last executing test programs:

22.655621941s ago: executing program 3 (id=201):
unshare(0x600)
r0 = socket(0xa, 0x3, 0xff)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x8, 0x2c, 0x1, @rand_addr=' \x01\x00', @local, {[@hopopts={0xff}]}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="18"], 0x0, 0x7, 0x0, 0x0, 0x41100, 0x9}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x40000060)

22.333259666s ago: executing program 3 (id=209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

22.311816557s ago: executing program 3 (id=210):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014004000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r2}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

22.272807937s ago: executing program 3 (id=211):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000300)={[{@auto_da_alloc_val}, {@test_dummy_encryption_v1}, {@init_itable_val={'init_itable', 0x3d, 0x5c}}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x45c, &(0x7f00000003c0)="$eJzs3MtvG0UYAPBv7Til9JFQyqMPIFAQEY+kaQv0wAEQSByKhAQHOEZJWpW6DWqCRKuIpgiVE0JI3BFH/gVOcEGIExJXuKNKFcqlLReM1t5NbMd283BqiH8/aduZ3dnOfJ4de3bHbgB9ayT9I4nYHRG/R8RQLdtYYKT2162lhanbSwtTSVQq7/yVVMvdXFqYyovm5+3KMqM7IuKzJA61qHfu0uVzk+XyzMUsPz5//sPxuUuXnz97fvLMzJmZC8dOnjxxfOKlF4+90JU40zbdPPjJ7OEDb77/1VunvmiIvymOLhnpdPCpSqXL1fXWnrp0MtDDhrAuxYhIu6tUHf9DUYyVzhuKNz7taeOALVWpVCq72h9erADbWBKNeUMe+kX+QZ/e/+Zb8yTgla2bfvTcjVdrN0Bp3LeyrXZkIApZmVLT/W03jUTEe4t/f5NuUe2Hvd1+DgEA0OCHdP7zXKv5XyEerCu3N1sbGo6I+yJiX0TcHxH7I+KBiGrZhyLi4XXW37xIsnr+Wbi+ocDWKJ3/vZytbTXO//LZXwwXs9yeavyl5PTZ8szR7DUZjdKOND/RoY4fX//ty3bH6ud/6ZbWn88Fs3ZcH9jReM705PzkZmKud+NqxMGBVvEnyysBSUQciIiDG6zj7DPfHW537M7xd9CFdabKtxFP1/p/MZrizyWd1yfH74nyzNHx/KpY7Zdfr73douZ/YrPxd0Ha//e2vP6X4x9O6tdr59Zfx7U/Pm97T7Om6/9K4znp9T+YvFtND2b7Pp6cn784ETGYnKo1un7/sZVz83xePo1/9Ejr8b8vVl6JQxGRXsSPRMSjEfFY1vbHI+KJiDjSIf6fX3vyg43Hv7XS+KfX1f8ricFo3tM6UTz30/cNlQ6viv925/e/E9XUaLZnLe9/a2nXxq5mAAAA+P8pRMTuSApjy+lCYWys9n35/RGF8uzc/LOnZz+6MF37jcBwlAr5k66huuehE9ltfS1/NSJqXy3Ijx/Pnht/XdxZzY9NzZanex089LldbcZ/6s9ir1sHbDm/14L+ZfxD/zL+oX8Z/9C/Woz/nb1oB3D3tfr8v9KDdgB3X9P4t+wHfcT9P/SvtuN/O//PP0CVz3/oS3M7484/ku+YyP+lDZ6+bRNR+k80Y/OJStKyc6PQ64ZJbGWit+9LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fJvAAAA//+KNeJZ")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0x0, 0x0, &(0x7f00000007c0))
mount$incfs(&(0x7f0000000140)='./bus\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000240), 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')

22.08799863s ago: executing program 3 (id=212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000))

21.950285192s ago: executing program 3 (id=213):
timer_create(0x2, 0x0, &(0x7f00000000c0))
timer_create(0x2, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {r1, r2+10000000}}, 0x0)
unshare(0x42000000)

21.918934093s ago: executing program 32 (id=213):
timer_create(0x2, 0x0, &(0x7f00000000c0))
timer_create(0x2, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {r1, r2+10000000}}, 0x0)
unshare(0x42000000)

21.403730521s ago: executing program 4 (id=223):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000380)=0x200000000)
readv(r0, &(0x7f00000008c0)=[{&(0x7f00000003c0)=""/207, 0x48}, {0x0}], 0x2)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x3)

21.318128283s ago: executing program 4 (id=225):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)

21.298118003s ago: executing program 4 (id=226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000001000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x30}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x0, 0x0, 0x0)

21.241887284s ago: executing program 4 (id=228):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@minixdf}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file2\x00', 0x42, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
setxattr$security_capability(&(0x7f0000000900)='./file7\x00', 0x0, 0x0, 0x0, 0x1)

21.132529365s ago: executing program 4 (id=232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$UHID_CREATE(r2, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x9, 0x1, 0x4, 0xc08}}, 0x120)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/144, 0x90}], 0x1)

20.876273669s ago: executing program 4 (id=237):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x8140aecc, &(0x7f0000000080)={0x2, 0x0, 0x6})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$KVM_SET_MSRS(r2, 0x4140aecd, &(0x7f0000000080)=ANY=[])

20.876193629s ago: executing program 33 (id=237):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x8140aecc, &(0x7f0000000080)={0x2, 0x0, 0x6})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$KVM_SET_MSRS(r2, 0x4140aecd, &(0x7f0000000080)=ANY=[])

11.152242313s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

9.290024752s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

7.285834224s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

4.36171972s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

3.218275399s ago: executing program 0 (id=562):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x2f, 0x9, 0x10, 0x3, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7819, 0x80, 0x0, 0x7e4}})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000004280)={&(0x7f00000000c0)='kfree\x00', r0}, 0x18)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000040)=@ethtool_cmd={0xa, 0x3, 0x2, 0x1, 0xd0, 0x3, 0x0, 0xa3, 0x70, 0x1, 0x2b, 0xd, 0x92d1, 0xa, 0x1, 0x10000002, [0x3, 0x408]}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@security={'security\x00', 0xe, 0x4, 0x340, 0xffffffff, 0xd0, 0x1c8, 0xd0, 0xffffffff, 0xffffffff, 0x298, 0x298, 0x298, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x37}, @ipv4={'\x00', '\xff\xff', @remote}, [0xffffffff, 0xff, 0xff000000], [0xff000000, 0xff000000, 0xff000000, 0xffffff00], 'syz_tun\x00', 'dummy0\x00', {}, {}, 0x70, 0x5c, 0x1}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xb}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1b, 0x9, 0xfff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)

3.14217109s ago: executing program 0 (id=566):
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
unshare(0x40020200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="441f0803", 0x1f)

3.083951291s ago: executing program 0 (id=568):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f0000000180))

2.689960407s ago: executing program 6 (id=578):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r2, 0x5120b}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

2.651118138s ago: executing program 6 (id=580):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240000000000800014000000000090001007379"], 0xdc}}, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000001c00c9242bbd7000fbdbdf2507000000", @ANYRES32=r1, @ANYBLOB="80001e0a0a000200aaaaaaaaaa1b000008000f"], 0x30}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)

2.586001298s ago: executing program 6 (id=582):
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@o_path={0x0}, 0x18)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100)=0x4, 0x2)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x16, 0x4, 0x0, 0x3c, 0x0, 0x0, 0x4de, 0x0, 0x1, 0x0, @dev, @local, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@broadcast, 0x3}, {@broadcast}]}]}}}}}}}, 0x0)

2.197869265s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

941.422675ms ago: executing program 0 (id=591):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000440)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0x80086601, 0xffffffffffffffff)

940.143885ms ago: executing program 6 (id=594):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0xb4)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})

842.226366ms ago: executing program 0 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
timer_create(0x9, 0x0, &(0x7f0000000400)=<r2=>0x0)
timer_delete(r2)

841.805066ms ago: executing program 6 (id=598):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

841.349216ms ago: executing program 0 (id=600):
syz_io_uring_setup(0x313c, &(0x7f0000000000)={0x0, 0xff, 0x3600, 0x3, 0x372}, 0x0, 0x0)
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x6568, 0x4)
recvmmsg(r0, &(0x7f0000005100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002100)=""/4096, 0x1000}, 0x5661}], 0x1, 0x100, 0x0)

651.825999ms ago: executing program 5 (id=607):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000010000000500080001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

557.86241ms ago: executing program 5 (id=608):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{r0}, &(0x7f0000000040), &(0x7f0000000ac0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa04710, &(0x7f0000000280)={[{@user_xattr}, {@i_version}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@nogrpid}, {@jqfmt_vfsv0}, {@delalloc}, {@nolazytime}]}, 0x0, 0x448, &(0x7f0000000740)="$eJzs28tvG8UfAPDvrpP29+sroZRHS4FAQUQ8kiYt0AMXEEgcQEKCQzkGJ61K3QY1QaJVBAGhckSVuCOOSPwFnOCCgBMSV7ijShXk0sIpaNe7qePGbh4OTuPPR9p2xjv2zNez453d2QTQs4ayf5KIPRHxW0QM1LPLCwzV/7uxMFf9e2GumsTi4pt/Jnm56wtz1bJo+b7dRWY4jUg/TYpKlpu5eOnsRK02daHIj86ee2905uKlZ86cmzg9dXrq/PiJE8ePjT3/3Pizqw8mSVru2pu19dCH04cPvvr2lderJ6+889M3Wek9xf7GODYibUgPZYH/tZhrLvd4JyrbQvY2pJO+25dha6hERNZd/fn4H4hK3Oy8gXjlk642DthU2blpZ+vd84vANpZEt1sAdEd5os+uf8vtP5p6bAnXXqxfAF1P5qo3FupbfU/f0rV8/yZeuw5FxMn5f77MtujgfQgAgFa+y+Y/T680/0vj3oZy+4q1ocGIuCsi9kfE3RFxICLuicjL3hcR999SQ9q2/ualoVvnP+nVdQe3Ctn874VibWv5/G+p3YOVIrc3j78/OXWmNnW0+E6Go39nlh9rU8f3L//6eat9jfO/bMvqL+eCRTuu9jXdoJucmJ3IJ6UdcO3jiEN9K8WfLK0EJBFxMCIOre2j95WJM09+fbhVodvH30aLdaa1WPwq4ol6/89HU/ylpP365Oj/ojZ1dLQ8Km718y+X32hV/4bi74Cs/3ctP/6biwwmjeu1M2uv4/Lvn7W8plnv8b8jeSvvlx3Fax9MzM5eGIvYkbyW55e9Pn7zvWW+LJ/FP3xk5fG/v3hPVs8DEZEdxA9GxEMR8XDR9kci4tGIONIm/h9feuzd9ce/ubL4J1f8/Vs6/pv6f+2Jytkfvm1V/+r6/3ieGi5eyX//bmO1DdzIdwcAAAB3ijR/Bj5JR5bSaToyUn+G/0DsSmvTM7NPnZp+//xk/Vn5wehPyztdAw33Q8eS+eIT6/nx4l5xuf9Ycd/4i8r/8/xIdbo22eXYodftbjH+M39Uut06YNN1YB0NuEM1j//2j2wA24nzP/Qu4x96l/EPvWul8f9RU95aAGxPzv/Qu4x/6F3GP/Qu4x960kb+rl+ilxORbolmSGxSotu/TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xbwAAAP//Q+vspg==")
fadvise64(r2, 0xf, 0x7, 0x0)

550.952441ms ago: executing program 6 (id=609):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x59dc6d71776a1654}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect$cdc_ncm(0x0, 0x5, 0x0, 0x0)

525.279751ms ago: executing program 1 (id=610):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c000006000000000000f183850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="03000000000000000000210000000c00018008000100", @ANYRES32=r2], 0x20}}, 0x0)

413.266923ms ago: executing program 1 (id=611):
socket$tipc(0x1e, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x41, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x533, &(0x7f0000000b00)="$eJzs3e9rI2kdAPDvTJped7dncyqyHnh3uCe7h26yvXp3VeRuBdFXB+r5fi1tWkrTpjTpuS2H9vCFLwURFfwDfCP4Bwhyf4IIB/peVBTRPX2pO5Jkgv2RNKFNN73084Fpnmcm83y/z9BMZiYPMwFcWS9ExP2IKETESxExl89P8ykOOlPrfR88eme5NSWRZW/9I4kkn9dtq1Wfiogb+WozEfHNr0XcSk/GbeztbyzVatWdvF5pbm5XGnv7d9c3l9aqa9WthYX5VxdfW3xl8V6WO1c/SxHx+lf+8pMf/uKrr//mc9/544O/3fluK98vfaKTd0QsnytAH522i+1t0dXaRjsXEWxMWv0pFsadBQAAw2gdmn80Ij7dPv6fi0L7aA4AAACYJNkbs/GfJCIDAAAAJlYaEbORpOV8LMBspGm53BnD+/G4ntbqjeZnV+u7WyutZRGlKKar67XqvXyscCmKSas+n4+x7dZfPlZfiIhnIuLHc9fa9fJyvbYy7osfAAAAcEXceP7o+f+/59J2GQAAAJgwpb4VAAAAYFI45QcAAIDJ5/wfAAAAJtrX33yzNWXd53ivvL23u1F/++5KtbFR3txdLi/Xd7bLa/X6WvuefZuD2qvV69ufj63dh5VmtdGsNPb2H2zWd7eaD9aPPAIbAAAAeIKeef69PyQRcfDFa+0p8vsADjJ94ZkBl8qfx50AMEqFcScAjM3UuBMAxqY48B32EDDpkgHLTw7e6VwrjN9eTD4AAMDo3f7kyd//u7/tD742AHyYDTPWBwCYLH7dg6ureNYRgDdHnQkwLh/pvDzVb3nfm3cM8ft/5xpDlp0pMQAAYGRm21OSlvPj9NlI03I54un2YwGKyep6rXovPz/4/VzxqVZ9vr1mMnDMMAAAAAAAAAAAAAAAAAAAAAAAAADQkWVJZAAAAMBEi0j/mrTv5h9xe+7F2aNXB4499evnb/304VKzuTMfMZ38c641azoimj/L57+ceSQAAAAAXAKd8/T8dX7c2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwaT549M5yd3qScf/+5Ygo9Yo/FTPt15koRsT1fyUxdWi9JCIKI4h/8G5E3OwVP4nHWZaV8ix6xb92wfFL7U0zkyX5ew/HTyPixgjiw1X2Xmv/c7/X5y+NF9qvvT//U8c+j2fV3f9N5/XD8bv7v0Kf/c/Th+tp/xjPvv+rSt/470Y8O9WJez+O7n+68ZNO/CSOxb81ZB+//a39/Z4LDjXZa/93OFalubldaezt313fXFqrrlW3FhbmX118bfGVxXuV1fVaNf/bM8yPPvXrx6f1/3qf+KWj/T+x/V8cqvdZ/Pf9h48+1qkUe8W/c6v39+/NPvHT/LvvM3m5tfx2t3zQKR/23C9/99xp/V/p0/+ZAf2/M1T/4wsvfeP7f+q55MTWAACehMbe/sZSrVbdOaUwM8R7hi4URtLOGyPL57IU4nKkMa5C9r3O/+P52jnn6icKWfUHZ199KkaQxvSJz2khztpgEnHQamvIf0gAAGDC/P+gPxl3KgAAAAAAAAAAAAAAAAAAAHBlnfG2ZDMR0ZlTHHw7seMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU/0vAAD//xluyPE=")

412.901473ms ago: executing program 5 (id=612):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103042, 0x17e)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0x8004587d, &(0x7f0000000080))

254.516336ms ago: executing program 1 (id=613):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

237.712206ms ago: executing program 5 (id=614):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000040)={{0x80a0000, 0x6000, 0x10, 0x5, 0x3, 0xb, 0x4, 0x4, 0x0, 0x0, 0x5, 0x67}, {0xffff1000, 0x100000, 0x10, 0xc, 0x40, 0x0, 0x6, 0x7, 0x1, 0x5, 0x6, 0x3}, {0xdddd0000, 0x2, 0x0, 0x2, 0xc, 0x5, 0x28, 0x4, 0xff, 0x2, 0x5, 0x9}, {0x0, 0xdddd3000, 0x4, 0x77, 0x7f, 0xd, 0x4, 0xd, 0x7e, 0x8, 0x81, 0x8}, {0xdddd1000, 0x4000, 0x3, 0x1, 0x81, 0x3, 0x9, 0x3, 0xbf, 0x7, 0x25, 0x7}, {0x3000, 0x4000, 0x8, 0x9, 0x8, 0x2, 0x4, 0x9, 0x44, 0x5, 0xb, 0x7}, {0xdddd1000, 0xdddd0000, 0xc, 0x3, 0x8, 0x0, 0x9d, 0x5, 0x7, 0xe, 0x7f, 0xd7}, {0x10000, 0x3000, 0x8, 0xba, 0x1, 0x7, 0xa0, 0x6, 0x5, 0x1, 0x7, 0x5}, {0xeeef0000, 0x3}, {0x1000, 0xa311}, 0x40004, 0x0, 0xeefff000, 0x0, 0xd, 0x2000, 0xeeee0000, [0x9, 0x800, 0x400, 0x3]})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0xaaaacb1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0xdddd0000, 0xe, 0xf0, 0x40, 0xfd, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x6}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0x8, 0x5, 0xf, 0x3, 0xca}, {0xeeee0000, 0xe6e50002, 0xb, 0x0, 0x2, 0x7, 0x4, 0x1, 0xc, 0x0, 0x6, 0x5}, {0xeeef0000, 0x3000, 0xd, 0xf, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x0, 0x1}, {0x100000, 0x0, 0x3, 0x1, 0x3, 0x9, 0x9, 0x7, 0x5, 0x4, 0x1e, 0x4b}, {0x2, 0xd000, 0x9, 0x7, 0x4, 0x6e, 0x1, 0xff, 0x4, 0x80, 0x1, 0xfc}, {0x6000, 0x1000, 0xf, 0x9d, 0x3, 0x0, 0x1, 0xb, 0x5, 0x7, 0x0, 0xf8}, {0xffff1000, 0x8000000, 0xd, 0x5, 0x3, 0x3, 0xa, 0x9, 0x54, 0x6, 0x2, 0x7}, {0xeeef0000, 0x5}, {0xdddd1000, 0x9}, 0x40010000, 0x0, 0xf000, 0x300, 0x5, 0x0, 0xe6e70c00, [0xffffffffffffff47, 0x401, 0x7, 0x10800000000000c5]})

156.156857ms ago: executing program 1 (id=615):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setuid(0xee01)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)

155.950237ms ago: executing program 1 (id=616):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000005c0), 0x10)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000001880)=0xd1, 0x4)
read(r0, &(0x7f00000027c0)=""/4073, 0xfe9)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f00000007c0)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x2, 0x0, 0x0, "f97003b8750e5566"}, 0x10}}, 0x0)

94.225948ms ago: executing program 1 (id=617):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f000000a300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80e2101e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf443ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b600", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x90, 0x0, 0x0, {0x3, 0x100000000000000, 0x0, 0x0, 0x0, 0x4, {0x0, 0xffffffffffffffff, 0x200, 0x0, 0x0, 0x8ab0, 0x0, 0x0, 0x102, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$security_capability(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x2)
write$FUSE_INIT(r0, &(0x7f0000000e00)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x23072d}}, 0x50)

83.060538ms ago: executing program 5 (id=618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

2.38649ms ago: executing program 5 (id=619):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000b00)={"c86780218d5cd43fb2b8ba3723bb8b6a28cbbac75f8ae356c82e5cf4f1bebf786fb81a3fd5bf9d2b21cb1d4302dd23477a4d74f7d6ba39cbf589e02d6cc4b53599c3588793f1d1aac6f97c69ff3ed357e7591fa081337f55679555cf714d1d1ae2d65af9617ab93ed37267f943391e718fa6d02f266033cd1562896781938aa0a10f422a4227a37243f32abfd6f5a25faa04211ee846815b8885e0508a7861ccb519f5d2b2ce4c1013556d8e001eb33299429a187727752ab949be04d7b14261d6f51420b5e27c3552cb3527f3f79860a3de1a20089b520cac7e025a5f2070189114c83cf1672f5ebfdc5bd4c34d98dd4337f3e66dfa417306f729ae846f3a63f939e8e3e56b4291b112ab1f001eb8ddc851b09cb3321e92af3bdef4229c6db1a150c5e0128ec2c4fa5b207ce78271739d738356ff8b1d5fb61e36e8df271d8b4235173d32ba9a09979fecb385c09697bd6c9d142673c49b423a58d72d10cfcaed6ee6b63dac513f5d580e9e33df1710a2893bd84e18ad40d8eaa52a0c2e0d808de377a4e293a989127fbea3590f19ea00256a81b092d5455352ce59c8d38f8590c8a0d903317563e8ba31496dc4e2386415f1f9ca62a6a8d226e463e323c39e96a8cf9fb63d421bdc7e0bffbbc7e0f14b8c9e7d0783a3f01210e49249ed9c7173f0cb978ba9422d45a1478666aed4fece7782613959abd0df2b05c215250998a58706d38d7ac5904b499ad9fe27c3099e1303e94d6b8de8e3f9f83354f4051e1886d6a2483fc430bf0c40fbd00e5bf5c5c1e4f6da5034522c0ba75bdf2edaa835ddd42e957471462e9dfb834048d5ccafff2372a3750d6b86cc7186f8d75e5fff3d8d2b70fab37654fd717c92b87af796a73546412102196eb94c005cf35887c8bcc81098ec43cf0cf52da708307588ce01db4d5f1b5e9f13f2ac2a680e44b3ae59acfd72813c9b3fd0bbcd979c2a77deb069220d8387ddf83e8aa2968bdec40ebe0f537484a07a1b3a1f279c0294524567d7f5ffe90b587e65e68c93456882008db7e1a5abf5e6e33cd0bb88eb4c4775940eb3dd0d05cab225f2d2ffc87b8917c44a35308669be264cb906e0c857a2db409f7dfa02a47ed90a4e728b418899ffb334b9cbc9a0e0b31920ec2bed54a8fd32a6df3e9b4c71aec166a01c4026ec098efed55e09aef42e88e06ba9770b1edf28c44128d6e8773d584b7ff27bacce0598e308dde506bf7e32ec71a5b0b526b0b0d9415d8e8c62b233f19418ff691c485b8848d403e5fc758f353483ce66f5fa4c13c89cb54bf9ee43de0dcf25bcb7bee53f0e08f925f63effa632ebfea6011f4b6dd371361d7ed697a7e8dd666718e5c567a7ce5ec3e43507dcbd82ae9b814e4a965e6b22c57964c1642c56aa832236bd0bba89a9721dd73d093f9bad3069a76b0e68737af14938b295998e1870dd"})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xd23c0853f5c4551d, 0x4000, 0x5, 0x1, 0x7})

0s ago: executing program 2 (id=203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e7400"], 0x0)

kernel console output (not intermixed with test programs):

cess permissive=1
[   15.096752][   T28] audit: type=1400 audit(1753109001.639:63): avc:  denied  { siginh } for  pid=226 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   16.080699][  T230] sftp-server (230) used greatest stack depth: 22336 bytes left
Warning: Permanently added '10.128.0.147' (ED25519) to the list of known hosts.
[   22.671375][   T28] audit: type=1400 audit(1753109009.229:64): avc:  denied  { mounton } for  pid=276 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   22.672889][  T276] cgroup: Unknown subsys name 'net'
[   22.694256][   T28] audit: type=1400 audit(1753109009.229:65): avc:  denied  { mount } for  pid=276 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.721832][   T28] audit: type=1400 audit(1753109009.259:66): avc:  denied  { unmount } for  pid=276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.722046][  T276] cgroup: Unknown subsys name 'devices'
[   22.861741][  T276] cgroup: Unknown subsys name 'hugetlb'
[   22.867425][  T276] cgroup: Unknown subsys name 'rlimit'
[   23.002650][   T28] audit: type=1400 audit(1753109009.559:67): avc:  denied  { setattr } for  pid=276 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   23.025852][   T28] audit: type=1400 audit(1753109009.559:68): avc:  denied  { mounton } for  pid=276 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   23.048379][  T278] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   23.050893][   T28] audit: type=1400 audit(1753109009.559:69): avc:  denied  { mount } for  pid=276 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   23.082306][   T28] audit: type=1400 audit(1753109009.619:70): avc:  denied  { relabelto } for  pid=278 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.103219][  T276] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   23.108033][   T28] audit: type=1400 audit(1753109009.619:71): avc:  denied  { write } for  pid=278 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.142235][   T28] audit: type=1400 audit(1753109009.659:72): avc:  denied  { read } for  pid=276 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.167890][   T28] audit: type=1400 audit(1753109009.659:73): avc:  denied  { open } for  pid=276 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.930205][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.937280][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.944877][  T284] device bridge_slave_0 entered promiscuous mode
[   23.952201][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.959285][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.966799][  T284] device bridge_slave_1 entered promiscuous mode
[   23.984300][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.991724][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.999211][  T285] device bridge_slave_0 entered promiscuous mode
[   24.024712][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.032006][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.039606][  T285] device bridge_slave_1 entered promiscuous mode
[   24.104875][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.111981][  T287] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.119375][  T287] device bridge_slave_0 entered promiscuous mode
[   24.144825][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.151952][  T287] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.159377][  T287] device bridge_slave_1 entered promiscuous mode
[   24.172742][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.180014][  T288] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.187483][  T288] device bridge_slave_0 entered promiscuous mode
[   24.194310][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.201513][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.209038][  T286] device bridge_slave_0 entered promiscuous mode
[   24.223765][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.231051][  T288] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.238582][  T288] device bridge_slave_1 entered promiscuous mode
[   24.245336][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.252413][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.259914][  T286] device bridge_slave_1 entered promiscuous mode
[   24.445536][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.452737][  T284] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.460133][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.467172][  T284] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.488714][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.495820][  T286] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.503129][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.510173][  T286] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.520072][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.527141][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.534471][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.541554][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.570396][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.577461][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.584812][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.591908][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.609100][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.616206][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.623568][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.630657][  T287] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.656048][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.663723][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.671343][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.678774][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.686423][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.693807][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.701170][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.708535][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.716058][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.723466][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.731927][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.739536][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.770324][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.779508][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.787159][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.795173][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.803675][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.810789][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.818366][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.826884][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.834042][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.841454][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.849782][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.856814][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.864336][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.872598][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.879681][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.887050][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.895318][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.902504][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.911575][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.920162][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.928343][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.935401][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.950921][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.959188][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.967325][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.975802][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.001714][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   25.010099][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.018139][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   25.026816][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.035265][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.042353][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.049866][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.057998][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.066173][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   25.074620][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.083049][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.090120][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.110382][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   25.118584][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.126862][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.135291][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.143931][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.152503][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.178131][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   25.185875][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   25.193551][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   25.202242][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.211019][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.218063][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.225567][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   25.233989][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.242105][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   25.250658][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.258798][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.265860][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.273314][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.281757][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.289895][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.297933][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.306334][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.314011][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.324833][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   25.333132][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.342679][  T285] device veth0_vlan entered promiscuous mode
[   25.356303][  T288] device veth0_vlan entered promiscuous mode
[   25.368663][  T284] device veth0_vlan entered promiscuous mode
[   25.376865][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.385240][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.392952][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.400743][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.409141][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.417683][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.426294][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.434451][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.443095][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.451642][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.459654][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.467813][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.475429][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.490930][  T286] device veth0_vlan entered promiscuous mode
[   25.498611][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.507194][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.516309][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.524625][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.533198][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.540890][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.550945][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.563811][  T288] device veth1_macvtap entered promiscuous mode
[   25.580571][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.589883][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.598138][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.607317][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.616194][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.626391][  T285] device veth1_macvtap entered promiscuous mode
[   25.637355][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.645779][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.654288][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.665323][  T286] device veth1_macvtap entered promiscuous mode
[   25.685088][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.693441][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.701295][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.708849][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.717328][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.725960][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.734555][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.743048][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.751546][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.765539][  T284] device veth1_macvtap entered promiscuous mode
[   25.773405][  T287] device veth0_vlan entered promiscuous mode
[   25.785401][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   25.791273][  T288] request_module fs-gadgetfs succeeded, but still no fs?
[   25.795510][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.808482][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.817905][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.826309][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.835057][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.843752][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.852488][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.860911][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.900768][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.922491][  T287] device veth1_macvtap entered promiscuous mode
[   25.938457][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.953747][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.995489][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   26.004389][  T316] SELinux:  Context system_u:object_r:dpkg_exec_t:s0 is not valid (left unmapped).
[   26.030165][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   26.043940][  T322] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8'.
[   26.066457][  T324] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   26.162344][  T340] tmpfs: Unknown parameter '9'
[   26.461224][  T378] loop1: detected capacity change from 0 to 512
[   26.489569][   T59] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   26.543401][  T378] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   26.555141][  T378] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   26.598046][  T378] syz.1.30 (378) used greatest stack depth: 22304 bytes left
[   26.604979][  T395] loop4: detected capacity change from 0 to 1024
[   26.613118][  T395] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   26.624260][  T285] EXT4-fs (loop1): unmounting filesystem.
[   26.636096][  T395] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #8: comm syz.4.36: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[   26.674706][  T395] EXT4-fs (loop4): no journal found
[   26.697473][   T59] usb 1-1: config index 0 descriptor too short (expected 30768, got 18)
[   26.706015][   T59] usb 1-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[   26.715176][   T59] usb 1-1: config 48 has an invalid descriptor of length 48, skipping remainder of the config
[   26.735827][   T59] usb 1-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[   26.755239][   T59] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[   26.766372][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   26.881609][  T432] SELinux:  policydb version 0 does not match my version range 15-33
[   26.890130][  T432] SELinux: failed to load policy
[   26.945780][  T440] loop4: detected capacity change from 0 to 1024
[   26.961188][  T440] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   26.985965][  T284] EXT4-fs (loop4): unmounting filesystem.
[   27.003151][  T445] input input4: cannot allocate more than FF_MAX_EFFECTS effects
[   27.121937][  T453] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.130629][  T453] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.176547][  T453] netlink: 'syz.1.62': attribute type 16 has an invalid length.
[   27.181180][   T59] usb 1-1: string descriptor 0 read error: -22
[   27.186511][  T453] netlink: 'syz.1.62': attribute type 17 has an invalid length.
[   27.203166][  T453] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   27.210856][  T453] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   27.221654][  T453] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.228950][  T453] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.237482][  T453] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.244775][  T453] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.387759][   T59] usb 1-1: USB disconnect, device number 2
[   27.413053][  T479] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.420869][  T479] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.435955][  T479] device bridge_slave_1 left promiscuous mode
[   27.449814][  T479] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.476812][  T479] device bridge_slave_0 left promiscuous mode
[   27.483147][  T479] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.552757][  T494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.74'.
[   27.642615][  T509] netlink: 96 bytes leftover after parsing attributes in process `syz.3.84'.
[   27.656642][  T505] kvm: emulating exchange as write
[   27.765169][   T28] kauditd_printk_skb: 77 callbacks suppressed
[   27.765184][   T28] audit: type=1400 audit(1753109014.319:151): avc:  denied  { read } for  pid=526 comm="syz.1.91" dev="nsfs" ino=4026532293 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   27.792785][   T28] audit: type=1400 audit(1753109014.329:152): avc:  denied  { open } for  pid=526 comm="syz.1.91" path="net:[4026532293]" dev="nsfs" ino=4026532293 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   27.819976][   T28] audit: type=1400 audit(1753109014.329:153): avc:  denied  { name_bind } for  pid=528 comm="syz.3.92" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   27.842700][   T28] audit: type=1400 audit(1753109014.339:154): avc:  denied  { setopt } for  pid=526 comm="syz.1.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   27.890573][   T28] audit: type=1400 audit(1753109014.449:155): avc:  denied  { read write } for  pid=285 comm="syz-executor" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   27.914780][   T28] audit: type=1400 audit(1753109014.449:156): avc:  denied  { open } for  pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   27.939700][   T28] audit: type=1400 audit(1753109014.449:157): avc:  denied  { ioctl } for  pid=285 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=119 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   27.965313][   T28] audit: type=1400 audit(1753109014.449:158): avc:  denied  { bpf } for  pid=538 comm="syz.1.96" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   27.985941][   T28] audit: type=1400 audit(1753109014.449:159): avc:  denied  { map_create } for  pid=538 comm="syz.1.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   28.006347][   T28] audit: type=1400 audit(1753109014.449:160): avc:  denied  { map_read map_write } for  pid=538 comm="syz.1.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   28.116136][  T560] tipc: Started in network mode
[   28.129687][  T560] tipc: Node identity 2, cluster identity 2
[   28.135626][  T560] tipc: Node number set to 2
[   28.136238][  T563] loop0: detected capacity change from 0 to 2048
[   28.170927][  T569] binder: 568:569 ioctl 4018620d 0 returned -22
[   28.177813][  T569] binder: 568:569 ioctl c018620c 0 returned -14
[   28.201096][  T563] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   28.213755][  T563] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   28.242512][  T576] syz.4.112 (576) used greatest stack depth: 21824 bytes left
[   28.251343][  T286] EXT4-fs (loop0): unmounting filesystem.
[   28.272501][  T581] input: syz0 as /devices/virtual/input/input5
[   28.439571][  T304] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   28.555358][  T631] device pim6reg1 entered promiscuous mode
[   28.571385][  T627] syz.1.134 (627) used greatest stack depth: 21568 bytes left
[   28.585624][  T629] loop0: detected capacity change from 0 to 8192
[   28.596811][  T635] loop1: detected capacity change from 0 to 128
[   28.620661][  T304] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   28.631564][  T629]  loop0: p2 p3 p4[EZD]
[   28.635460][  T640] Zero length message leads to an empty skb
[   28.636539][  T629] loop0: p3 start 360447 is beyond EOD, 
[   28.648344][  T304] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   28.663508][  T629] truncated
[   28.666799][  T629] loop0: p4 size 262912 extends beyond EOD, truncated
[   28.675669][  T304] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   28.685074][  T304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   28.694784][  T304] usb 4-1: Product: syz
[   28.699352][  T304] usb 4-1: Manufacturer: syz
[   28.704198][  T304] usb 4-1: SerialNumber: syz
[   28.916268][  T304] usb 4-1: 0:2 : does not exist
[   28.931448][  T304] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[   28.947006][  T304] usb 4-1: USB disconnect, device number 2
[   29.099487][   T40] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   29.151723][  T687] loop1: detected capacity change from 0 to 2048
[   29.160922][  T687] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   29.226742][  T687] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.160: bg 0: block 408: padding at end of block bitmap is not set
[   29.241376][  T687] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117
[   29.254090][  T687] EXT4-fs (loop1): This should not happen!! Data will be lost
[   29.254090][  T687] 
[   29.299515][   T40] usb 1-1: Using ep0 maxpacket: 16
[   29.305998][   T40] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   29.316567][   T40] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   29.320403][  T327] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 1260 with error 28
[   29.327576][   T40] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   29.338201][  T327] EXT4-fs (loop1): This should not happen!! Data will be lost
[   29.338201][  T327] 
[   29.347663][   T40] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   29.357325][  T327] EXT4-fs (loop1): Total free blocks count 0
[   29.357343][  T327] EXT4-fs (loop1): Free/Dirty block details
[   29.357355][  T327] EXT4-fs (loop1): free_blocks=0
[   29.357366][  T327] EXT4-fs (loop1): dirty_blocks=1264
[   29.357377][  T327] EXT4-fs (loop1): Block reservation details
[   29.393915][   T40] usb 1-1: Product: syz
[   29.398190][   T40] usb 1-1: Manufacturer: syz
[   29.402851][   T40] usb 1-1: SerialNumber: syz
[   29.441225][  T697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.163'.
[   29.450607][  T697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.163'.
[   29.459530][  T697] netlink: 2 bytes leftover after parsing attributes in process `syz.3.163'.
[   29.497288][  T699] loop3: detected capacity change from 0 to 2048
[   29.520714][  T699]  loop3: p1 < > p4
[   29.525136][  T699] loop3: p4 size 8388608 extends beyond EOD, truncated
[   29.665498][  T711] netlink: 88 bytes leftover after parsing attributes in process `syz.3.170'.
[   29.674829][  T711] netlink: 48 bytes leftover after parsing attributes in process `syz.3.170'.
[   29.749577][  T525] Bluetooth: hci0: command 0x1003 tx timeout
[   29.755641][  T359] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   29.813008][   T40] usb 1-1: cannot find UAC_HEADER
[   29.820030][   T40] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   29.858494][   T40] usb 1-1: USB disconnect, device number 3
[   29.876068][  T713] loop4: detected capacity change from 0 to 40427
[   29.890520][  T713] F2FS-fs (loop4): invalid crc value
[   29.923922][  T713] F2FS-fs (loop4): Found nat_bits in checkpoint
[   29.978100][  T713] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   30.026763][  T713] F2FS-fs (loop4): Inconsistent segment (8) type [1, 0] in SSA and SIT
[   30.072923][  T737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'.
[   30.246813][  T749] loop2: detected capacity change from 0 to 128
[   30.257374][  T749] syz.2.187: attempt to access beyond end of device
[   30.257374][  T749] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128
[   30.274308][  T749] syz.2.187: attempt to access beyond end of device
[   30.274308][  T749] loop2: rw=2049, sector=220, nr_sectors = 2 limit=128
[   30.288214][  T749] Buffer I/O error on dev loop2, logical block 110, lost async page write
[   30.369976][  T757] Illegal XDP return value 4294967262 on prog  (id 99) dev N/A, expect packet loss!
[   30.499536][  T304] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   30.679489][  T304] usb 5-1: Using ep0 maxpacket: 32
[   30.685881][  T304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.686226][  T755] loop3: detected capacity change from 0 to 131072
[   30.697414][  T304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.703881][  T755] =======================================================
[   30.703881][  T755] WARNING: The mand mount option has been deprecated and
[   30.703881][  T755]          and is ignored by this kernel. Remove the mand
[   30.703881][  T755]          option from the mount to silence this warning.
[   30.703881][  T755] =======================================================
[   30.748961][  T304] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   30.758362][  T755] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0)
[   30.768101][  T755] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   30.777217][  T755] F2FS-fs (loop3): invalid crc value
[   30.797130][  T304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.805957][  T755] F2FS-fs (loop3): Found nat_bits in checkpoint
[   30.838344][  T774] loop0: detected capacity change from 0 to 512
[   30.841046][  T304] usb 5-1: config 0 descriptor??
[   30.850272][  T774] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   30.864282][  T755] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   30.871715][  T755] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[   30.891646][  T774] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.198: corrupted inode contents
[   30.903770][  T774] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #16: comm syz.0.198: mark_inode_dirty error
[   30.915448][  T774] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.198: corrupted inode contents
[   30.927902][  T755] F2FS-fs (loop3): f2fs_fill_dentries: corrupted namelen=24152, run fsck to fix.
[   30.937511][  T774] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.198: mark_inode_dirty error
[   30.949089][  T774] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.198: corrupted inode contents
[   30.961457][  T755] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[   30.969826][  T774] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   30.989389][  T774] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.198: corrupted inode contents
[   31.007260][  T774] EXT4-fs error (device loop0): ext4_truncate:4314: inode #16: comm syz.0.198: mark_inode_dirty error
[   31.022187][  T774] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   31.031998][  T774] EXT4-fs (loop0): 1 truncate cleaned up
[   31.037724][  T774] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   31.047620][  T774] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   31.060450][  T327] EXT4-fs error (device loop0): ext4_release_dquot:6837: comm kworker/u4:5: Failed to release dquot type 1
[   31.148700][  T286] EXT4-fs (loop0): unmounting filesystem.
[   31.256414][  T304] savu 0003:1E7D:2D5A.0001: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[   31.362045][  T793] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.369217][  T793] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.382101][  T793] device bridge_slave_0 entered promiscuous mode
[   31.384313][  T806] loop3: detected capacity change from 0 to 512
[   31.395479][  T806] EXT4-fs (loop3): Test dummy encryption mode enabled
[   31.402358][  T806] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   31.412345][  T793] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.413971][  T806] EXT4-fs (loop3): 1 truncate cleaned up
[   31.420684][  T793] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.425364][  T806] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   31.443285][  T793] device bridge_slave_1 entered promiscuous mode
[   31.477807][  T806] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   31.512864][  T795] loop0: detected capacity change from 0 to 40427
[   31.520211][  T795] F2FS-fs (loop0): fault_type options not supported
[   31.527749][  T795] F2FS-fs (loop0): invalid crc value
[   31.533752][  T288] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   31.536270][  T795] F2FS-fs (loop0): Found nat_bits in checkpoint
[   31.560794][   T59] usb 5-1: USB disconnect, device number 2
[   31.600978][    T8] device bridge_slave_1 left promiscuous mode
[   31.607286][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.612143][  T795] F2FS-fs (loop0): Start checkpoint disabled!
[   31.621568][    T8] device bridge_slave_0 left promiscuous mode
[   31.622035][  T288] EXT4-fs (loop3): unmounting filesystem.
[   31.627744][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.640667][  T795] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   31.660345][    T8] device veth1_macvtap left promiscuous mode
[   31.666570][    T8] device veth0_vlan left promiscuous mode
[   31.707393][  T795] syz.0.208: attempt to access beyond end of device
[   31.707393][  T795] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[   31.760593][  T308] kworker/u4:3: attempt to access beyond end of device
[   31.760593][  T308] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   31.819663][  T793] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.826792][  T793] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.834407][  T793] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.841479][  T793] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.885604][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.893585][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.901031][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.931304][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.939878][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.946946][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.954748][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.963195][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.970349][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.992281][  T813] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.999499][  T813] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.007107][  T813] device bridge_slave_0 entered promiscuous mode
[   32.020461][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   32.029083][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   32.039803][  T813] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.046873][  T813] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.054943][  T813] device bridge_slave_1 entered promiscuous mode
[   32.061896][  T823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.217'.
[   32.088480][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   32.097114][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.097352][  T825] binder: 824:825 ioctl c018620c 2000000000c0 returned -22
[   32.114659][  T793] device veth0_vlan entered promiscuous mode
[   32.129127][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   32.138146][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.159059][  T793] device veth1_macvtap entered promiscuous mode
[   32.253143][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.260726][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.268313][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.276632][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.285291][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.295160][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.304123][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.312909][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.321621][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.351513][  T835] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   32.359103][  T846] syz.4.226 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   32.378709][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   32.390313][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   32.409289][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   32.417636][  T850] loop4: detected capacity change from 0 to 512
[   32.425635][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   32.434794][  T850] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   32.440326][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   32.453235][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   32.462355][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   32.469403][  T850] EXT4-fs (loop4): 1 truncate cleaned up
[   32.476199][  T850] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   32.476546][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   32.570034][  T860] device bridge1 entered promiscuous mode
[   32.584122][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   32.591929][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   32.601236][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   32.609873][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   32.618038][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.625091][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.633034][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   32.640134][  T284] EXT4-fs (loop4): unmounting filesystem.
[   32.667866][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   32.687408][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   32.713409][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.720697][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.749726][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   32.757861][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   32.775062][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.790754][   T28] kauditd_printk_skb: 139 callbacks suppressed
[   32.790770][   T28] audit: type=1400 audit(1753109019.349:299): avc:  denied  { write } for  pid=867 comm="syz.1.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   32.827239][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.841667][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.877068][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.891890][  T813] device veth0_vlan entered promiscuous mode
[   32.899499][   T28] audit: type=1400 audit(1753109019.439:300): avc:  denied  { set_context_mgr } for  pid=873 comm="syz.0.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   32.928086][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.940284][  T813] device veth1_macvtap entered promiscuous mode
[   32.991919][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   33.019041][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   33.125741][  T899] loop1: detected capacity change from 0 to 256
[   33.133230][  T899] exfat: Deprecated parameter 'namecase'
[   33.143476][  T899] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   33.153073][  T880] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.161370][  T880] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.162939][  T899] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[   33.169100][  T880] device bridge_slave_0 entered promiscuous mode
[   33.192469][   T28] audit: type=1400 audit(1753109019.749:301): avc:  denied  { mounton } for  pid=898 comm="syz.1.249" path="/69/file0" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   33.215566][   T28] audit: type=1400 audit(1753109019.749:302): avc:  denied  { mount } for  pid=898 comm="syz.1.249" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   33.238187][   T28] audit: type=1400 audit(1753109019.749:303): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   33.258490][   T28] audit: type=1400 audit(1753109019.779:304): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   33.290833][  T880] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.297935][  T880] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.312957][  T880] device bridge_slave_1 entered promiscuous mode
[   33.326379][  T885] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.335749][  T885] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.355285][  T885] device bridge_slave_0 entered promiscuous mode
[   33.368673][    T8] device bridge_slave_1 left promiscuous mode
[   33.374978][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.383031][    T8] device bridge_slave_0 left promiscuous mode
[   33.389655][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.397558][    T8] device veth1_macvtap left promiscuous mode
[   33.403857][    T8] device veth0_vlan left promiscuous mode
[   33.483612][  T885] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.490918][  T885] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.498795][  T885] device bridge_slave_1 entered promiscuous mode
[   33.529143][  T934] loop1: detected capacity change from 0 to 1024
[   33.539404][  T934] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   33.548612][  T934] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   33.559661][  T934] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   33.575243][  T934] EXT4-fs (loop1): corrupt root inode, run e2fsck
[   33.581878][   T40] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   33.582223][  T934] EXT4-fs (loop1): mount failed
[   33.679181][  T885] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.686398][  T885] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.693762][  T885] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.700845][  T885] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.734215][  T880] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.741337][  T880] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.748662][  T880] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.755778][  T880] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.802432][   T40] usb 1-1: config 1 has an invalid descriptor of length 116, skipping remainder of the config
[   33.826244][   T40] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   33.846676][   T40] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   33.850961][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.856398][   T40] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   33.871426][   T40] usb 1-1: Product: syz
[   33.875657][   T40] usb 1-1: Manufacturer: syz
[   33.880556][   T40] usb 1-1: SerialNumber: syz
[   33.885435][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.899820][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.909624][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.917343][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.944943][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   33.953499][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.960688][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.970331][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   33.978643][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.985723][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.993198][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.001302][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.019925][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.027586][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.036089][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.043193][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.050764][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.059061][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.066223][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.089499][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   34.098189][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.099576][   T40] usb 1-1: 0:2 : does not exist
[   34.108831][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   34.119311][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.121204][   T40] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[   34.137190][   T28] audit: type=1400 audit(1753109020.689:305): avc:  denied  { write } for  pid=956 comm="syz.5.271" name="001" dev="devtmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   34.160182][   T28] audit: type=1400 audit(1753109020.709:306): avc:  denied  { create } for  pid=958 comm="syz.5.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   34.171849][   T40] usb 1-1: USB disconnect, device number 4
[   34.181564][   T28] audit: type=1400 audit(1753109020.709:307): avc:  denied  { connect } for  pid=958 comm="syz.5.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   34.209904][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   34.218761][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   34.225682][   T28] audit: type=1400 audit(1753109020.709:308): avc:  denied  { write } for  pid=958 comm="syz.5.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   34.250702][  T885] device veth0_vlan entered promiscuous mode
[   34.262335][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   34.271449][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   34.290775][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   34.298529][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   34.306619][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   34.316885][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   34.325790][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   34.334969][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   34.346041][  T880] device veth0_vlan entered promiscuous mode
[   34.358464][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   34.367271][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   34.376284][  T885] device veth1_macvtap entered promiscuous mode
[   34.392275][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   34.401289][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   34.408859][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   34.416551][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   34.425246][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   34.440425][  T880] device veth1_macvtap entered promiscuous mode
[   34.450302][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   34.458084][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   34.466632][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   34.484501][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   34.492933][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.501773][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   34.510356][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   34.518831][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   34.527518][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.711219][    T8] device bridge_slave_1 left promiscuous mode
[   34.719771][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.727691][    T8] device bridge_slave_0 left promiscuous mode
[   34.734253][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.744108][    T8] device veth1_macvtap left promiscuous mode
[   34.750936][    T8] device veth0_vlan left promiscuous mode
[   34.875737][  T992] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   34.884154][  T992] device bridge_slave_0 left promiscuous mode
[   34.890546][  T992] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.898465][  T992] device bridge_slave_1 left promiscuous mode
[   34.904898][  T992] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.939559][  T454] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   34.975666][  T996] loop1: detected capacity change from 0 to 2048
[   34.984987][  T996] EXT4-fs: Ignoring removed bh option
[   35.014291][  T327] Bluetooth: hci0: Frame reassembly failed (-84)
[   35.025695][  T988] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.034040][  T988] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.041944][  T988] device bridge_slave_0 entered promiscuous mode
[   35.049387][  T988] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.056699][  T988] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.063561][  T996] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   35.067019][  T988] device bridge_slave_1 entered promiscuous mode
[   35.079988][  T996] SELinux:  Context : is not valid (left unmapped).
[   35.087570][  T996] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   35.133348][  T285] EXT4-fs (loop1): unmounting filesystem.
[   35.140929][  T454] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   35.154022][  T454] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   35.163349][  T454] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.178032][  T454] usb 6-1: config 0 descriptor??
[   35.234278][ T1027] process 'syz.0.298' launched '/dev/fd/3/./file0' with NULL argv: empty string added
[   35.290016][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   35.297672][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   35.313092][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   35.322134][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   35.331344][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.338447][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.348452][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   35.364267][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   35.374279][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.381375][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.391685][  T454] usbhid 6-1:0.0: can't add hid device: -71
[   35.397680][  T454] usbhid: probe of 6-1:0.0 failed with error -71
[   35.405105][  T454] usb 6-1: USB disconnect, device number 2
[   35.405455][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   35.419005][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   35.428082][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   35.448707][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.464358][  T988] device veth0_vlan entered promiscuous mode
[   35.480379][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.488726][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.497571][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.516567][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   35.525340][  T988] device veth1_macvtap entered promiscuous mode
[   35.537638][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   35.555533][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   35.740803][ T1059] syz.1.312 (1059) used greatest stack depth: 21312 bytes left
[   35.830187][    T8] device bridge_slave_1 left promiscuous mode
[   35.836446][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.843991][    T8] device bridge_slave_0 left promiscuous mode
[   35.851042][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.860646][    T8] device veth1_macvtap left promiscuous mode
[   35.866708][    T8] device veth0_vlan left promiscuous mode
[   35.969545][  T454] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   36.149646][  T454] usb 6-1: Using ep0 maxpacket: 16
[   36.156650][ T1068] loop0: detected capacity change from 0 to 1024
[   36.164313][  T454] usb 6-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.185462][  T454] usb 6-1: config 0 interface 0 has no altsetting 0
[   36.195241][  T454] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[   36.214712][  T454] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.215710][ T1068] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   36.235098][  T454] usb 6-1: config 0 descriptor??
[   36.280179][  T286] EXT4-fs (loop0): unmounting filesystem.
[   36.348144][ T1076] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.355665][ T1076] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.363991][ T1076] device bridge_slave_0 entered promiscuous mode
[   36.371556][ T1076] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.379271][ T1076] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.388071][ T1076] device bridge_slave_1 entered promiscuous mode
[   36.489278][ T1076] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.496415][ T1076] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.503953][ T1076] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.511021][ T1076] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.534352][ T1100] loop0: detected capacity change from 0 to 256
[   36.544513][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   36.551751][ T1100] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   36.562204][ T1100] FAT-fs (loop0): Filesystem has been set read-only
[   36.569035][  T308] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.571484][ T1100] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   36.586589][  T308] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.587260][ T1100] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   36.612088][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   36.620723][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.628003][  T308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.635915][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   36.644765][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.651880][  T308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.660701][  T454] hid-generic 0003:1B1C:1B34.0002: unknown main item tag 0x0
[   36.668322][  T454] hid-generic 0003:1B1C:1B34.0002: unknown main item tag 0x0
[   36.676094][  T454] hid-generic 0003:1B1C:1B34.0002: unknown main item tag 0x0
[   36.678341][  T304] kernel write not supported for file bpf-prog (pid: 304 comm: kworker/1:3)
[   36.683580][  T454] hid-generic 0003:1B1C:1B34.0002: unknown main item tag 0x0
[   36.699796][   T59] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   36.707380][  T454] hid-generic 0003:1B1C:1B34.0002: unknown main item tag 0x0
[   36.715611][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   36.724133][  T454] hid-generic 0003:1B1C:1B34.0002: hidraw0: USB HID v0.05 Device [HID 1b1c:1b34] on usb-dummy_hcd.5-1/input0
[   36.746716][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   36.758328][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   36.772964][ T1076] device veth0_vlan entered promiscuous mode
[   36.782412][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.791158][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.798879][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.819799][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.829996][ T1076] device veth1_macvtap entered promiscuous mode
[   36.838635][    T8] device bridge_slave_1 left promiscuous mode
[   36.845073][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.852923][    T8] device bridge_slave_0 left promiscuous mode
[   36.859142][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.874647][    T8] device veth1_macvtap left promiscuous mode
[   36.880871][    T8] device veth0_vlan left promiscuous mode
[   36.900904][   T59] usb 2-1: Using ep0 maxpacket: 16
[   36.916362][   T59] usb 2-1: config 0 has no interfaces?
[   36.929750][   T59] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   36.942009][   T59] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   36.959125][   T59] usb 2-1: SerialNumber: syz
[   36.969403][   T59] usb 2-1: config 0 descriptor??
[   37.017640][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.029609][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   37.033529][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.035813][  T359] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   37.073999][  T304] usb 6-1: USB disconnect, device number 3
[   37.113708][ T1128] loop0: detected capacity change from 0 to 4096
[   37.122744][ T1128] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   37.142734][  T286] EXT4-fs (loop0): unmounting filesystem.
[   37.180352][   T19] usb 2-1: USB disconnect, device number 2
[   37.439545][   T40] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   37.620005][   T40] usb 1-1: Using ep0 maxpacket: 8
[   37.626196][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.637181][   T40] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   37.650057][   T40] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[   37.659148][   T40] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.667759][   T40] usb 1-1: config 0 descriptor??
[   37.801989][    T8] device bridge_slave_1 left promiscuous mode
[   37.809586][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.824326][    T8] device bridge_slave_0 left promiscuous mode
[   37.831872][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.842916][    T8] device veth1_macvtap left promiscuous mode
[   37.849038][    T8] device veth0_vlan left promiscuous mode
[   37.914948][   T28] kauditd_printk_skb: 31 callbacks suppressed
[   37.914964][   T28] audit: type=1400 audit(1753109024.469:340): avc:  denied  { create } for  pid=1155 comm="syz.6.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   37.942381][   T28] audit: type=1326 audit(1753109024.509:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1155 comm="syz.6.352" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa45f18e9a9 code=0x0
[   38.009510][  T454] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   38.029831][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.037038][ T1148] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.044965][ T1148] device bridge_slave_0 entered promiscuous mode
[   38.052887][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.060431][ T1148] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.068105][ T1148] device bridge_slave_1 entered promiscuous mode
[   38.076345][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.083549][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.095003][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.102510][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.114593][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.121828][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.129044][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.136206][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.151246][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.166761][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.175936][   T40] hid-rmi 0003:06CB:81A7.0003: unknown main item tag 0x0
[   38.183757][   T40] hid-rmi 0003:06CB:81A7.0003: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.0-1/input0
[   38.199544][  T454] usb 2-1: Using ep0 maxpacket: 32
[   38.212737][  T454] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[   38.229862][  T454] usb 2-1: config 0 has no interface number 0
[   38.243930][  T454] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   38.253270][  T454] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   38.261606][  T454] usb 2-1: Product: syz
[   38.267641][  T454] usb 2-1: Manufacturer: syz
[   38.273096][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   38.273337][  T454] usb 2-1: SerialNumber: syz
[   38.281648][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.294370][   T28] audit: type=1400 audit(1753109024.859:342): avc:  denied  { watch } for  pid=1182 comm="syz.5.363" path="/32/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[   38.294814][  T454] usb 2-1: config 0 descriptor??
[   38.324264][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   38.327212][   T19] usb 1-1: USB disconnect, device number 5
[   38.339366][  T454] smsc95xx v2.0.0
[   38.339999][   T28] audit: type=1400 audit(1753109024.899:343): avc:  denied  { unmount } for  pid=813 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   38.345420][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.371864][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.379050][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.387059][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   38.396430][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.405127][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.412229][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.420607][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   38.446093][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.458142][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.476285][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.492054][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.500742][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   38.508334][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   38.518102][ T1148] device veth0_vlan entered promiscuous mode
[   38.524913][ T1190] device batadv_slave_1 entered promiscuous mode
[   38.534897][ T1189] device batadv_slave_1 left promiscuous mode
[   38.547432][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.559333][ T1148] device veth1_macvtap entered promiscuous mode
[   38.573537][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   38.582815][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   38.598524][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   38.607586][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   38.648897][   T28] audit: type=1400 audit(1753109025.199:344): avc:  denied  { load_policy } for  pid=1193 comm="syz.5.368" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   38.649240][ T1194] SELinux: failed to load policy
[   38.723539][ T1200] netlink: 4 bytes leftover after parsing attributes in process `syz.5.371'.
[   38.757831][ T1202] loop5: detected capacity change from 0 to 16
[   38.772352][ T1202] erofs: (device loop5): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[   38.783800][ T1202] erofs: (device loop5): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[   38.795457][ T1202] erofs: (device loop5): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[   38.807189][ T1202] erofs: (device loop5): erofs_read_inode: bogus i_mode (0) @ nid 65536
[   39.445963][ T1209] loop0: detected capacity change from 0 to 4096
[   39.457715][   T28] audit: type=1400 audit(1753109026.019:345): avc:  denied  { read write } for  pid=1211 comm="syz.6.376" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   39.463398][ T1209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   39.507488][ T1209] fs-verity: sha512 using implementation "sha512-avx2"
[   39.517289][   T28] audit: type=1400 audit(1753109026.019:346): avc:  denied  { open } for  pid=1211 comm="syz.6.376" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   39.527993][ T1209] syz.0.373 (1209) used greatest stack depth: 20320 bytes left
[   39.548505][  T454] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[   39.565930][  T454] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[   39.575414][   T28] audit: type=1400 audit(1753109026.019:347): avc:  denied  { ioctl } for  pid=1211 comm="syz.6.376" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   39.575877][  T286] EXT4-fs (loop0): unmounting filesystem.
[   39.600132][  T454] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[   39.617055][  T454] smsc95xx: probe of 2-1:0.67 failed with error -71
[   39.625567][  T454] usb 2-1: USB disconnect, device number 3
[   39.631818][   T28] audit: type=1400 audit(1753109026.059:348): avc:  denied  { ioctl } for  pid=1206 comm="syz.0.373" path="/78/file1/file3" dev="loop0" ino=16 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   39.660309][  T308] device bridge_slave_1 left promiscuous mode
[   39.666595][  T308] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.692301][ T1220] tmpfs: Unknown parameter 'nolazytime˙˙'
[   39.699772][  T308] device bridge_slave_0 left promiscuous mode
[   39.710711][  T308] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.720469][   T28] audit: type=1400 audit(1753109026.249:349): avc:  denied  { mounton } for  pid=1219 comm="syz.6.379" path="/13/file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   39.722177][ T1222] loop0: detected capacity change from 0 to 2048
[   39.753814][  T308] device veth1_macvtap left promiscuous mode
[   39.760643][  T308] device veth0_vlan left promiscuous mode
[   39.820918][ T1222]  loop0: p1 < > p3
[   39.825498][ T1222] loop0: p3 size 134217728 extends beyond EOD, truncated
[   39.882073][ T1236] loop6: detected capacity change from 0 to 8192
[   39.938008][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.945466][ T1223] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.953229][ T1223] device bridge_slave_0 entered promiscuous mode
[   39.968738][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.975932][ T1223] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.983571][ T1223] device bridge_slave_1 entered promiscuous mode
[   39.990662][ T1242] SELinux:  Context system_u:object_r:login_exec_t:s0 is not valid (left unmapped).
[   40.141290][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.148412][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.155761][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.162840][ T1223] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.179055][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.194511][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.229308][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   40.233559][ T1255] loop1: detected capacity change from 0 to 256
[   40.245624][ T1255] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   40.256645][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   40.269287][ T1255] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   40.281193][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.288041][ T1255] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[   40.290542][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.311569][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.318674][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.346277][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.357828][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.366649][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.373840][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.395623][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   40.413257][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   40.422760][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   40.432145][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   40.472385][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   40.483695][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   40.498600][ T1223] device veth0_vlan entered promiscuous mode
[   40.506630][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   40.524963][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   40.547932][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   40.558147][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   40.566420][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   40.575639][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   40.585429][ T1223] device veth1_macvtap entered promiscuous mode
[   40.597145][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   40.605092][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   40.613596][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   40.634462][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   40.643355][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   41.290184][  T327] device bridge_slave_1 left promiscuous mode
[   41.296386][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.304021][  T327] device bridge_slave_0 left promiscuous mode
[   41.310394][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.318615][  T327] device veth1_macvtap left promiscuous mode
[   41.324725][  T327] device veth0_vlan left promiscuous mode
[   41.563487][ T1290] loop0: detected capacity change from 0 to 512
[   41.611144][ T1290] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   41.620494][ T1290] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.653740][  T286] EXT4-fs (loop0): unmounting filesystem.
[   41.756332][ T1305] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.775553][ T1305] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.790392][ T1305] device bridge_slave_0 entered promiscuous mode
[   41.808751][ T1305] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.825715][ T1305] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.838965][ T1305] device bridge_slave_1 entered promiscuous mode
[   41.899907][ T1330] loop5: detected capacity change from 0 to 16
[   41.913944][ T1330] erofs: (device loop5): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[   41.987954][ T1305] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.995079][ T1305] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.002425][ T1305] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.009487][ T1305] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.052123][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.062720][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.072331][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.102547][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.118510][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.125629][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.140467][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.148746][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.155865][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.176273][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.184679][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.211809][ T1305] device veth0_vlan entered promiscuous mode
[   42.220288][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.229393][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.237789][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.247931][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.276587][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.294110][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.306088][ T1305] device veth1_macvtap entered promiscuous mode
[   42.314129][ T1354] netlink: 'syz.5.432': attribute type 4 has an invalid length.
[   42.324682][ T1355] netlink: 24 bytes leftover after parsing attributes in process `syz.6.433'.
[   42.336541][ T1354] netlink: 'syz.5.432': attribute type 4 has an invalid length.
[   42.353952][ T1355] netlink: 24 bytes leftover after parsing attributes in process `syz.6.433'.
[   42.363257][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   42.378414][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.391792][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.400898][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.410930][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.473097][ T1361] loop6: detected capacity change from 0 to 4096
[   42.491671][ T1361] EXT4-fs (loop6): Test dummy encryption mode enabled
[   42.514863][ T1361] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   42.527328][ T1361] System zones: 0-5
[   42.544040][ T1361] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   42.583448][ T1361] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   42.614723][  T885] EXT4-fs (loop6): unmounting filesystem.
[   43.050026][  T327] device bridge_slave_1 left promiscuous mode
[   43.056187][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.063734][  T327] device bridge_slave_0 left promiscuous mode
[   43.070006][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.077835][  T327] device veth1_macvtap left promiscuous mode
[   43.083994][  T327] device veth0_vlan left promiscuous mode
[   43.379664][   T28] kauditd_printk_skb: 11 callbacks suppressed
[   43.379679][   T28] audit: type=1400 audit(1753109029.939:361): avc:  denied  { watch watch_reads } for  pid=1367 comm="syz.0.437" path="/91/file1" dev="tmpfs" ino=503 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   43.398846][ T1376] loop6: detected capacity change from 0 to 1024
[   43.432342][ T1376] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   43.465189][  T885] EXT4-fs (loop6): unmounting filesystem.
[   43.645673][ T1389] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.653127][ T1389] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.661022][ T1389] device bridge_slave_0 entered promiscuous mode
[   43.668358][ T1389] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.677324][ T1389] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.687137][ T1389] device bridge_slave_1 entered promiscuous mode
[   43.710537][   T28] audit: type=1400 audit(1753109030.269:362): avc:  denied  { getopt } for  pid=1403 comm="syz.6.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   43.779186][ T1391] loop5: detected capacity change from 0 to 40427
[   43.794676][ T1391] F2FS-fs (loop5): invalid crc value
[   43.804230][ T1391] F2FS-fs (loop5): Found nat_bits in checkpoint
[   43.844730][ T1389] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.849318][ T1391] F2FS-fs (loop5): Start checkpoint disabled!
[   43.851871][ T1389] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.851986][ T1389] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.859331][ T1391] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   43.865301][ T1389] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.889578][    T6] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   43.909965][ T1391] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   43.934268][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.944461][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.952869][    T8] kworker/u4:0: attempt to access beyond end of device
[   43.952869][    T8] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   43.967591][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.984270][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.992824][  T327] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.999913][  T327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.008377][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.017192][  T327] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.024302][  T327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.054846][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.063712][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.089280][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.098315][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.111152][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   44.122447][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.129745][    T6] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   44.139282][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.140300][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   44.161833][    T6] usb 1-1: config 0 descriptor??
[   44.168301][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   44.179023][ T1389] device veth0_vlan entered promiscuous mode
[   44.193795][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.204549][ T1389] device veth1_macvtap entered promiscuous mode
[   44.225972][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.249614][   T28] audit: type=1400 audit(1753109030.809:363): avc:  denied  { ioctl } for  pid=1434 comm="syz.6.464" path="socket:[23376]" dev="sockfs" ino=23376 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   44.284347][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.789962][    T6] usb 1-1: language id specifier not provided by device, defaulting to English
[   44.890245][  T327] device bridge_slave_1 left promiscuous mode
[   44.896539][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.904374][  T327] device bridge_slave_0 left promiscuous mode
[   44.910750][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.919036][  T327] device veth1_macvtap left promiscuous mode
[   44.925138][  T327] device veth0_vlan left promiscuous mode
[   44.993205][    T6] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71
[   45.002303][    T6] uclogic 0003:256C:006D.0004: failed probing parameters: -71
[   45.010915][    T6] uclogic: probe of 0003:256C:006D.0004 failed with error -71
[   45.019389][    T6] usb 1-1: USB disconnect, device number 6
[   45.327892][ T1446] loop5: detected capacity change from 0 to 128
[   45.347186][   T28] audit: type=1400 audit(1753109031.899:364): avc:  denied  { block_suspend } for  pid=1448 comm="syz.6.469" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   45.347958][ T1446] EXT4-fs: Ignoring removed nobh option
[   45.392201][ T1446] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   45.405590][ T1446] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   45.423637][ T1456] loop1: detected capacity change from 0 to 512
[   45.450080][  T813] EXT4-fs (loop5): unmounting filesystem.
[   45.458552][ T1456] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   45.488114][ T1456] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.472: casefold flag without casefold feature
[   45.520103][ T1456] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.472: couldn't read orphan inode 15 (err -117)
[   45.533763][ T1456] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   45.549631][ T1457] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.556893][ T1457] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.575206][   T28] audit: type=1400 audit(1753109032.129:365): avc:  denied  { create } for  pid=1455 comm="syz.1.472" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[   45.577879][ T1457] device bridge_slave_0 entered promiscuous mode
[   45.609383][  T285] EXT4-fs (loop1): unmounting filesystem.
[   45.617151][ T1457] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.629671][ T1457] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.634244][   T28] audit: type=1400 audit(1753109032.189:366): avc:  denied  { map } for  pid=1478 comm="syz.6.481" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   45.639787][ T1457] device bridge_slave_1 entered promiscuous mode
[   45.871862][ T1457] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.878990][ T1457] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.886340][ T1457] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.893506][ T1457] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.919389][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.928140][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.941068][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.949281][ T1507] netlink: 96 bytes leftover after parsing attributes in process `syz.5.494'.
[   45.962371][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.979752][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.986950][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.016270][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.032961][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.040083][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.064273][ T1520] loop5: detected capacity change from 0 to 512
[   46.071542][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.079877][ T1520] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   46.081748][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.103922][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.119759][ T1520] EXT4-fs (loop5): 1 truncate cleaned up
[   46.124002][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.125441][ T1520] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   46.146789][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   46.163376][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   46.173986][ T1457] device veth0_vlan entered promiscuous mode
[   46.195041][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.205525][ T1457] device veth1_macvtap entered promiscuous mode
[   46.220265][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.222424][ T1534] loop0: detected capacity change from 0 to 1024
[   46.243479][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.252606][  T813] EXT4-fs (loop5): unmounting filesystem.
[   46.254935][ T1534] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   46.309640][  T286] EXT4-fs (loop0): unmounting filesystem.
[   46.890134][  T327] device bridge_slave_1 left promiscuous mode
[   46.896293][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.903938][  T327] device bridge_slave_0 left promiscuous mode
[   46.910172][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.918214][  T327] device veth1_macvtap left promiscuous mode
[   46.924317][  T327] device veth0_vlan left promiscuous mode
[   47.444162][   T28] audit: type=1400 audit(1753109033.999:367): avc:  denied  { sys_module } for  pid=1552 comm="syz.0.513" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   47.444493][ T1555] Invalid ELF header magic: != ELF
[   47.472713][ T1558] netlink: 104 bytes leftover after parsing attributes in process `syz.6.516'.
[   47.489848][   T28] audit: type=1400 audit(1753109033.999:368): avc:  denied  { module_load } for  pid=1552 comm="syz.0.513" path="/sys/kernel/notes" dev="sysfs" ino=1142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[   47.530153][   T28] audit: type=1400 audit(1753109034.029:369): avc:  denied  { ioctl } for  pid=1554 comm="syz.5.515" path="/dev/usbmon0" dev="devtmpfs" ino=159 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   47.569660][   T28] audit: type=1400 audit(1753109034.039:370): avc:  denied  { nlmsg_read } for  pid=1556 comm="syz.6.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   47.639822][ T1576] incfs: Options parsing error. -22
[   47.645484][ T1574] device veth0 entered promiscuous mode
[   47.653997][ T1573] device veth0 left promiscuous mode
[   47.659470][ T1576] incfs: mount failed -22
[   47.677378][ T1578] device bridge0 entered promiscuous mode
[   47.686929][ T1578] device macsec1 entered promiscuous mode
[   47.693135][ T1578] bridge0: port 1(macsec1) entered blocking state
[   47.699622][ T1578] bridge0: port 1(macsec1) entered disabled state
[   47.706881][ T1578] device bridge0 left promiscuous mode
[   47.738041][ T1583] 9pnet_fd: p9_fd_create_unix (1583): problem connecting socket: ./file0: -5
[   47.759045][ T1571] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.789460][ T1571] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.802823][ T1571] device bridge_slave_0 entered promiscuous mode
[   47.811047][ T1571] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.820582][ T1571] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.828127][ T1571] device bridge_slave_1 entered promiscuous mode
[   48.028542][ T1571] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.035701][ T1571] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.043067][ T1571] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.050143][ T1571] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.131539][ T1627] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   48.489563][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.497405][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.549139][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   48.557002][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.567014][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.575997][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.584377][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.591547][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.600717][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.609271][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.617572][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.624677][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.632424][  T946] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   48.638908][   T28] kauditd_printk_skb: 11 callbacks suppressed
[   48.638929][   T28] audit: type=1326 audit(1753109035.199:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.676098][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   48.684495][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.685009][   T28] audit: type=1326 audit(1753109035.199:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.715932][   T28] audit: type=1326 audit(1753109035.199:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.747239][   T28] audit: type=1326 audit(1753109035.199:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.753105][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   48.771580][   T28] audit: type=1326 audit(1753109035.199:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.779986][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.809642][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   48.810823][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   48.817658][   T28] audit: type=1326 audit(1753109035.199:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.826686][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.848759][  T946] usb 7-1: Using ep0 maxpacket: 16
[   48.857791][   T28] audit: type=1326 audit(1753109035.199:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.886592][  T946] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.887374][   T28] audit: type=1326 audit(1753109035.199:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.906987][  T946] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   48.921335][   T28] audit: type=1326 audit(1753109035.199:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   48.961766][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   48.967522][  T946] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   48.971289][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.986846][  T946] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.989728][ T1571] device veth0_vlan entered promiscuous mode
[   48.995435][   T24] usb 6-1: Using ep0 maxpacket: 32
[   49.001299][   T28] audit: type=1326 audit(1753109035.199:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1596 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275d18e9a9 code=0x7fc00000
[   49.007683][   T24] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[   49.038543][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   49.046188][  T946] usb 7-1: config 0 descriptor??
[   49.051680][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   49.059204][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   49.068533][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   49.076582][   T24] usb 6-1: config 0 has no interface number 0
[   49.081507][ T1571] device veth1_macvtap entered promiscuous mode
[   49.089203][   T24] usb 6-1: config 0 interface 2 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 11
[   49.102397][   T24] usb 6-1: config 0 interface 2 has no altsetting 0
[   49.112446][   T24] usb 6-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[   49.113669][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   49.130448][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   49.138646][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.138822][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   49.147311][   T24] usb 6-1: Product: syz
[   49.160240][   T24] usb 6-1: Manufacturer: syz
[   49.165170][   T24] usb 6-1: SerialNumber: syz
[   49.172600][   T24] usb 6-1: config 0 descriptor??
[   49.186146][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   49.195045][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   49.382828][   T24] usb 6-1: USB disconnect, device number 4
[   49.470643][  T946] HID 045e:07da: Invalid code 65791 type 1
[   49.479466][  T946] input: HID 045e:07da as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:045E:07DA.0005/input/input7
[   49.492150][  T946] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[   49.860215][  T327] device bridge_slave_1 left promiscuous mode
[   49.866640][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.874414][  T327] device bridge_slave_0 left promiscuous mode
[   49.880696][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.889011][  T327] device veth1_macvtap left promiscuous mode
[   49.895153][  T327] device veth0_vlan left promiscuous mode
[   50.276674][  T454] usb 7-1: USB disconnect, device number 2
[   50.565115][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[   50.622004][ T1694] loop1: detected capacity change from 0 to 2048
[   50.663705][ T1690] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.670878][ T1690] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.676429][ T1694] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   50.678550][ T1690] device bridge_slave_0 entered promiscuous mode
[   50.693631][ T1690] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.697518][ T1694] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.700745][ T1690] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.718929][ T1690] device bridge_slave_1 entered promiscuous mode
[   50.764596][  T285] EXT4-fs (loop1): unmounting filesystem.
[   50.780418][ T1694] syz.1.571 (1694) used greatest stack depth: 20096 bytes left
[   50.924952][ T1690] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.932189][ T1690] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.939570][ T1690] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.946642][ T1690] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.037180][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.046513][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.057482][ T1724] loop1: detected capacity change from 0 to 4096
[   51.064384][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.089131][ T1724] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   51.100099][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.108695][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.126867][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.134039][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.154566][  T285] EXT4-fs (loop1): unmounting filesystem.
[   51.160570][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.173902][ T1674] loop5: detected capacity change from 0 to 131072
[   51.175315][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.187179][ T1674] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0)
[   51.187628][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.196348][ T1674] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   51.212714][ T1674] F2FS-fs (loop5): invalid crc value
[   51.218553][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.227279][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.241763][ T1674] F2FS-fs (loop5): Found nat_bits in checkpoint
[   51.249218][ T1690] device veth0_vlan entered promiscuous mode
[   51.256594][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.265788][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.274598][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.293601][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.303741][ T1690] device veth1_macvtap entered promiscuous mode
[   51.313044][ T1674] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   51.320284][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.321105][ T1674] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[   51.329292][  T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.679535][  T493] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   51.860820][  T493] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   51.870958][  T493] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   51.880669][  T493] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   51.889865][  T493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   51.897903][  T493] usb 2-1: SerialNumber: syz
[   52.050184][  T327] device bridge_slave_1 left promiscuous mode
[   52.056391][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.064011][  T327] device bridge_slave_0 left promiscuous mode
[   52.070259][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.078258][  T327] device veth1_macvtap left promiscuous mode
[   52.084418][  T327] device veth0_vlan left promiscuous mode
[   52.105163][  T493] usb 2-1: 0:2 : does not exist
[   52.111709][  T493] usb 2-1: USB disconnect, device number 4
[   52.629568][  T359] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   52.629625][  T525] Bluetooth: hci0: command 0x1003 tx timeout
[   52.642654][ T1686] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[   52.773105][ T1761] syz.5.596[1761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.773209][ T1761] syz.5.596[1761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.807926][ T1765] loop6: detected capacity change from 0 to 256
[   52.841546][ T1765] FAT-fs (loop6): bogus number of FAT sectors
[   52.852463][ T1765] FAT-fs (loop6): Can't find a valid FAT filesystem
[   52.920547][ T1770] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.938314][ T1770] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.958317][ T1770] device bridge_slave_0 entered promiscuous mode
[   52.976469][ T1770] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.994663][ T1770] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.009044][ T1770] device bridge_slave_1 entered promiscuous mode
[   53.054782][ T1791] loop5: detected capacity change from 0 to 512
[   53.076498][ T1791] EXT4-fs: Ignoring removed i_version option
[   53.093842][ T1791] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.102428][ T1791] EXT4-fs error (device loop5): ext4_orphan_get:1400: comm syz.5.608: inode #13: comm syz.5.608: iget: illegal inode #
[   53.121877][ T1791] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.608: couldn't read orphan inode 13 (err -117)
[   53.138292][ T1791] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   53.166596][  T813] EXT4-fs (loop5): unmounting filesystem.
[   53.175642][ T1800] loop1: detected capacity change from 0 to 512
[   53.185745][ T1770] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.192950][ T1770] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.198212][ T1802] loop5: detected capacity change from 0 to 1024
[   53.200345][ T1770] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.211103][ T1800] EXT4-fs (loop1): 1 orphan inode deleted
[   53.213907][ T1770] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.220145][ T1800] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   53.236772][ T1800] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.248887][ T1800] EXT4-fs (loop1): unmounting filesystem.
[   53.256728][ T1802] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   53.266443][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.269199][ T1802] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   53.274923][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.297734][ T1802] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   53.297873][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.310520][ T1802] EXT4-fs (loop5): This should not happen!! Data will be lost
[   53.310520][ T1802] 
[   53.328240][ T1802] EXT4-fs (loop5): Total free blocks count 0
[   53.330493][ T1807] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 28
[   53.335960][ T1802] EXT4-fs (loop5): Free/Dirty block details
[   53.351416][ T1807] EXT4-fs (loop5): This should not happen!! Data will be lost
[   53.351416][ T1807] 
[   53.352678][ T1802] EXT4-fs (loop5): free_blocks=68451041280
[   53.362997][ T1807] EXT4-fs (loop5): Total free blocks count 0
[   53.368097][ T1802] EXT4-fs (loop5): dirty_blocks=96
[   53.394626][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.413960][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.438217][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.451261][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   53.459875][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   53.469695][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.478408][ T1770] device veth0_vlan entered promiscuous mode
[   53.492118][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.501744][ T1770] device veth1_macvtap entered promiscuous mode
[   53.513080][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.524611][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   53.607909][ T1823] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3356708090 (26853664720 ns) > initial count (9735166528 ns). Using initial count to start timer.
[   53.626541][ T1823] Disabled LAPIC found during irq injection
[   54.471087][  T327] device bridge_slave_1 left promiscuous mode
[   54.477344][  T327] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.485390][  T327] device bridge_slave_0 left promiscuous mode
[   54.491653][  T327] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.500211][  T327] device veth1_macvtap left promiscuous mode
[   54.506250][  T327] device veth0_vlan left promiscuous mode
[   54.709508][    C0] ==================================================================
[   54.717650][    C0] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[   54.724831][    C0] Write of size 8 at addr ffff88810eadca00 by task swapper/0/0
[   54.732426][    C0] 
[   54.734754][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.141-syzkaller-00040-g2dbfabb0eec8 #0
[   54.744311][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   54.754553][    C0] Call Trace:
[   54.757825][    C0]  <IRQ>
[   54.760671][    C0]  __dump_stack+0x21/0x24
[   54.765093][    C0]  dump_stack_lvl+0xee/0x150
[   54.769772][    C0]  ? __cfi_dump_stack_lvl+0x8/0x8
[   54.774805][    C0]  ? update_rq_clock+0x536/0x5c0
[   54.779734][    C0]  ? __run_timers+0x32b/0x9a0
[   54.784414][    C0]  print_address_description+0x71/0x210
[   54.789972][    C0]  print_report+0x4a/0x60
[   54.794300][    C0]  kasan_report+0x122/0x150
[   54.798803][    C0]  ? __run_timers+0x32b/0x9a0
[   54.803569][    C0]  __asan_report_store8_noabort+0x17/0x20
[   54.809293][    C0]  __run_timers+0x32b/0x9a0
[   54.813796][    C0]  ? sched_clock+0x9/0x10
[   54.818163][    C0]  ? sched_clock_cpu+0x6e/0x250
[   54.823023][    C0]  ? calc_index+0x200/0x200
[   54.827529][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   54.832740][    C0]  run_timer_softirq+0x6a/0xf0
[   54.837501][    C0]  handle_softirqs+0x1d7/0x600
[   54.842262][    C0]  ? irqtime_account_irq+0xc4/0x240
[   54.847470][    C0]  __irq_exit_rcu+0x52/0xf0
[   54.851985][    C0]  irq_exit_rcu+0x9/0x10
[   54.856223][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   54.861861][    C0]  </IRQ>
[   54.864876][    C0]  <TASK>
[   54.867800][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   54.873870][    C0] RIP: 0010:default_idle+0xf/0x20
[   54.878925][    C0] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 03 19 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[   54.898958][    C0] RSP: 0018:ffffffff86e07d58 EFLAGS: 00000257
[   54.905028][    C0] RAX: ffff8881f7000000 RBX: ffffffff86e1c500 RCX: 3fdf21c381048200
[   54.913102][    C0] RDX: 0000000000000001 RSI: ffffffff85aa0140 RDI: ffffffff85aa0100
[   54.921071][    C0] RBP: ffffffff86e07d58 R08: dffffc0000000000 R09: ffffed103ee06917
[   54.929044][    C0] R10: 0000000000000000 R11: ffffffff84f01a70 R12: 0000000000000000
[   54.937012][    C0] R13: 0000000000000000 R14: ffffffff86e1c500 R15: dffffc0000000000
[   54.944984][    C0]  ? __cfi_default_idle+0x10/0x10
[   54.950018][    C0]  arch_cpu_idle+0x1c/0x20
[   54.954444][    C0]  default_idle_call+0x71/0x1d0
[   54.959294][    C0]  do_idle+0x1a7/0x520
[   54.963378][    C0]  ? ct_irq_exit+0x9/0x10
[   54.967817][    C0]  ? idle_inject_timer_fn+0x60/0x60
[   54.973027][    C0]  cpu_startup_entry+0x43/0x60
[   54.977802][    C0]  rest_init+0x10a/0x130
[   54.982097][    C0]  ? __cfi_x86_late_time_init+0x8/0x8
[   54.987570][    C0]  arch_call_rest_init+0xe/0x10
[   54.992426][    C0]  start_kernel+0x482/0x4f0
[   54.996931][    C0]  x86_64_start_reservations+0x2a/0x2c
[   55.002480][    C0]  x86_64_start_kernel+0x7c/0x81
[   55.007460][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[   55.013455][    C0]  </TASK>
[   55.016485][    C0] 
[   55.018818][    C0] Allocated by task 1686:
[   55.023137][    C0]  kasan_set_track+0x4b/0x70
[   55.027728][    C0]  kasan_save_alloc_info+0x25/0x30
[   55.032866][    C0]  __kasan_kmalloc+0x95/0xb0
[   55.037450][    C0]  __kmalloc+0xb1/0x1e0
[   55.041605][    C0]  hci_alloc_dev_priv+0x27/0x1bd0
[   55.046717][    C0]  hci_uart_tty_ioctl+0x3d6/0xa20
[   55.051740][    C0]  tty_ioctl+0x8ef/0xc60
[   55.056026][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   55.060734][    C0]  __x64_sys_ioctl+0x7b/0x90
[   55.065426][    C0]  x64_sys_call+0x58b/0x9a0
[   55.070041][    C0]  do_syscall_64+0x4c/0xa0
[   55.074465][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.080462][    C0] 
[   55.082911][    C0] Freed by task 1686:
[   55.086889][    C0]  kasan_set_track+0x4b/0x70
[   55.091491][    C0]  kasan_save_free_info+0x31/0x50
[   55.096524][    C0]  ____kasan_slab_free+0x132/0x180
[   55.101656][    C0]  __kasan_slab_free+0x11/0x20
[   55.106521][    C0]  slab_free_freelist_hook+0xc2/0x190
[   55.111987][    C0]  __kmem_cache_free+0xb7/0x1b0
[   55.116840][    C0]  kfree+0x6f/0xf0
[   55.120689][    C0]  hci_release_dev+0x13ad/0x1500
[   55.125635][    C0]  bt_host_release+0x82/0x90
[   55.130320][    C0]  device_release+0xa4/0x1d0
[   55.134942][    C0]  kobject_put+0x19d/0x280
[   55.139381][    C0]  put_device+0x1f/0x30
[   55.143551][    C0]  hci_dev_cmd+0x265/0x720
[   55.147976][    C0]  hci_sock_ioctl+0x41e/0x7f0
[   55.152658][    C0]  sock_do_ioctl+0x101/0x310
[   55.157357][    C0]  sock_ioctl+0x4d8/0x6e0
[   55.161690][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   55.166376][    C0]  __x64_sys_ioctl+0x7b/0x90
[   55.170993][    C0]  x64_sys_call+0x58b/0x9a0
[   55.175544][    C0]  do_syscall_64+0x4c/0xa0
[   55.180263][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.186619][    C0] 
[   55.188946][    C0] Last potentially related work creation:
[   55.194667][    C0]  kasan_save_stack+0x3a/0x60
[   55.199384][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[   55.204825][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[   55.210652][    C0]  insert_work+0x51/0x300
[   55.214984][    C0]  __queue_work+0x9b1/0xd30
[   55.219496][    C0]  queue_work_on+0xd2/0x140
[   55.224034][    C0]  __hci_cmd_sync_sk+0xa3e/0xcf0
[   55.228985][    C0]  hci_cmd_sync_status+0x53/0x120
[   55.234103][    C0]  hci_dev_cmd+0x628/0x720
[   55.238522][    C0]  hci_sock_ioctl+0x41e/0x7f0
[   55.243203][    C0]  sock_do_ioctl+0x101/0x310
[   55.247808][    C0]  sock_ioctl+0x4d8/0x6e0
[   55.252151][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   55.256837][    C0]  __x64_sys_ioctl+0x7b/0x90
[   55.261429][    C0]  x64_sys_call+0x58b/0x9a0
[   55.265967][    C0]  do_syscall_64+0x4c/0xa0
[   55.270373][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.276271][    C0] 
[   55.278598][    C0] Second to last potentially related work creation:
[   55.285178][    C0]  kasan_save_stack+0x3a/0x60
[   55.289878][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[   55.295285][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[   55.301105][    C0]  insert_work+0x51/0x300
[   55.305437][    C0]  __queue_work+0x9b1/0xd30
[   55.310292][    C0]  queue_work_on+0xd2/0x140
[   55.314813][    C0]  hci_cmd_timeout+0x191/0x200
[   55.319589][    C0]  process_one_work+0x71f/0xc40
[   55.324439][    C0]  worker_thread+0xa29/0x11f0
[   55.329135][    C0]  kthread+0x281/0x320
[   55.333202][    C0]  ret_from_fork+0x1f/0x30
[   55.337615][    C0] 
[   55.339953][    C0] The buggy address belongs to the object at ffff88810eadc000
[   55.339953][    C0]  which belongs to the cache kmalloc-8k of size 8192
[   55.354316][    C0] The buggy address is located 2560 bytes inside of
[   55.354316][    C0]  8192-byte region [ffff88810eadc000, ffff88810eade000)
[   55.367762][    C0] 
[   55.370089][    C0] The buggy address belongs to the physical page:
[   55.376489][    C0] page:ffffea00043ab600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ead8
[   55.386750][    C0] head:ffffea00043ab600 order:3 compound_mapcount:0 compound_pincount:0
[   55.395088][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[   55.401202][    C0] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500
[   55.409807][    C0] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[   55.418391][    C0] page dumped because: kasan: bad access detected
[   55.424811][    C0] page_owner tracks the page as allocated
[   55.430518][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1686, tgid 1685 (syz.0.568), ts 50564383281, free_ts 50525762187
[   55.453496][    C0]  post_alloc_hook+0x1f5/0x210
[   55.458296][    C0]  prep_new_page+0x1c/0x110
[   55.462803][    C0]  get_page_from_freelist+0x2c7b/0x2cf0
[   55.468350][    C0]  __alloc_pages+0x19e/0x3a0
[   55.472940][    C0]  alloc_slab_page+0x6e/0xf0
[   55.477534][    C0]  new_slab+0x98/0x3d0
[   55.481615][    C0]  ___slab_alloc+0x6f6/0xb50
[   55.486205][    C0]  __slab_alloc+0x5e/0xa0
[   55.490537][    C0]  __kmem_cache_alloc_node+0x203/0x2c0
[   55.496033][    C0]  __kmalloc+0xa1/0x1e0
[   55.500214][    C0]  hci_alloc_dev_priv+0x27/0x1bd0
[   55.505240][    C0]  hci_uart_tty_ioctl+0x3d6/0xa20
[   55.510423][    C0]  tty_ioctl+0x8ef/0xc60
[   55.514657][    C0]  __se_sys_ioctl+0x12f/0x1b0
[   55.519332][    C0]  __x64_sys_ioctl+0x7b/0x90
[   55.524023][    C0]  x64_sys_call+0x58b/0x9a0
[   55.528717][    C0] page last free stack trace:
[   55.533466][    C0]  free_unref_page_prepare+0x742/0x750
[   55.539010][    C0]  free_unref_page+0x8f/0x530
[   55.543767][    C0]  __free_pages+0x67/0x100
[   55.548181][    C0]  __free_slab+0xca/0x1a0
[   55.552763][    C0]  __unfreeze_partials+0x160/0x190
[   55.557957][    C0]  put_cpu_partial+0xa9/0x100
[   55.562633][    C0]  __slab_free+0x1c4/0x280
[   55.567068][    C0]  ___cache_free+0xbf/0xd0
[   55.571484][    C0]  qlist_free_all+0xc6/0x140
[   55.576078][    C0]  kasan_quarantine_reduce+0x14a/0x170
[   55.581541][    C0]  __kasan_slab_alloc+0x24/0x80
[   55.586397][    C0]  slab_post_alloc_hook+0x4f/0x2d0
[   55.591592][    C0]  __kmem_cache_alloc_node+0x192/0x2c0
[   55.597056][    C0]  kmalloc_trace+0x29/0xb0
[   55.601480][    C0]  __ipv6_dev_mc_inc+0x3a3/0xa00
[   55.606534][    C0]  ipv6_dev_mc_inc+0x1f/0x30
[   55.611154][    C0] 
[   55.613562][    C0] Memory state around the buggy address:
[   55.619275][    C0]  ffff88810eadc900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.627333][    C0]  ffff88810eadc980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.635408][    C0] >ffff88810eadca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.643544][    C0]                    ^
[   55.647603][    C0]  ffff88810eadca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.655831][    C0]  ffff88810eadcb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   55.663901][    C0] ==================================================================
[   55.671955][    C0] Disabling lock debugging due to kernel taint
[   55.678231][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   55.689935][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   55.698334][    C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G    B              6.1.141-syzkaller-00040-g2dbfabb0eec8 #0
[   55.709262][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.719314][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   55.724692][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 b8 d2 28 00 4c 89 ff e8 f0 1f a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 2c 6d 00 49 8b 7d 00 e8 d3 1b
[   55.744294][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[   55.750449][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c500
[   55.758419][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   55.766479][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[   55.774451][    C0] R10: ffffed1021d5b939 R11: 1ffff11021d5b939 R12: dffffc0000000000
[   55.782431][    C0] R13: 0000000000000000 R14: ffff88810eadc9c8 R15: 0000000000000008
[   55.790484][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   55.799459][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   55.806047][    C0] CR2: 00007f92d73b3492 CR3: 0000000006e0f000 CR4: 00000000003506b0
[   55.814103][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   55.822073][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   55.830049][    C0] Call Trace:
[   55.833327][    C0]  <IRQ>
[   55.836169][    C0]  delayed_work_timer_fn+0x61/0x80
[   55.841284][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   55.847177][    C0]  call_timer_fn+0x46/0x2a0
[   55.851700][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[   55.857530][    C0]  __run_timers+0x667/0x9a0
[   55.862049][    C0]  ? calc_index+0x200/0x200
[   55.866553][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   55.871754][    C0]  run_timer_softirq+0x6a/0xf0
[   55.876524][    C0]  handle_softirqs+0x1d7/0x600
[   55.881284][    C0]  ? irqtime_account_irq+0xc4/0x240
[   55.886483][    C0]  __irq_exit_rcu+0x52/0xf0
[   55.891001][    C0]  irq_exit_rcu+0x9/0x10
[   55.895247][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[   55.900885][    C0]  </IRQ>
[   55.903811][    C0]  <TASK>
[   55.906734][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   55.912711][    C0] RIP: 0010:default_idle+0xf/0x20
[   55.917758][    C0] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 03 19 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[   55.937363][    C0] RSP: 0018:ffffffff86e07d58 EFLAGS: 00000257
[   55.943602][    C0] RAX: ffff8881f7000000 RBX: ffffffff86e1c500 RCX: 3fdf21c381048200
[   55.951567][    C0] RDX: 0000000000000001 RSI: ffffffff85aa0140 RDI: ffffffff85aa0100
[   55.959546][    C0] RBP: ffffffff86e07d58 R08: dffffc0000000000 R09: ffffed103ee06917
[   55.967513][    C0] R10: 0000000000000000 R11: ffffffff84f01a70 R12: 0000000000000000
[   55.975515][    C0] R13: 0000000000000000 R14: ffffffff86e1c500 R15: dffffc0000000000
[   55.983704][    C0]  ? __cfi_default_idle+0x10/0x10
[   55.988739][    C0]  arch_cpu_idle+0x1c/0x20
[   55.993246][    C0]  default_idle_call+0x71/0x1d0
[   55.998112][    C0]  do_idle+0x1a7/0x520
[   56.002185][    C0]  ? ct_irq_exit+0x9/0x10
[   56.006517][    C0]  ? idle_inject_timer_fn+0x60/0x60
[   56.011710][    C0]  cpu_startup_entry+0x43/0x60
[   56.016468][    C0]  rest_init+0x10a/0x130
[   56.020709][    C0]  ? __cfi_x86_late_time_init+0x8/0x8
[   56.026080][    C0]  arch_call_rest_init+0xe/0x10
[   56.030926][    C0]  start_kernel+0x482/0x4f0
[   56.035422][    C0]  x86_64_start_reservations+0x2a/0x2c
[   56.040966][    C0]  x86_64_start_kernel+0x7c/0x81
[   56.045926][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[   56.051815][    C0]  </TASK>
[   56.054830][    C0] Modules linked in:
[   56.058724][    C0] ---[ end trace 0000000000000000 ]---
[   56.064167][    C0] RIP: 0010:__queue_work+0x575/0xd30
[   56.069456][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 b8 d2 28 00 4c 89 ff e8 f0 1f a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 2c 6d 00 49 8b 7d 00 e8 d3 1b
[   56.089157][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[   56.095220][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c500
[   56.103274][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[   56.111240][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[   56.119217][    C0] R10: ffffed1021d5b939 R11: 1ffff11021d5b939 R12: dffffc0000000000
[   56.127185][    C0] R13: 0000000000000000 R14: ffff88810eadc9c8 R15: 0000000000000008
[   56.135162][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   56.144121][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.150700][    C0] CR2: 00007f92d73b3492 CR3: 0000000006e0f000 CR4: 00000000003506b0
[   56.158762][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   56.166813][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   56.174870][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[   56.183482][    C0] Kernel Offset: disabled
[   56.187812][    C0] Rebooting in 86400 seconds..