  T292]  dump_stack_lvl+0xee/0x150
[  101.472987][  T292]  ? __cfi_dump_stack_lvl+0x8/0x8
[  101.478017][  T292]  ? enqueue_timer+0xae/0x480
[  101.482714][  T292]  print_address_description+0x71/0x200
[  101.488261][  T292]  print_report+0x4a/0x60
[  101.492590][  T292]  kasan_report+0x122/0x150
[  101.497093][  T292]  ? enqueue_timer+0xae/0x480
[  101.501772][  T292]  __asan_report_store8_noabort+0x17/0x20
[  101.507483][  T292]  enqueue_timer+0xae/0x480
[  101.511982][  T292]  __mod_timer+0x79f/0xb30
[  101.516395][  T292]  ? ttwu_do_activate+0x174/0x280
[  101.521421][  T292]  schedule_timeout+0x127/0x2e0
[  101.526272][  T292]  ? __cfi_schedule_timeout+0x10/0x10
[  101.531644][  T292]  ? __cfi_process_timeout+0x10/0x10
[  101.536925][  T292]  ? _raw_spin_lock+0x8e/0xe0
[  101.541595][  T292]  wait_for_common+0x354/0x620
[  101.546350][  T292]  ? usb_hcd_giveback_urb+0x351/0x410
[  101.551721][  T292]  ? wait_for_completion+0x20/0x20
[  101.556848][  T292]  ? usb_submit_urb+0x1142/0x1810
[  101.561876][  T292]  wait_for_completion_timeout+0xe/0x10
[  101.567423][  T292]  usb_start_wait_urb+0x166/0x2f0
[  101.572445][  T292]  ? usb_api_blocking_completion+0xb0/0xb0
[  101.578248][  T292]  ? usb_alloc_urb+0x44/0x140
[  101.582918][  T292]  ? __kasan_check_write+0x14/0x20
[  101.588019][  T292]  usb_control_msg+0x241/0x3f0
[  101.592778][  T292]  hub_ext_port_status+0x100/0x6b0
[  101.597899][  T292]  hub_event+0x72f/0x4350
[  101.602231][  T292]  ? rpm_suspend+0x12ec/0x1610
[  101.606995][  T292]  ? pm_schedule_suspend+0x1f0/0x1f0
[  101.612545][  T292]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  101.618004][  T292]  ? _raw_spin_unlock+0x4c/0x70
[  101.622845][  T292]  ? __cfi_hub_event+0x10/0x10
[  101.627605][  T292]  ? __kasan_check_write+0x14/0x20
[  101.632708][  T292]  ? _raw_spin_lock_irq+0x8f/0xe0
[  101.637729][  T292]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  101.643266][  T292]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[  101.648645][  T292]  process_one_work+0x71f/0xc40
[  101.653518][  T292]  worker_thread+0xa29/0x11f0
[  101.658208][  T292]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  101.663663][  T292]  kthread+0x281/0x320
[  101.667746][  T292]  ? __cfi_worker_thread+0x10/0x10
[  101.672848][  T292]  ? __cfi_kthread+0x10/0x10
[  101.677430][  T292]  ret_from_fork+0x1f/0x30
[  101.681850][  T292]  </TASK>
[  101.684860][  T292] 
[  101.687180][  T292] Allocated by task 4405:
[  101.691490][  T292]  kasan_set_track+0x4b/0x70
[  101.696079][  T292]  kasan_save_alloc_info+0x25/0x30
[  101.701201][  T292]  __kasan_kmalloc+0x95/0xb0
[  101.705795][  T292]  __kmalloc+0xb1/0x1e0
[  101.709956][  T292]  hci_alloc_dev_priv+0x27/0x1bd0
[  101.714975][  T292]  hci_uart_tty_ioctl+0x3d6/0xa20
[  101.719995][  T292]  tty_ioctl+0x8ef/0xc60
[  101.724229][  T292]  __se_sys_ioctl+0x12f/0x1b0
[  101.728894][  T292]  __x64_sys_ioctl+0x7b/0x90
[  101.733470][  T292]  x64_sys_call+0x58b/0x9a0
[  101.737963][  T292]  do_syscall_64+0x4c/0xa0
[  101.742368][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  101.748275][  T292] 
[  101.750591][  T292] Freed by task 4495:
[  101.754555][  T292]  kasan_set_track+0x4b/0x70
[  101.759147][  T292]  kasan_save_free_info+0x31/0x50
[  101.764168][  T292]  ____kasan_slab_free+0x132/0x180
[  101.769267][  T292]  __kasan_slab_free+0x11/0x20
[  101.774019][  T292]  slab_free_freelist_hook+0xc2/0x190
[  101.779381][  T292]  __kmem_cache_free+0xb7/0x1b0
[  101.784244][  T292]  kfree+0x6f/0xf0
[  101.787963][  T292]  hci_release_dev+0x12a3/0x13b0
[  101.792920][  T292]  bt_host_release+0x82/0x90
[  101.797503][  T292]  device_release+0xa4/0x1d0
[  101.802083][  T292]  kobject_put+0x19d/0x280
[  101.806492][  T292]  put_device+0x1f/0x30
[  101.810642][  T292]  hci_dev_cmd+0x265/0x720
[  101.815055][  T292]  hci_sock_ioctl+0x41e/0x7f0
[  101.819741][  T292]  sock_do_ioctl+0x101/0x310
[  101.824326][  T292]  sock_ioctl+0x4d8/0x6e0
[  101.828667][  T292]  __se_sys_ioctl+0x12f/0x1b0
[  101.833366][  T292]  __x64_sys_ioctl+0x7b/0x90
[  101.837945][  T292]  x64_sys_call+0x58b/0x9a0
[  101.842441][  T292]  do_syscall_64+0x4c/0xa0
[  101.846863][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  101.852750][  T292] 
[  101.855061][  T292] Last potentially related work creation:
[  101.860757][  T292]  kasan_save_stack+0x3a/0x60
[  101.865422][  T292]  __kasan_record_aux_stack+0xb6/0xc0
[  101.870784][  T292]  kasan_record_aux_stack_noalloc+0xb/0x10
[  101.876583][  T292]  insert_work+0x51/0x300
[  101.880906][  T292]  __queue_work+0x9b1/0xd30
[  101.885411][  T292]  queue_work_on+0xd2/0x140
[  101.889916][  T292]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  101.894847][  T292]  hci_cmd_sync_status+0x53/0x120
[  101.899860][  T292]  hci_dev_cmd+0x33b/0x720
[  101.904284][  T292]  hci_sock_ioctl+0x41e/0x7f0
[  101.908963][  T292]  sock_do_ioctl+0x101/0x310
[  101.913543][  T292]  sock_ioctl+0x4d8/0x6e0
[  101.917875][  T292]  __se_sys_ioctl+0x12f/0x1b0
[  101.922541][  T292]  __x64_sys_ioctl+0x7b/0x90
[  101.927126][  T292]  x64_sys_call+0x58b/0x9a0
[  101.931621][  T292]  do_syscall_64+0x4c/0xa0
[  101.936030][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  101.941914][  T292] 
[  101.944225][  T292] Second to last potentially related work creation:
[  101.950804][  T292]  kasan_save_stack+0x3a/0x60
[  101.955474][  T292]  __kasan_record_aux_stack+0xb6/0xc0
[  101.960862][  T292]  kasan_record_aux_stack_noalloc+0xb/0x10
[  101.966669][  T292]  insert_work+0x51/0x300
[  101.971009][  T292]  __queue_work+0x9b1/0xd30
[  101.975503][  T292]  queue_work_on+0xd2/0x140
[  101.979997][  T292]  hci_cmd_timeout+0x191/0x200
[  101.984751][  T292]  process_one_work+0x71f/0xc40
[  101.989681][  T292]  worker_thread+0xa29/0x11f0
[  101.994353][  T292]  kthread+0x281/0x320
[  101.998410][  T292]  ret_from_fork+0x1f/0x30
[  102.002817][  T292] 
[  102.005128][  T292] The buggy address belongs to the object at ffff88810ce80000
[  102.005128][  T292]  which belongs to the cache kmalloc-8k of size 8192
[  102.019166][  T292] The buggy address is located 2560 bytes inside of
[  102.019166][  T292]  8192-byte region [ffff88810ce80000, ffff88810ce82000)
[  102.032599][  T292] 
[  102.034912][  T292] The buggy address belongs to the physical page:
[  102.041347][  T292] page:ffffea000433a000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ce80
[  102.051593][  T292] head:ffffea000433a000 order:3 compound_mapcount:0 compound_pincount:0
[  102.059903][  T292] flags: 0x4000000000010200(slab|head|zone=1)
[  102.065979][  T292] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043500
[  102.074554][  T292] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  102.083129][  T292] page dumped because: kasan: bad access detected
[  102.089538][  T292] page_owner tracks the page as allocated
[  102.095236][  T292] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 285, tgid 285 (syz-executor), ts 22068962367, free_ts 18769171569
[  102.116436][  T292]  post_alloc_hook+0x1f5/0x210
[  102.121203][  T292]  prep_new_page+0x1c/0x110
[  102.125702][  T292]  get_page_from_freelist+0x2c7b/0x2cf0
[  102.131241][  T292]  __alloc_pages+0x1c3/0x450
[  102.135830][  T292]  alloc_slab_page+0x6e/0xf0
[  102.140421][  T292]  new_slab+0x98/0x3d0
[  102.144502][  T292]  ___slab_alloc+0x6bd/0xb20
[  102.149087][  T292]  __slab_alloc+0x5e/0xa0
[  102.153415][  T292]  __kmem_cache_alloc_node+0x203/0x2c0
[  102.158868][  T292]  __kmalloc_node+0xa1/0x1e0
[  102.163455][  T292]  kvmalloc_node+0x294/0x480
[  102.168051][  T292]  wg_packet_queue_init+0x95/0x320
[  102.173161][  T292]  wg_newlink+0x43c/0x7a0
[  102.177497][  T292]  rtnl_newlink+0x14b9/0x2030
[  102.182172][  T292]  rtnetlink_rcv_msg+0x9f4/0xcf0
[  102.187175][  T292]  netlink_rcv_skb+0x1f2/0x440
[  102.191956][  T292] page last free stack trace:
[  102.196614][  T292]  free_unref_page_prepare+0x742/0x750
[  102.202081][  T292]  free_unref_page+0x8f/0x530
[  102.206750][  T292]  __free_pages+0x67/0x100
[  102.211157][  T292]  __free_slab+0xca/0x1a0
[  102.215483][  T292]  __unfreeze_partials+0x160/0x190
[  102.220589][  T292]  put_cpu_partial+0xa9/0x100
[  102.225274][  T292]  __slab_free+0x1c4/0x280
[  102.229690][  T292]  ___cache_free+0xbf/0xd0
[  102.234099][  T292]  qlist_free_all+0xc6/0x140
[  102.238676][  T292]  kasan_quarantine_reduce+0x14a/0x170
[  102.244124][  T292]  __kasan_slab_alloc+0x24/0x80
[  102.248967][  T292]  slab_post_alloc_hook+0x4f/0x2d0
[  102.254076][  T292]  kmem_cache_alloc+0x16e/0x330
[  102.258918][  T292]  vm_area_alloc+0x24/0x1a0
[  102.263415][  T292]  mmap_region+0xf9f/0x2290
[  102.267910][  T292]  do_mmap+0x843/0xdc0
[  102.271971][  T292] 
[  102.274285][  T292] Memory state around the buggy address:
[  102.279920][  T292]  ffff88810ce80900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  102.287971][  T292]  ffff88810ce80980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  102.296022][  T292] >ffff88810ce80a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  102.304068][  T292]                    ^
[  102.308141][  T292]  ffff88810ce80a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  102.316186][  T292]  ffff88810ce80b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  102.324227][  T292] ==================================================================
[  102.332284][  T292] Disabling lock debugging due to kernel taint
[  102.458292][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  102.470114][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  102.478525][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G    B              syzkaller #0
[  102.487024][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  102.497074][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  102.502363][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ac 4b 6d 00 49 8b 7d 00 e8 53 d7
[  102.521980][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  102.528040][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100335100
[  102.536007][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  102.543969][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  102.551944][    C1] R10: ffffed10219d0139 R11: 1ffff110219d0139 R12: dffffc0000000000
[  102.559909][    C1] R13: 0000000000000000 R14: ffff88810ce809c8 R15: 0000000000000008
[  102.567867][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  102.576786][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.583360][    C1] CR2: 00007f51ba3b4198 CR3: 0000000121036000 CR4: 00000000003506a0
[  102.591343][    C1] Call Trace:
[  102.594633][    C1]  <IRQ>
[  102.597500][    C1]  delayed_work_timer_fn+0x61/0x80
[  102.602616][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  102.608446][    C1]  call_timer_fn+0x46/0x2a0
[  102.612950][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  102.618787][    C1]  __run_timers+0x667/0x9a0
[  102.623295][    C1]  ? calc_index+0x200/0x200
[  102.627805][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  102.633012][    C1]  run_timer_softirq+0x6a/0xf0
[  102.637834][    C1]  handle_softirqs+0x1d7/0x600
[  102.642607][    C1]  ? irqtime_account_irq+0xc4/0x240
[  102.647819][    C1]  __irq_exit_rcu+0x52/0xf0
[  102.652319][    C1]  irq_exit_rcu+0x9/0x10
[  102.656565][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  102.662225][    C1]  </IRQ>
[  102.665169][    C1]  <TASK>
[  102.668098][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  102.674081][    C1] RIP: 0010:default_idle+0xf/0x20
[  102.679105][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d d3 3f 52 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  102.698708][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[  102.704797][    C1] RAX: ffff8881f7100000 RBX: ffff888100335100 RCX: 4139405a27c2e100
[  102.712766][    C1] RDX: 0000000000000001 RSI: ffffffff85aa1140 RDI: ffffffff85aa1100
[  102.720739][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[  102.728710][    C1] R10: 0000000000000000 R11: ffffffff84f3f260 R12: 0000000000000000
[  102.736686][    C1] R13: 0000000000000000 R14: ffff888100335100 R15: dffffc0000000000
[  102.744671][    C1]  ? __cfi_default_idle+0x10/0x10
[  102.749725][    C1]  arch_cpu_idle+0x1c/0x20
[  102.754172][    C1]  default_idle_call+0x71/0x1d0
[  102.759013][    C1]  do_idle+0x1a7/0x520
[  102.763078][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  102.768269][    C1]  ? schedule_idle+0x5b/0x90
[  102.772861][    C1]  cpu_startup_entry+0x43/0x60
[  102.777627][    C1]  start_secondary+0x119/0x120
[  102.782396][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[  102.788288][    C1]  </TASK>
[  102.791321][    C1] Modules linked in:
[  102.795214][    C1] ---[ end trace 0000000000000000 ]---
[  102.800657][    C1] RIP: 0010:__queue_work+0x575/0xd30
[  102.805960][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ac 4b 6d 00 49 8b 7d 00 e8 53 d7
[  102.825555][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[  102.831618][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100335100
[  102.839599][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  102.847576][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[  102.855558][    C1] R10: ffffed10219d0139 R11: 1ffff110219d0139 R12: dffffc0000000000
[  102.863620][    C1] R13: 0000000000000000 R14: ffff88810ce809c8 R15: 0000000000000008
[  102.871587][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  102.880598][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.887180][    C1] CR2: 00007f51ba3b4198 CR3: 0000000121036000 CR4: 00000000003506a0
[  102.895147][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  102.902654][    C1] Kernel Offset: disabled
[  102.906973][    C1] Rebooting in 86400 seconds..