last executing test programs:

7m46.190176258s ago: executing program 32 (id=237):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x101042, 0x40)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
syz_read_part_table(0x5c8, &(0x7f0000000600)="$eJzs2z1oE2gYB/Anaq6Hwrk4ORzWwclFcTSDlSQqCiHaRRwUFBEzRRAiBAQdbIaWZigdu5RCln5MTcPR4WhpoXMpHXoUOnQ62qXQpTl6fY+7sXdtD4TfD17er3/y5BkyvsF37Vz83u12MxHR7fn3n+5v5QsPr5XulZ9FZOJFRPT++tP04U0mJf761utpv5H242MXOwO7D7Kt9ad7N14uNM6l+89pXJpo95+4Oc7cZG7x8pev1eJgLfdurVjf+ra68mRqJ19uP240px9l779OuaU0X0jzh6jFp3gfr6ISlXgT1VOqP9ravHVwtdiafXt3v9AZmr+dcqUT9nnc+h97h5836303Z66M3KnNLZe3zx/lKv/h3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP9vMrd4+cvXanGwlnu3VqxvfVtdeTK1ky+3Hzea04+y91/HLz2HuaWUv5DmD1GLT/E+XkUlKvEmqqdUf7S1eevgarE1+/bufqEzNH875Uonb/VY9T/2Dj9v1vtuzlwZuVObWy5vnz/KVXrO6AcAAAAAAAAAAAAAAAAAAABAROQLD6+V7pWfRWTiRUS0f+7786l/N713z6Tc9bTYSOfjYxc7A7sPsq31p3s3Xi40fkvnn9O4NNHu/2edH/5e/nj2XXFcfwQAAP//HQGWmQ==")
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000240)='./bus\x00', 0x322020, &(0x7f0000000240)=ANY=[], 0x1, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file7\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x8cffffff)
write$FUSE_IOCTL(r0, 0x0, 0x0)

7m39.197369775s ago: executing program 33 (id=296):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
creat(&(0x7f0000000100)='./bus\x00', 0x1ed)
r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="2000000000000000000000000080000000000000", @ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000029, 0x0, 0x1, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x10000}, 0x18)
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES64=r4], 0x1, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
futex(0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000000280)={@dev={0xac, 0x14, 0x14, 0x29}, @remote}, 0xc)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)

7m15.861494339s ago: executing program 34 (id=336):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r5, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r6, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r6, 0x0)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000280)="d825e1dd3acfa586b1a2568b3d99b2875aa5aefb61fb738b3306c6cada644930d366774cfa7d34b45aa5b8739bc1e6e1237e7dfb2971e24d764007cfa611716cf1ecae0a98da1679926641581d009d019f787cb15f1094b2a0f11ac129762598338ebb8947a1c25429f26ce9a8ede87e56f198f2da51efbd697f2439137f73f4d1d660c1969d16b4d3ed391e171117567acf86b2bf09e44c80a5c58a7988c84db5676af7ea95f141")
listen(r5, 0x0)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

5m54.903958179s ago: executing program 35 (id=686):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1d500000000000000400000003", @ANYRES16=r0, @ANYBLOB="205c9ccd2777e9dd7dcd", @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x12, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x5, 0x4c, &(0x7f0000000980)=""/76, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000a40)={0x5, 0x6, 0x4, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001500), 0x0, 0x10, 0xbc77}, 0x94)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(r6, 0x0, 0x22)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = dup(r4)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x480, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})

3m47.342830121s ago: executing program 36 (id=1352):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
mincore(&(0x7f0000185000/0x3000)=nil, 0x3000, 0x0)

3m34.927389128s ago: executing program 37 (id=1425):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x7, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0xa}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

3m29.559726714s ago: executing program 4 (id=1460):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000280)=0x21b0, 0xff0c)
getsockopt$inet6_buf(r1, 0x29, 0x6, 0xfffffffffffffffd, &(0x7f0000000080)=0xa4)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0x7, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/dev_mcast\x00')
preadv(r4, &(0x7f0000000100)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1, 0x284, 0x0)

3m28.49744713s ago: executing program 4 (id=1462):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8800, 0x8)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r0, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r2, 0x0, 0x2)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000180))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
writev(r3, &(0x7f00000005c0)=[{&(0x7f00000002c0)="8867", 0x2}], 0x1)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x1c9c380}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010300000000030000f11c000000180001801400020076657468305f766c616e"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000)

3m27.501813761s ago: executing program 4 (id=1465):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)

3m26.506273022s ago: executing program 4 (id=1468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[], 0x50)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000004000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x64000600)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x0, 0x989680}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000008c0)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4c0c5)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r7}, &(0x7f00000006c0), &(0x7f0000000700)=r6}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x4, 0x28}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r9}, 0x18)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x100, 0x9, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000005c0), &(0x7f00000005c0), 0x208, r10}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000340), 0x7, r10, 0x0, 0xfeff}, 0x38)

3m25.764238482s ago: executing program 4 (id=1470):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_VLAN(r0, 0x0, 0x20000000)
r1 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
write$selinux_access(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a3a73302075c7224b25caf3f405c26e636f6e66696e65642030"], 0x3f)

3m25.716179236s ago: executing program 4 (id=1471):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sync()

3m24.260069064s ago: executing program 38 (id=1399):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xa, {"a2e3ad08ed6b52f99cfbf4c087f71e9b3d0963ff7fc6e5539b9b3b0a8b9b441b4552101b080d29558f0e1ac6e7049b3468959b189a242a9b4bf3988f7ef319520700ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e0000002f030000070000000404000000c40000a81903cd82e72c00918eef099fd7fbf19c27a13f9cebb09e50ebbfc1ba3c1d71271e28f17e51d4f3df1270460590eb07d43d171996bfc3a2296ba54d6874c1763fe993886eef290f82b44cd682c07be7d610b7a93b0aaf771321bb211adec13264180d9849fd6f98c8aa2c18d717d7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="04000000020000000200"/20, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
pipe2$9p(&(0x7f0000001900)={<r8=>0xffffffffffffffff}, 0x0)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r9, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, 0x0, 0x0)
connect$inet(r9, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendto(r9, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0)
r10 = dup(r9)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m10.643744989s ago: executing program 39 (id=1471):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sync()

2m30.618268927s ago: executing program 3 (id=2154):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x10, 0x0, '\x00', @d})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
capget(0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
chdir(0x0)
symlink(&(0x7f00000005c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='.\x02\x00')

2m30.21741592s ago: executing program 3 (id=2158):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000440)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, 0x0}], 0x1, 0x15, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m30.124026027s ago: executing program 3 (id=2159):
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000440)={{0x0, 0x0, 0x80, {0xeeee8000, 0x10000, 0x2}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1da32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb9788780bc175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b076a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31fb40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b9e07c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e27c3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d749cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac65b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55bdd46e5bcb3330c7edefd31c33f61275e51600"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m30.088462s ago: executing program 3 (id=2160):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x2218050, &(0x7f0000000140)=ANY=[], 0x1, 0x1528, &(0x7f0000001800)="$eJzs3Au4TtX2MPAx5pyLTS5vkvsacyze5DJJklwScqkkSUjuCUmSJKnEJrckJEmuO8l1h9zTTu73W+6hnSNJkpCQZH7PTn061fn6n/PvHH1nj9/zrGfPsdYac421x/u+a633efb+suvQGo1qVq3PzPCv0D8P8OKPRABIAIABAJAdAAIAKJOjTI607Zk0Jv5LBxH/Jg2mXe4KxOUk/U/fpP/pm/Q/fZP+p2/S//RN+p++Sf/TN+m/EOlact4rZUm/i3z///859b9Jluv/fx/E3676R/tK///b6H9qb+l/upHh91ZK/9OL378ESP/TN+l/ehZc7gLEZSbv//RN+i9Euvanf6e87uw/s3/wb6nhP7xouPw1/KuLEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjxH3DWX2IA4Ofx5a5LCCGEEEIIIYQQfx7/zuWuQAghhBBCCCGEEP9+CAo0GAggA2SEBMgEmeEKyAJZIRtkhxhcCTngKsgJV0MuyA15IC/kg/xQAEIgsMAQQUEoBHG4BgrDtVAEikIxKA4OSkBJuA5KwfVQGm6AMnAjlIWboByUhwpQEW6GSnALVIYqUBVuhWpQHWpATbgNboc7oBbcCbXhLqgDd0NduAfqwb1QHxpAQ7gPGsH90BiaQFNoBs2hBbT8g/yk7L+X/yx0h+egB/SEROgFveF56AN9oR/0hwHwAgyEF2EQvASDYQgMhZdhGLwCw+FVGAGvwUh4HUbBaBgDY2EcjIckeAMmwJswEd66PytMhikwFabBdEiGt2EGzIRZ8A7MhjkwF5IyzYcFsBDehUXwHqTA+7AYPoAlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi3wIWyFbbAddsBO2AW74SPYA3thH3wMqfjJP5l/5u/zoRsCAipUaNBgBsyACZiAmTEzZsEsmA2zYQxjmANzYE7MibkwF+bBPJgP82EBLICEhIyMBbEgxjGOhbEwFsEiWAyLoUOHJbEklsLrsTSWxjJYBstiWSyH5bE8VsSKWAkrYWWsjFWxKlbDalgDa+BteBvegbWwFtbG2lgH62BdrIv1sB7Wx/rYEBtiI2yEjbExNsWm2BybY0tsia2wFbbG1tgW22I7bIftsT12wA7YETtiJ+yEnbEzdsEu2BW7Yjd8Gp/GZ/FZfA6fw55YTfXC3tgb+2Af7If9sT++gAPxRXwRX8LBOASH4sv4Mr6Cw/E0jsDXcCSOxEpqNI7BschqPCZhEmaECTgRJ+IknIyTcSpOw+mYjMk4A2fiTHwHZ+McnIPzcB4uwIW4EBfhe5iCKbgYz+ASXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342b8ED/EbbgNd+AO3IW78CP8CPfiXhyMqZiK+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8QSexBN4Ck/haTyDZwHgHJ7D83geL+CFtDe/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I1ny6qbVDlVXrVxFVVFVUm1dZVVFVVVVVXVVHVVQ9VUNdXt6nZVS9VStVVtVUfVUXXVPaqe6oX9sIFK60wjNQQbq6HYVDVTzVUL9Qo+oFqp4dhatVFt1UPqNRyB7VUr10E9qjqqMdhJPa7G4hOqixqPXdVTqpt6Wj2jnlXdVWvXQ/VUk7CX6q2mYh/VV/VT/dUMrK7SOlZDvaQGqyFqqHpZLcBX1HD16l68+IGpRqnRaowaq8ap8SpJvaEmqDfVRPWWmqQmqylqqpqmpqtk9baaoWaqWeodNVvNUXPVPDVfLVAL1btqkXpPpaj31WL1gVqilqplarlaoVaqVWq1WqPWqnVqvdqgNqpNarPaoj5UW9U2tV3tUDvVLrVbfaT2qL1qn/pYpapP1H71N3VAfaoOqs/UIfW5Oqy+UEfUl+qo+kodU1+r4+qEOqm+UafUt+q0OqPOqu/UOfW9Oq9+UBeUV6BRK6210YHOoDPqBJ1JZ9ZX6Cw6q86ms+uYvlLn0FfpnPpqnUvn1nlMXp1P59cFdKhJW8060gV1IR3X1+jC+lpdRBfVxXRx7XQJXVJfp0vp63VpfYMuo2/UZfVNupwuryt40DfrSvoWXVlX0VX1rbqarq5r6Jr6Nn27vkPX0nfq2vouXUffrevqe3Q9fa+urxvohvo+3UjfrxvrJrqpbqab6xa6pX5At9IP6kC30W31Q7qdfli314/oDvpR3VE/pjvpx3Vn/YTuop/UXfVTupuuAgA/6Ava6x66p07UvXRv/bzuo/vqfrq/HqBf0AP1i3qQfkkP1kP0UP2yHqZf0cP1q3qEfk2P1K/rUXq0HqPH6nF6vE7Sb+gJ+k09Ub+lJ+nJeoqeqqfp6bpf2kygLr5i/iD/zd/JH/Tj0TfrLfpDvVVv09v1Dr1T79K79W69R+/R+/Q+napT9X69Xx/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfUJ/p7/Rp/S3+rQ+o8/o7/Q5fU6f1xd/B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc97/O/6P6WpqWppVpZVqb1qataWvamXamvWlvOpgOpqPpaDqZTqaz6Wy6mC6mq+lquplu5hnzjOluupsepodJNImmt3ne9DF9TT/T3wwwL5iBZqAZZAaZwWawGWqGmmFmmBluhpsRCT/dMplRZowZY8aZcSbJZzcTzAQz0Uw0k8wkM2VAdjPNTDPJJtnMMDPMLDPLzDazzVwz18w3881Cs9AsMotMikkxi81is8QsNUvNcrPcrDQrzWqz2qw1a816s95sNBvNErPFbDFbzVaz3Ww3O81Os9vsNnvMHrPP7DOpJtXsN/vNAXPAHDQHzSFzyBw2h80Rc8QcNUfNMXPMHDfHzUlz0pwyp8xpc9qcNWfNOXPOnDfnzQVzIe22L1CBCkxgggxBhiAhSAgyB5mDLEGWIFuQLYgFsSBHkCPIGVwd5ApyB3mCvEG+IH9QIAgDCmzAQRQUDAoF8eCaoHBwbVAkKBoUC4oHLigRlAyuC0oF1welgxuCMsGNQdngpqBcUD6oEFQMbg4qBbcElYMqQdXg1qBaUD2oEdQMbgtuD+4IagV3BrWDu4I6wd1B3eCeoF5wb1A/aBA0DO4LGgX3B42DJkHToFnQPGgRtPxT5/f+dO4HXY+wZ5gY9gp7h8+HfcK+Yb+wfzggfCEcGL4YDgpfCgeHQ8Kh4cvhsPCVcHj4ajgifC0cGb4ejgpHh2PCseG4cHyYFL4RTgjfDCeGb4WTwsnhlGBqOC2cHiaHb4czwpnhrPCdcHY4J5wbzgvnhwtC/OnikhK+Hy4OPwiXhEvDZeHycEW4MlwVrg7XhGvDdeH6cEO4sczAi7uGW8Nt4fZwR7gz3BXuDj8K94R7w33hx2Fq+Em4P/xbeCD8NDwYfhYeCj8PD4dfhEfCL8Oj4VfhsfDr8Hh4IhOE34Snwm/D0+GZ8Gz4XXgu/D48H/4QXgh92s192uWdDBnKQBkogRIoM2WmLJSFslE2ilGMclAOykk5KRflojyUh/JRPipABSgNE1NBKkhxilNhKkxFqAgVo2LkyFFJKkmlqBSVptJUhspQWSpL5chSBapAN9PNdAvdQlWoCt1Kt1J1qk41qSYh3k61qBbVptpUh+pQXapL9age1af61JAaUiNqRI2pMTWlptScmlNLakmtqBW1ptbUltpSO2pH7ak9daAO1JE6UifqRJ2pM3WhLtSVulI36kbP0DPUnbpTD+pBiZRIvak39aE+1I/60QAaQANpIA2iQTSYBtNQGkrDaBgNp+E0gl6jkfQ6jaLRNIbG0jgaT0mURBNoAk2kiTSJJtEUmkLTaBolUzLNoBk0i2bRbJpNc2kuzaf5tJAW0iJaRCmUQotpMS2hJbSMltEKWkGraBWtoTW0jtbRBtpAm2gTbaEttJW20nbaTjtpJ+2m3bSH9tA+2keplEr7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2kk3SKTtFpOk1n6Sydo+/pPP1AF8hTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bG6bCQB+jslaW8QWtcVscetsCVvSXvebuJwtbyvYivZmW8neYivbcjYT/DK+3d5ha9k7bW17l61pb/u7uI6929a199t6tomtb5vZhraFbWTvt41tE9vUNrPNbQvbzj5s29tHbAf7qO1oH/tNvMi+Z9fYtXadXW/32L32rP3OHrFf2nP2e9vD9rQD7At2oH3RDrIv2cF2yN/HAHakfd2OsqPtGDvWjrPjfxNPsVPtNDvdJtu37Qw78zfxQvuunW1T7Fw7z863C36M02pKse/bxfYD7723y+xyu8KutKvs6v9b63K70W6ym+1u+5HdarfZ7XaH3Wl3/Rinncc++7FNtZ/Yw/YLe8B+ag/ao/aQ/fzHOO38jtqv7DH7tT1uT9iT9ht7yn5rT9szP55/2rl/Y3+wF6y3wMiKNRsOOANn5ATOxJn5Cs7CWTkbZ+cYX8k5+CrOyVdzLs7NeTgv5+P8XIBDJrbMHHFBLsRxvoYL87VchItyMS7OjktwSb6OS/H1XJpv4DJ8I5flm7gcl+cKXJFv5kp8C1fmKlyVb+VqXH3bHRc/7fgOrsV3cm2+i+vw3VyX7+F6fC/X5wbckO/jRnw/N+Ym3JSbcXNuwS35AW7FD3JrbsNt+SFuxw9ze36EO/Cj3JEf4078OHfmJ7gLP8ld+Snuxk/zM/wsd+fnuAf35ETuxb35ee7Dfbkf9+cB/AIP5Bd5EL/Eg3kID+WXmfkVHs6v8gh+jUfy6zyKR/MYHsvjeDwn8Rs8gd/kifwWT+LJPIWn8jSezsn8Ns/gmTyL3+HZPIfn8jyezwt4Ib/Li/g9TuH3eTF/wEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/hD3srbeDvv4J28i3fzR7yH9/I+/phT+RPez3/jA/wpH+TP+BB/zof5Cz7CX/JR/oqP8dd8nE/wSf6GT/G3fJrP8Fn+js/x93yef+AL7BkijFSkIxMFUYYoY5QQZYoyR1dEWaKsUbYoexSLroxyRFdFOaOro1xR7ihPlDfKF+WPCkRhRJGNOIqiglGhKB5dExWOro2KREWjYlHxyEUlopLRdVGp6PqodHRDVCa6MSob3RSVi8pHFaKK0c1RpeiWqHJUJaoa3RpVi6pHNaKa0W3R7dEdUa3ozqh2dFdUOro7qhvdE9WL7o3qRw2ihtF9UaPo/qhx1CRqGjWLmkctopbRA1Gr6MGoddQmahs9FLWLHo7aR49EHaJHo47RY5e2Fw0uvr5+tT0x6hXpn2737tTz4wviC+PvxhfF34unxN+PL45/EF8SXxpfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c975mRnCY9iAMxgUug8voElwml9ld4bK4rC6by+5i7kqXw13lcrqrXS6X2+VxeV0+l98VcKEjZx27yBV0hVzcXeMKu2tdEVfUFXPFnXMlXEnXwrV0LV0r96Br7dq4tu4h95B72D3sHnGPuEddR/eY6+Qed53dE66Le9I96Z5y3dzT7hn3rOvunnM9XE+X6BJdb9fb9XF9XD/Xzw1wA9xAN9ANcoPcYDfYDXVD3TA3zA13w90IN8KNdCPdKDfKjXFj3Dg3ziW5JDfBTXAT3UQ3yU1yU9wUN81Nc8ku2c1wM9wsN8vNdrPdXDfXzXfz3UK30C1yi1yKS3GL3WK3xC1xy9wyt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcVvdVrfdbXc73U632+12e9wet8/tc6ku1e13+90Bd8AddJ+5Q+5zd9h94Y64L91R95U75r52x90Jd9J94065b91pd8addd+5c+57d9794C4475Jib8QmxN6MTYy9FZsUmxybEpsamxabHkuOvR2bEZsZmxV7JzY7Nic2NzYvNj+2ILYw9m5sUey9WErs/dji2AexJbGlsWWx5bEVsZUx7/NvjXxBX8jH/TW+sL/WF/FFfTFf3Dtfwpf01/lS/npf2t/gy/gbfVl/ky/ny/sKvolv6pv55r6Fb+kf8K38g761b+Pb+od8O/+wb+8f8R38o76jf8x38o/7zv4J38U/6bv6p+b89PL03f1zvofv6RN9L9/bP+/7+L6+n+/vB/gX/ED/oh/kX/KD/RA/1L/sh/lX/HD/qh/hX/Mj/et+lB/tx/ixfpwf75P8G36Cf9NP9G/5SX6yn+Kn+ml+uk/2b/sZfqaf5d/xs/0cP9fP8/P9Ar/Qv+sX+fd8in/fL/Yf+CV+qV/ml/sVfqVf5Vf7NX6tX+fX+w1+o9/kN/stPiNs9dv8dr/D7/S7/G7/kd/j9/p9/mOf6j/x+/3f/AH/qT/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+xP+pP/Gn/Lf+tP+jD/rv/Pn/Pf+vP/BX5C/WRNCCCGE+B9J/IPtvX5nnfppMQDQGwCybst76Jfb056bNuS6OO6r9nSMAcCjPbs2+Hlp0CAx8efjLtEQFJoHALFL+RngUrwU2sLDP45K/W59fVUF5F/NH/xie9r88RsBMgNk+nldAvwY/2L+DtAGrv8H8zd599fz/7r++DyAIoUu5aQd6Of40vyl/8H8u9r9wfyZPk0CaP2LnCxwKb40f0l4EB6DDn+3pxBCCCGEEEIIcVFfda7bHz3fpj2f5zOXcjLCpfjS8+fvP5//gcp/xjkIIYQQQgghhBDi/+2Jp5955IEOHdp0/m8eZPxrlPEXGCAA/AXKkMFff3C5P5mEEEIIIYQQf7ZLN/2XuxIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+tf/Q5j6H+/8y+Ppy3eqQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxGXzfwIAAP//mQVHMg==")
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffb)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000200), 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, 0x0, 0x1000)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file1\x00', 0x101200, 0x140)

2m29.980140409s ago: executing program 3 (id=2161):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
listen(r3, 0x0)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x3f0, 0x110, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr, @rand_addr, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x5}}}, {{@arp={@remote, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 'gre0\x00', 'pimreg\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@random="8249ca4ee4e7", @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x440)
madvise(&(0x7f000052f000/0x4000)=nil, 0x4000, 0x15)
syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000140)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfd, 0x206, &(0x7f0000000600)="$eJzsmb9v00AUx793dhy3ICQWBhaQqESRWsd2AHVhKP8ASC2/NiJqqoLboNQDjYTAYmHhz+BfYMiUgY2NFQZAQmIgI/OhO5/tI3EC5IcY+j7D5eu7d+/evbOfJQcEQRxbvn75+fn19Y3tNQAnsYK67v9ulTbcsP/kavHxzbuDU896w/6kLctkf3S1emUM/U0LidZCCGGOrejfbfBC3wLHJa3vgMHT+j44bmsdgeGe1o8M3V7SIo68B+145+FeHPmyCWQTyqZprm8DGKQMOwBcHR8zxg+Puo9bcRx1hkVN5OuMDFUJW/ursqlMWhmfPdjkuGbkT57B3VcvU3md58Y38heAI9C6CYYtrTdQh+d58pCylBj7P2uX/q2/2f804kZtlulpkT4HWc/p9Umz1uYS85TCAbAQz/nhzNdz+lvP8/+RsfkJZvQsSSEf6KLnzKD3fnTWtz94zsvKVIGdX9ROs8cT7phb4sPybEs4etOVNmX9lLm5aNQnG3ZRPxrJ/pPG4VF3fW+/tRvtRgdh2LzqX/b9K2FD1easnVD/XFWflg3/tTG2DnNQjCWdQF6fQJJ0wqct2RoVd+tt+4cy46r+caxeyKbJW0Vtu/pVpsZZ8R6UatUaGzxBEARBEARBEARBEARBEMQ/cQ5MfQXVf1QJIfAiGxEi/+4qhAhvKvUrAAD//+x/QCM=")

2m29.979665649s ago: executing program 3 (id=2162):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fc00000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x5, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6}]})

2m29.977424149s ago: executing program 40 (id=2162):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fc00000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x5, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6}]})

2m25.267981851s ago: executing program 7 (id=2218):
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08060001080006040001aa0494eb8c381940c6bb0180c2000000ac1414bb67b2b9f079850c18ca8e9fceaf3447baa4a9712b92c5970a932b6ca7b693b0e2fb5ff37e143ccfc8957609eb1bb5563125e7d8205496e8a3bbc295405012da0b1a1d2c42a02cb601b084e8a0109185cda1d5"], 0x0)

2m24.999527113s ago: executing program 7 (id=2221):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000004c00), 0x802, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000004c40)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x1d, 0xc, 0x7, 0x7, 0x3, 0x3, "10db7ad05595ffd6410431c6471f467f8dbc13ad796bb688c6f384f3a0"}}, 0x135)

2m24.975880155s ago: executing program 7 (id=2223):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xb9358bd3c3638527)

2m24.856110045s ago: executing program 7 (id=2224):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000010, &(0x7f00000002c0)={[{@noinit_itable}, {@grpid}, {@lazytime}]}, 0x1, 0x7ad, &(0x7f0000000800)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdu6yogaKB0YmpsFVxUXIhgoaBr2zCZhppJpmQmpQmBWkRwI2hxIeimaz/qzq0fW/0XdCMiLVXTYsWFjJzJTGfSzCTTNplU8/vBSd53zjvznOd8vOedOYeZAPas0fRPJuJgRLyTRAzXHk8ioq9a6o04vtbu9upKLp2SqFRe/iWptrm1upKLpuek9tUqByLiqzcjDmU2xi0tLc9OFQr5hVp9vDx3bry0tHz47NzUTH4mP390YnLyyLGnjg1sX66/fbu8//q7Lzz+6fE/3vj/1be/TuJ47K/Na85ju4zGaG2d9KWrcJ3ntzvYLkt2ewG4L+mh2bN2lMfBGI6eaqkznbcEAB4mFyOiAgDsMYnzPwDsMfXPAW6truTSqXJxdz+P6LYbz0XE4Fr+9euba3N6a9fsBqvXQYduJeuudyQRMbIN8Ucj4sPPX/04nWKHrkMCtPL6pYg4PTJa7/8b/U+y4Z6FNZ3fkPFEB21G76rr/6B7vkjHP083xn+N4y9zZ/wTLcY/Ay2O3fsxGtHfXN94/GeubUOYttLx37N9jXvbbjflXzPSU6v9uzrm60vOnC3k077tPxExFn0DaX1ikxhjN/+8ue6Bnkaxefz36+XXPkrjp/8bLTLXeu/qcqenylMPmnfdjUsRj/S2yj+5s/2TNuPfkx3GePGZtz5oNy/NP823PqXx+9dF2VmVKxGPRev8m5ei7f2JR8eru8N4fado4bMf3h9qF795+6dTGr/+XqAb0u0/tHn+I0nz/Zqle4/xzZXhL9vN2zr/1vt/f/JKtVzfVy5MlcsLExH9yUsbHz/SeG69Xm+f5j/2aOvjf7P9P31PeLrD/Huv//zJ/ee/s9L8p7fY/rFu+9974ert2Z528dP8K8ONddB6+09WS2PVv4Md9X+dLuADrTwAAAAAAAAAAAAAAAAAAAAAAAAA6FAmIvZHksneKWcy2ezab3j/L4YyhWKpfOhMcXF+Oqq/lT0SfZn6V10ON30f6kTtiwLr9SN31Z+MiP9GxHsD/6rWs7liYXq3kwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmn1tfv8/9dPAbi8dALBjBrdscTPflQUBALpm6/M/APBP4/wPAHuP8z8A7D3O/wCw9zj/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMNOnjiRTpXfV1dyaX36/NLibPH84el8aTY7t5jL5ooL57IzxeJMIZ/NFeeanvpdq9crFIvnJmN+8cJ4OV8qj5eWlk/NFRfny6fOzk3N5E/l+7qWGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0rrS0PDtVKOQXdqyQiR0P8bAX0hV9ICK25wUrw2ubbvfz6lbhx8PfH9iszeUu7MZ7rrDLHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA38RfAQAA//9uIiCr")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0xc0)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000340)={{}, {0x200000}, 0x11e, 0x0, 0x0, 0x0, &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})

2m24.703069257s ago: executing program 7 (id=2226):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
io_submit(0x0, 0x0, 0x0)

2m24.563847068s ago: executing program 7 (id=2228):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000000)=0x1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001a80)={0x4, 0x0, &(0x7f0000001900)=[@enter_looper], 0x1, 0x0, &(0x7f0000001a40)="a1"})
syz_clone(0x84800000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000001e40)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x2, 0x238, &(0x7f0000000840)="$eJzsmU9rE08Yx78zu9kk/f3wz0EPXnIpWMFudjcqvYjUe0FoRT0Gu4bqtJE0SFsQGrx48QX4Rjz05MGbNw+ePKggeDBHQREcmZ2Z7CTNhiSKF58PdPqdp/M888yfPgu7IAjin+Xjh6/vn11f2bgI4H8somzsnz07wgd3xr977pWMfLVz4vHRaDwGQMq87xfMa4cEAF6uesChDiul6w0smpgb4JlW3ATHBaNvgSG0ucrcOwVwx5jvgxndQruK75kUKbvbFpv3tkQaqSZWTaKaRp6dzr/fY9gEUDFTMCe/3f2DB00BdLQQqRUlEyO3zC0KtjDPb5XjqrMF6rxuP33SU/3Q2CO7fxyIwREbewPscN3oFZQRhmHNdNPYWf85P4/v6WNz1j/tSiq/txGzitPLRthbPXOca5AntetUXnae4T/9lCL9Jv/4AoO5jqBYqGs9r7vKY3YvXnO8fH06wRxxRoS6tJPGsFGLWvnAcrZ/9Pq416chy9u1otmZc8f4X7zqTdEuvKJZ4Rp3uG8WhFgb63XGiOqg0IyLHEz6t8rrE/OB80598p2nQr27/bC+u3+wvLXdbKWtdCdJGleiS1F0OalntbmOUyKNJtS/SlafFpz4+knCj40NWIC9ZrfbifeAbice9BPdOhV3/UX7yyBKv8ex9ENK+3jJll0enw8zPzz7/R+AJa8weYIgCIIgCIIgCIIgCIIgiCnRryRrYGXzrjL7GFeyH8aG8JMbeFQFfgUAAP//8jlRtw==")

2m24.510452882s ago: executing program 41 (id=2228):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000000)=0x1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001a80)={0x4, 0x0, &(0x7f0000001900)=[@enter_looper], 0x1, 0x0, &(0x7f0000001a40)="a1"})
syz_clone(0x84800000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000001e40)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x2, 0x238, &(0x7f0000000840)="$eJzsmU9rE08Yx78zu9kk/f3wz0EPXnIpWMFudjcqvYjUe0FoRT0Gu4bqtJE0SFsQGrx48QX4Rjz05MGbNw+ePKggeDBHQREcmZ2Z7CTNhiSKF58PdPqdp/M888yfPgu7IAjin+Xjh6/vn11f2bgI4H8somzsnz07wgd3xr977pWMfLVz4vHRaDwGQMq87xfMa4cEAF6uesChDiul6w0smpgb4JlW3ATHBaNvgSG0ucrcOwVwx5jvgxndQruK75kUKbvbFpv3tkQaqSZWTaKaRp6dzr/fY9gEUDFTMCe/3f2DB00BdLQQqRUlEyO3zC0KtjDPb5XjqrMF6rxuP33SU/3Q2CO7fxyIwREbewPscN3oFZQRhmHNdNPYWf85P4/v6WNz1j/tSiq/txGzitPLRthbPXOca5AntetUXnae4T/9lCL9Jv/4AoO5jqBYqGs9r7vKY3YvXnO8fH06wRxxRoS6tJPGsFGLWvnAcrZ/9Pq416chy9u1otmZc8f4X7zqTdEuvKJZ4Rp3uG8WhFgb63XGiOqg0IyLHEz6t8rrE/OB80598p2nQr27/bC+u3+wvLXdbKWtdCdJGleiS1F0OalntbmOUyKNJtS/SlafFpz4+knCj40NWIC9ZrfbifeAbice9BPdOhV3/UX7yyBKv8ex9ENK+3jJll0enw8zPzz7/R+AJa8weYIgCIIgCIIgCIIgCIIgiCnRryRrYGXzrjL7GFeyH8aG8JMbeFQFfgUAAP//8jlRtw==")

2m19.572037263s ago: executing program 0 (id=2285):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x33)
fsetxattr(r1, &(0x7f0000000180)=@random={'security.', 'errors=remount-ro'}, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r5}, 0x18)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)

2m18.74506864s ago: executing program 0 (id=2298):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
io_submit(0x0, 0x0, 0x0)

2m17.901013559s ago: executing program 0 (id=2309):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@broadcast, 0x0, 0x4000, 0x4e24, 0x0, 0x2, 0x20, 0x0, 0x11}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x9}, {0x0, 0x0, 0x0, 0x1}, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@multicast2, 0x4d2, 0x33}, 0x0, @in6=@private2, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

2m17.850024023s ago: executing program 0 (id=2310):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000418, &(0x7f0000001f80)={[{@sysvgroups}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1d}}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1ffe}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m17.64816889s ago: executing program 0 (id=2311):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000009840)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
setuid(0xee01)
utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)

2m17.647824319s ago: executing program 0 (id=2312):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r0}, 0x10)
accept(0xffffffffffffffff, &(0x7f0000000200)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sync()
sync()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
sendmsg$inet6(r1, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[], 0x180}, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='dvmrp1\x00', 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r2, &(0x7f0000000000)="fa", 0xfffffdef)

2m1.930558075s ago: executing program 42 (id=2312):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r0}, 0x10)
accept(0xffffffffffffffff, &(0x7f0000000200)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sync()
sync()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
sendmsg$inet6(r1, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[], 0x180}, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='dvmrp1\x00', 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r2, &(0x7f0000000000)="fa", 0xfffffdef)

1m52.913306847s ago: executing program 9 (id=2752):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000940)={0x4c, 0x0, &(0x7f0000000000)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x7624f2802272dfee, 0x0, 0x0, 0xfffffffffffffdcd, 0x18, &(0x7f0000000280)={@flat=@weak_binder={0x77622a85, 0x1000, 0x980}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1, 0x14}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000180)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0})

1m52.913089987s ago: executing program 9 (id=2753):
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1m52.854984901s ago: executing program 9 (id=2757):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev2(r1, 0x0, 0x0, 0x2, 0x1, 0x10)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)

1m52.847672492s ago: executing program 9 (id=2758):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000000580)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000480)="b2c5c79f07ab3d9614d5c058db4a274ad23734c22ae51ea860b7ba11a89526f3e0c83d84e43f97065e049df95ed807146bf75b9a01f43f46c3f9f2c9da76cbcf89ccb2ad441328f9b1fda9a445d98b4e5d74c3d3ef", 0x55}], 0x1}}], 0x2, 0x8008801)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x80000006, 0x1, 0x0, 0x80}]}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1m52.840074653s ago: executing program 9 (id=2759):
fcntl$lock(0xffffffffffffffff, 0x24, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x37, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x44, 0x0, &(0x7f0000000200)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000640)={@flat=@weak_binder={0x77622a85, 0x110b}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x2}, @fd}, &(0x7f0000000000)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000540)={'ip_vti0\x00', 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="8cff7cf9080006005345204c69"], 0x20)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
write$eventfd(0xffffffffffffffff, &(0x7f0000000040)=0x7, 0x8)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x1002, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x4, 0xffffffffffffffff, 0x2000000000000000, 0xcb9, 0x8f], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, 0x0)

1m52.784244367s ago: executing program 9 (id=2760):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r2 = memfd_create(&(0x7f0000000a00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xderw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xe9\x13\x1c\x0e\xff\b\xaaF?!\x9f\a-\x03\f\xe94\x1deU\x06zS\xe90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xf3\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x02\x10\n\'B\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\xb1\x83\x00\x00\x00\x00\x00\x17\x94\xdfWgGE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~Kp\xa6&\x8eu\x1d\xb2\xa9!\a\x00\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xb1\xf0C\x9c\xabf\x1daCS\x00\x00\f\x00\x1f4\xc8\x0f\x16\n\a\x00\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x14\x80\xbcj\xa7<9d\xf1\xb4\xe1\xf58\x87\x11\x00\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/564, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000200)={0xd2, 0xf34, 0x4, 0x8, 0xb, "caa7a7aed7a735fd"})
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, 0x0, 0x7)
sendfile(r1, r2, 0x0, 0xa)
openat$tun(0xffffffffffffff9c, 0x0, 0x800, 0x0)

1m37.779171855s ago: executing program 43 (id=2760):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r2 = memfd_create(&(0x7f0000000a00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xderw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xe9\x13\x1c\x0e\xff\b\xaaF?!\x9f\a-\x03\f\xe94\x1deU\x06zS\xe90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xf3\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x02\x10\n\'B\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\xb1\x83\x00\x00\x00\x00\x00\x17\x94\xdfWgGE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~Kp\xa6&\x8eu\x1d\xb2\xa9!\a\x00\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xb1\xf0C\x9c\xabf\x1daCS\x00\x00\f\x00\x1f4\xc8\x0f\x16\n\a\x00\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x14\x80\xbcj\xa7<9d\xf1\xb4\xe1\xf58\x87\x11\x00\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/564, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000200)={0xd2, 0xf34, 0x4, 0x8, 0xb, "caa7a7aed7a735fd"})
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, 0x0, 0x7)
sendfile(r1, r2, 0x0, 0xa)
openat$tun(0xffffffffffffff9c, 0x0, 0x800, 0x0)

3.719071958s ago: executing program 2 (id=3929):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
unshare(0x20400)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, 0x0)

3.648125504s ago: executing program 6 (id=3930):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_print_times', 0x101a02, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000200)=0x8, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0)
fallocate(r4, 0x3, 0x80007, 0x8000c60)

3.647849134s ago: executing program 2 (id=3931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

3.532473143s ago: executing program 2 (id=3932):
socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, 0x0)
socket$vsock_stream(0x28, 0x5, 0x28)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x800, 0x0, 0x2, 0x1, 0x7, 0x2}, 0x20)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)

3.280873954s ago: executing program 1 (id=3935):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000040000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)

2.764188486s ago: executing program 6 (id=3936):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='timer_start\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

2.635354406s ago: executing program 6 (id=3937):
r0 = socket$netlink(0x10, 0x3, 0xf)
recvmmsg(r0, 0x0, 0x0, 0x20, &(0x7f00000041c0)={0x0, 0x3938700})

2.315783301s ago: executing program 6 (id=3940):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r3, r2}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x40f00}, 0x94)
getegid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000100), 0x12)

2.128171687s ago: executing program 8 (id=3943):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000, 0x5f}, 0x1e)

2.123855018s ago: executing program 1 (id=3944):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2800000026000116"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4804)

2.109423689s ago: executing program 8 (id=3945):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r1, 0x0, 0x0)
add_key$keyring(&(0x7f0000000140), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r1)

2.041766514s ago: executing program 8 (id=3946):
r0 = socket$packet(0x11, 0x3, 0x300)
recvmmsg(r0, &(0x7f0000004e80)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x0, 0x0)

2.041585804s ago: executing program 1 (id=3947):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='timer_start\x00', r2}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

2.032926915s ago: executing program 1 (id=3949):
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x1, 0x0, 0x1000}}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x30400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{r6}, &(0x7f0000000f00), &(0x7f0000000f40)=r3}, 0x20)
recvfrom(r4, 0x0, 0x0, 0x40, 0x0, 0x0)

1.692186313s ago: executing program 5 (id=3953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x7, &(0x7f00000000c0)={0x0, 0x2, 0x7, 0x401})

1.691990933s ago: executing program 5 (id=3954):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10, &(0x7f0000000640)={[{@prjquota}, {@delalloc}]}, 0x0, 0x47c, &(0x7f00000001c0)="$eJzs3M9vFFUcAPDvzLZF+VVEROWHVNHY+KOlBZWDF43eNDHRA15MalsIslBDSyKEaDUGj4bEu/FkjP4FnvRi1JOJV70bEqLEBPSga2Z2prSlu9Cyyy7u55PM9r2dt/ved2fezJt53Q2gZw1lD0nExoj4JSIG69mlBYbqf65cOjv516Wzk0nUaq/+nuTlLl86O1kWLV+3ocgMpxHph0lRyVKzp88cm6hWp08W+dG542+Pzp4+8+TR4xNHpo9Mnxg/ePDA/rFnnh5/qiVxZnFd3vHuzK6k7/XzL08eOv/mD1/1RcT23fX1i+O4KemGheRQFvgftdzyYo+0pLLusWlROunrYENYlUpEZJurP+//g1GJqxtvMF78oKONA9oqOzeta7x6vgb8jyXR6RYAnVGe6LPr33K5RUOPrnDxufoFUBb3lWKpr+mLtCjT38b674uIQ/N/f5otUWyHfza2sUIAoOd9k41/nlhp/JfG9kXlNhdzKFsi4q6I2BoRd0fEtoi4JyIve28xnlmN+tRQZSF/7fgzvbDm4G5ANv57tpjbWjr+q4/+arXav5UitymPvz85fLQ6va/4TIajf12WH2tSx7cv/Pxxo3VDi8Z/2ZLVX44Fi3Zc6Ft2g25qYm6iVYPSi+9H7OhbKf5kYSYgiYj7I2LH6t56c5k4+tgXuxoVun78TbRgnqn2WcSj9e0/H8viLyXN5ydH74jq9L7Rcq+41o8/nXulUf03FX8LZNt//dL9f1mJwT+TxfO1s6uv49yvHzW8plzr/j+QvJbPWQ8Uz70zMTd3cixiIHkpzy95fvzqa8t8WT6Lf3jvyv1/a/GaLP6dEZHtxLsj4oGI2FO0/cGIeCgi9jaJ//vnH35r7fG3Vxb/1IrHv4X9f8vS7b/6ROXYd183qv/Gtv+BPDVcPJMf/66jcXOiOp0d1te8NwMAAMDtJ42IjZGkIwvpNB0Zqf8P/7ZYn1ZnZucePzxz6sRU/TsCW6I/Le90DRb3Q7Or7bFkvnjH+v3R8eJecXm/dH9x3/iTyp15fmRypjrV4dih121o0P8zv1U63Tqg7XxfC3rX8v6fdqgdwK3n/A+9S/+H3qX/Q+9a1P+/PHVuZ554L3/cs7BixbmAJr8cAtwenP+hd+n/0Lv0f+hd+j/0pJv5Xn93Jwa6oxmrT3ze3xXNuF4i0mZl3ohb3rDoio+l1Ymk6Y9ZtDHR6SMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa/wXAAD//ys68O0=")
lchown(0x0, 0x0, 0xee00)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100d0000000fbdbdf252100000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = gettid()
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
flistxattr(r6, 0x0, 0x2)
tkill(r5, 0x12)
tkill(0x0, 0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc010)

1.675447633s ago: executing program 5 (id=3955):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000040000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)

1.216297741s ago: executing program 6 (id=3956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='fdb_delete\x00', r3}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.130276568s ago: executing program 1 (id=3957):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r2, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024)

872.246569ms ago: executing program 2 (id=3958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r3=>0x0)
io_getevents(r3, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0)
io_submit(r3, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}])

702.769442ms ago: executing program 6 (id=3959):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rename(0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test', 0xc3a01, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x5, 0xa4, &(0x7f0000000100)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005020524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x8090)
socket$nl_netfilter(0x10, 0x3, 0xc)

649.367057ms ago: executing program 1 (id=3960):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x40}, 0x20000000)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = eventfd2(0x0, 0x0)
readv(r3, &(0x7f0000000500)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x1)

311.113975ms ago: executing program 8 (id=3961):
r0 = socket(0x1e, 0x80004, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10)
dup3(r1, r0, 0x0)

309.823635ms ago: executing program 5 (id=3962):
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r2, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000)

195.080294ms ago: executing program 2 (id=3963):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

194.854214ms ago: executing program 8 (id=3964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0600000004000000e27f000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_setup(0x6, &(0x7f0000000680)=<r5=>0x0)
io_submit(r5, 0x2, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r2, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x3, r2, &(0x7f00000006c0)="5810235a8c132d765b", 0x9, 0x1}])

194.135524ms ago: executing program 5 (id=3965):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x1, 0x0, 0x0, 0x100, 0xc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

150.540757ms ago: executing program 5 (id=3966):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r3, r2}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x40f00}, 0x94)
getegid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000100), 0x12)

97.076172ms ago: executing program 2 (id=3967):
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x1, 0x0, 0x1000}}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x30400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{r6}, &(0x7f0000000f00), &(0x7f0000000f40)=r3}, 0x20)
recvfrom(r4, 0x0, 0x0, 0x40, 0x0, 0x0)

0s ago: executing program 8 (id=3968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffd, 0x400, 0x1, 0x6, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

kernel console output (not intermixed with test programs):

gle+0x20e/0x370
[  416.381379][    C1]  ? free_unref_page_prepare+0x2b7/0x2d0
[  416.381383][    C1]  ? __free_pages+0x14b/0x380
[  416.381386][    C1]  ? free_pages+0x82/0x90
[  416.381390][    C1]  ? kasan_depopulate_vmalloc_pte+0x6b/0x90
[  416.381394][    C1]  ? smp_call_function_single+0x470/0x470
[  416.381397][    C1]  ? __purge_vmap_area_lazy+0x133b/0x1470
[  416.381401][    C1]  ? _vm_unmap_aliases+0x2f8/0x380
[  416.381405][    C1]  smp_call_function_single+0x1c5/0x470
[  416.381408][    C1]  ? flush_tlb_kernel_range+0x1c0/0x1c0
[  416.381412][    C1]  ? flush_smp_call_function_from_idle+0x180/0x180
[  416.381415][    C1]  ? flush_tlb_kernel_range+0x1c0/0x1c0
[  416.381419][    C1]  smp_call_function_many_cond+0x8f2/0x9e0
[  416.381422][    C1]  ? __kasan_check_write+0x14/0x20
[  416.381425][    C1]  ? _raw_spin_lock+0x8e/0xe0
[  416.381429][    C1]  ? flush_tlb_kernel_range+0x1c0/0x1c0
[  416.381432][    C1]  ? smp_call_function_many+0x40/0x40
[  416.381435][    C1]  ? _raw_spin_unlock+0x4d/0x70
[  416.381439][    C1]  ? flush_tlb_kernel_range+0x1c0/0x1c0
[  416.381442][    C1]  on_each_cpu+0xab/0x170
[  416.381445][    C1]  ? smp_call_function+0x90/0x90
[  416.381448][    C1]  flush_tlb_kernel_range+0x155/0x1c0
[  416.381452][    C1]  kasan_release_vmalloc+0xa2/0xb0
[  416.381455][    C1]  __purge_vmap_area_lazy+0x133b/0x1470
[  416.381458][    C1]  _vm_unmap_aliases+0x2f8/0x380
[  416.381461][    C1]  vm_unmap_aliases+0x19/0x20
[  416.381465][    C1]  change_page_attr_set_clr+0x311/0xc10
[  416.381468][    C1]  ? __set_memory_prot+0xd0/0xd0
[  416.381472][    C1]  ? get_random_u64+0x510/0x510
[  416.381475][    C1]  ? is_vmalloc_or_module_addr+0xd/0x50
[  416.381478][    C1]  set_memory_ro+0x89/0xd0
[  416.381482][    C1]  ? set_memory_nx+0x110/0x110
[  416.381485][    C1]  ? _raw_spin_unlock+0x4d/0x70
[  416.381488][    C1]  bpf_int_jit_compile+0x860b/0x8ae0
[  416.381491][    C1]  ? emit_bpf_dispatcher+0xb80/0xb80
[  416.381495][    C1]  bpf_prog_select_runtime+0x742/0x9e0
[  416.381498][    C1]  ? memset+0x35/0x40
[  416.381501][    C1]  ? bpf_obj_name_cpy+0x193/0x1e0
[  416.381504][    C1]  bpf_prog_load+0xf85/0x1420
[  416.381508][    C1]  ? map_freeze+0x320/0x320
[  416.381511][    C1]  ? selinux_bpf+0xc7/0xf0
[  416.381514][    C1]  ? security_bpf+0x82/0xa0
[  416.381518][    C1]  __se_sys_bpf+0x442/0x680
[  416.381521][    C1]  ? __x64_sys_bpf+0x90/0x90
[  416.381525][    C1]  ? do_user_addr_fault+0x791/0xc80
[  416.381528][    C1]  ? debug_smp_processor_id+0x17/0x20
[  416.381531][    C1]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  416.381534][    C1]  __x64_sys_bpf+0x7b/0x90
[  416.381537][    C1]  do_syscall_64+0x31/0x40
[  416.381541][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  416.381544][    C1] RIP: 0033:0x7f01bbc5fbe9
[  416.381552][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.381556][    C1] RSP: 002b:00007f01ba6c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  416.381564][    C1] RAX: ffffffffffffffda RBX: 00007f01bbe96fa0 RCX: 00007f01bbc5fbe9
[  416.381568][    C1] RDX: 0000000000000094 RSI: 0000200000000d80 RDI: 0000000000000005
[  416.381573][    C1] RBP: 00007f01bbce2e19 R08: 0000000000000000 R09: 0000000000000000
[  416.381577][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  416.381582][    C1] R13: 00007f01bbe97038 R14: 00007f01bbe96fa0 R15: 00007ffe67eee748
[  416.870329][ T8548] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2516'.
[  416.974466][  T382] usb 6-1: USB disconnect, device number 11
[  417.954589][ T8571] binfmt_misc: register: failed to install interpreter file ./file0/file2
[  418.268034][ T8609] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	Sÿÿÿÿ
[  419.517221][ T8637] overlayfs: failed to clone upperpath
[  419.555584][ T8641] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.564900][ T8641] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.572488][ T8641] device bridge_slave_0 entered promiscuous mode
[  419.580275][ T8641] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.587623][ T8641] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.596712][ T8641] device bridge_slave_1 entered promiscuous mode
[  419.710003][ T8641] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.717121][ T8641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.724449][ T8641] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.729341][ T8659] overlayfs: unrecognized mount option "verity=on" or missing value
[  419.731483][ T8641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.809552][ T4718] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.817402][ T4718] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.835260][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  419.842829][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  419.858970][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  419.870626][ T4718] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.877754][ T4718] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.906617][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  419.928026][ T4718] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.935145][ T4718] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.964720][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  419.973209][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  419.990195][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  420.005340][ T8641] device veth0_vlan entered promiscuous mode
[  420.011788][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  420.020770][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  420.028788][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  420.043845][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  420.053227][ T8641] device veth1_macvtap entered promiscuous mode
[  420.065666][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  420.080815][ T4718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  421.217857][   T24] audit: type=1400 audit(2000000277.000:1862): avc:  denied  { write } for  pid=8717 comm="syz.8.2582" name="rtc0" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  422.039860][ T8780] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2607'.
[  423.203643][ T8830] device syzkaller0 entered promiscuous mode
[  423.528768][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.534448][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.539931][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.546213][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.551683][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.557470][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.562872][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.569287][ T8871] tap0: tun_chr_ioctl cmd 1075883590
[  423.629619][ T8878] overlayfs: failed to clone upperpath
[  423.638759][   T24] audit: type=1400 audit(2000000279.420:1863): avc:  denied  { read write } for  pid=8870 comm="syz.8.2646" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  423.662470][ T8878] overlayfs: failed to clone upperpath
[  423.692971][ T8885] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2652'.
[  423.702134][   T24] audit: type=1400 audit(2000000279.420:1864): avc:  denied  { open } for  pid=8870 comm="syz.8.2646" path="/84/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  423.806211][   T24] audit: type=1326 audit(2000000279.580:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8882 comm="syz.8.2651" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d7e43abe9 code=0x0
[  424.510414][   T24] audit: type=1400 audit(2000000280.290:1866): avc:  denied  { mounton } for  pid=8939 comm="syz.2.2671" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  424.543974][ T8941] cgroup: Unknown subsys name 'io'
[  424.853190][  T462] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  424.991666][   T24] audit: type=1400 audit(2000000280.770:1867): avc:  denied  { mounton } for  pid=8978 comm="syz.8.2687" path="/proc/218/task/219/net" dev="proc" ino=48817 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  425.093160][  T462] usb 6-1: Using ep0 maxpacket: 16
[  425.164637][   T15] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  425.223246][  T462] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  425.232001][  T462] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  425.242271][  T462] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  425.433343][  T462] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  425.442421][  T462] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.450449][  T462] usb 6-1: Product: syz
[  425.457750][  T462] usb 6-1: Manufacturer: syz
[  425.462559][  T462] usb 6-1: SerialNumber: syz
[  425.493512][   T15] usb 2-1: not running at top speed; connect to a high speed hub
[  425.573302][   T15] usb 2-1: config 8 has an invalid interface number: 247 but max is 0
[  425.581683][   T15] usb 2-1: config 8 has no interface number 0
[  425.588011][   T15] usb 2-1: config 8 interface 247 altsetting 54 endpoint 0xC has invalid maxpacket 512, setting to 64
[  425.599144][   T15] usb 2-1: config 8 interface 247 altsetting 54 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  425.617820][   T15] usb 2-1: config 8 interface 247 altsetting 54 has an invalid endpoint descriptor of length 2, skipping
[  425.629108][   T15] usb 2-1: config 8 interface 247 altsetting 54 has an invalid endpoint with address 0x80, skipping
[  425.640067][   T15] usb 2-1: config 8 interface 247 altsetting 54 has 7 endpoint descriptors, different from the interface descriptor's value: 6
[  425.653539][   T15] usb 2-1: config 8 interface 247 has no altsetting 0
[  425.810095][   T24] audit: type=1400 audit(2000000281.590:1868): avc:  denied  { setopt } for  pid=9016 comm="syz.9.2704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  425.831236][   T15] usb 2-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice= 6.6d
[  425.856253][   T15] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.884885][   T15] usb 2-1: Product: syz
[  425.895015][   T15] usb 2-1: Manufacturer: syz
[  425.899654][   T15] usb 2-1: SerialNumber: syz
[  425.943426][ T8977] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  425.953656][  T462] usb 6-1: 0:2 : does not exist
[  425.970704][ T9038] netlink: 'syz.9.2711': attribute type 15 has an invalid length.
[  425.978706][ T9038] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2711'.
[  426.065684][ T9041] binder: 9040:9041 ioctl c0306201 200000000780 returned -22
[  426.304607][ T9050] overlayfs: missing 'lowerdir'
[  426.373295][ T2768] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  426.426573][   T15] usb 2-1: USB disconnect, device number 10
[  426.430491][  T462] usb 6-1: USB disconnect, device number 12
[  426.613202][ T2768] usb 9-1: Using ep0 maxpacket: 8
[  426.773233][ T2768] usb 9-1: unable to get BOS descriptor or descriptor too short
[  427.008043][ T9077] overlayfs: missing 'lowerdir'
[  427.034091][ T9079] input: syz0 as /devices/virtual/input/input18
[  427.040480][ T9079] input: failed to attach handler leds to device input18, error: -6
[  427.169465][ T9086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2732'.
[  427.281668][ T2768] usb 9-1: config 0 has an invalid interface number: 88 but max is 0
[  427.289826][ T2768] usb 9-1: config 0 has no interface number 0
[  427.295959][ T2768] usb 9-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  427.306946][ T2768] usb 9-1: config 0 interface 88 has no altsetting 0
[  427.393174][ T4491] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  427.553233][ T2768] usb 9-1: string descriptor 0 read error: -22
[  427.559504][ T2768] usb 9-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  427.568748][ T2768] usb 9-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  427.577930][ T2768] usb 9-1: config 0 descriptor??
[  427.623409][ T2768] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.88/input/input19
[  427.641942][ T9094] overlayfs: failed to clone upperpath
[  427.773291][ T4491] usb 6-1: config 0 has an invalid interface number: 40 but max is 0
[  427.781436][ T4491] usb 6-1: config 0 has no interface number 0
[  427.787691][ T4491] usb 6-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice=de.fa
[  427.796827][ T4491] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.805413][ T4491] usb 6-1: config 0 descriptor??
[  427.833409][  T382] usb 9-1: USB disconnect, device number 6
[  428.083264][ T4491] usb 6-1: string descriptor 0 read error: -71
[  428.089967][ T4491] ftdi_sio 6-1:0.40: FTDI USB Serial Device converter detected
[  428.098002][ T4491] usb 6-1: Detected FT-X
[  428.113239][ T4491] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  428.133198][ T4491] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  428.153234][ T4491] ftdi_sio 6-1:0.40: GPIO initialisation failed: -71
[  428.160863][ T4491] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  428.182598][ T9110] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=8 (32 ns) > initial count (12 ns). Using initial count to start timer.
[  428.186340][ T4491] usb 6-1: USB disconnect, device number 13
[  428.209815][ T4491] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  428.237287][ T4491] ftdi_sio 6-1:0.40: device disconnected
[  428.278108][ T9125] overlayfs: failed to clone upperpath
[  428.603169][   T15] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  428.637945][ T9162] binder: 9161:9162 ioctl c0306201 200000000080 returned -14
[  428.643702][ T2768] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  428.723312][ T9167] raw_sendmsg: syz.5.2766 forgot to set AF_INET. Fix it!
[  428.843203][   T15] usb 3-1: Using ep0 maxpacket: 16
[  428.963281][   T15] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.974309][   T15] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.984244][   T15] usb 3-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00
[  428.993354][   T15] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.002368][   T15] usb 3-1: config 0 descriptor??
[  429.043326][  T462] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  429.053245][ T2768] usb 9-1: unable to get BOS descriptor or descriptor too short
[  429.093232][ T2768] usb 9-1: not running at top speed; connect to a high speed hub
[  429.173223][ T2768] usb 9-1: config 1 interface 0 has no altsetting 0
[  429.283225][  T462] usb 6-1: Using ep0 maxpacket: 16
[  429.333244][ T2768] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  429.342297][ T2768] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.353841][   T24] audit: type=1400 audit(2000000285.140:1869): avc:  denied  { link } for  pid=9187 comm="syz.1.2774" name="#74" dev="tmpfs" ino=1560 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  429.363178][ T2768] usb 9-1: Product: syz
[  429.376722][   T24] audit: type=1400 audit(2000000285.160:1870): avc:  denied  { rename } for  pid=9187 comm="syz.1.2774" name="#75" dev="tmpfs" ino=1560 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  429.402689][ T2768] usb 9-1: Manufacturer: syz
[  429.407449][ T2768] usb 9-1: SerialNumber: syz
[  429.413474][  T462] usb 6-1: config 255 has an invalid interface number: 151 but max is 1
[  429.421847][  T462] usb 6-1: config 255 has an invalid interface number: 19 but max is 1
[  429.431189][  T462] usb 6-1: config 255 has no interface number 0
[  429.437795][  T462] usb 6-1: config 255 has no interface number 1
[  429.444390][  T462] usb 6-1: config 255 interface 151 has no altsetting 0
[  429.484373][   T15] hid-generic 0003:05AC:0324.001A: collection stack underflow
[  429.491897][   T15] hid-generic 0003:05AC:0324.001A: item 0 0 0 12 parsing failed
[  429.513306][   T15] hid-generic: probe of 0003:05AC:0324.001A failed with error -22
[  429.623254][  T462] usb 6-1: New USB device found, idVendor=0499, idProduct=100c, bcdDevice=71.27
[  429.632299][  T462] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.653157][  T462] usb 6-1: Product: syz
[  429.657416][  T462] usb 6-1: Manufacturer: syz
[  429.661987][  T462] usb 6-1: SerialNumber: syz
[  429.686113][   T15] usb 3-1: USB disconnect, device number 14
[  429.704010][  T462] snd-usb-audio: probe of 6-1:255.151 failed with error -2
[  429.712018][  T462] snd-usb-audio: probe of 6-1:255.19 failed with error -2
[  429.905942][  T295] usb 6-1: USB disconnect, device number 14
[  429.913003][ T2768] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 1 proto 1 vid 0x0525 pid 0xA4A8
[  430.107057][ T2768] usb 9-1: USB disconnect, device number 7
[  430.114044][ T2768] usblp0: removed
[  430.623891][   T24] audit: type=1400 audit(2000000286.410:1871): avc:  denied  { setopt } for  pid=9222 comm="syz.8.2788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  430.663465][   T24] audit: type=1400 audit(2000000286.410:1872): avc:  denied  { write } for  pid=9222 comm="syz.8.2788" path="socket:[50621]" dev="sockfs" ino=50621 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  430.692365][   T24] audit: type=1400 audit(2000000286.410:1873): avc:  denied  { accept } for  pid=9222 comm="syz.8.2788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  430.722526][   T24] audit: type=1400 audit(2000000286.450:1874): avc:  denied  { append } for  pid=9221 comm="syz.5.2787" name="loop7" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  431.113526][ T9233] kvm: pic: non byte write
[  431.433264][ T1733] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  431.683180][ T1733] usb 3-1: Using ep0 maxpacket: 32
[  432.635332][ T9271] kvm: pic: single mode not supported
[  432.635342][ T9271] kvm: pic: level sensitive irq not supported
[  432.652854][ T9271] kvm: pic: single mode not supported
[  432.658998][ T9271] kvm: pic: level sensitive irq not supported
[  432.683799][ T9271] kvm: pic: level sensitive irq not supported
[  432.695760][ T9271] kvm: pic: non byte write
[  432.719082][ T9271] kvm: pic: non byte write
[  432.848081][ T1733] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  432.856360][ T1733] usb 3-1: config 0 has no interface number 0
[  432.862468][ T1733] usb 3-1: config 0 interface 184 has no altsetting 0
[  432.898017][   T24] audit: type=1400 audit(2000000288.680:1875): avc:  denied  { mounton } for  pid=9274 comm="syz.8.2806" path="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  433.053284][ T1733] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  433.082735][ T1733] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.113158][ T1733] usb 3-1: Product: syz
[  433.117366][ T1733] usb 3-1: Manufacturer: syz
[  433.121986][ T1733] usb 3-1: SerialNumber: syz
[  433.143466][ T1733] usb 3-1: config 0 descriptor??
[  433.183714][ T1733] smsc75xx v1.0.0
[  433.766236][ T9300] usb usb8: selecting invalid altsetting 6
[  433.814018][   T24] audit: type=1400 audit(2000000289.600:1876): avc:  denied  { ioctl } for  pid=9301 comm="syz.5.2817" path="socket:[50900]" dev="sockfs" ino=50900 ioctlcmd=0x8b35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  434.702887][ T9331] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	S+¼
[  434.723298][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  434.734775][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  434.763188][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  434.774167][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  434.783938][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  434.794471][ T1733] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  434.804022][ T1733] smsc75xx: probe of 3-1:0.184 failed with error -71
[  434.812160][ T1733] usb 3-1: USB disconnect, device number 15
[  435.918192][   T24] audit: type=1400 audit(2000000291.700:1877): avc:  denied  { getopt } for  pid=9376 comm="syz.5.2846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  435.945444][ T4491] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  435.956756][ T4491] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  436.973224][  T295] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  437.163925][   T26] INFO: task syz.5.686:3135 blocked for more than 252 seconds.
[  437.186270][   T26]       Tainted: G        W         5.10.240-syzkaller #0
[  437.224323][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  437.271145][   T26] task:syz.5.686       state:D stack:    0 pid: 3135 ppid:  1328 flags:0x00004004
[  437.319809][   T26] Call Trace:
[  437.337892][   T26]  __schedule+0xb47/0x1310
[  437.343637][  T295] usb 2-1: config 0 has no interfaces?
[  437.368221][   T26]  ? release_firmware_map_entry+0x190/0x190
[  437.400099][   T26]  ? __kasan_check_write+0x14/0x20
[  437.428298][   T26]  ? _raw_spin_lock_irq+0x8f/0xe0
[  437.455281][   T26]  ? _raw_spin_lock_irqsave+0x110/0x110
[  437.485574][   T26]  ? memset+0x35/0x40
[  437.503586][  T295] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02
[  437.516869][   T26]  schedule+0x13c/0x1d0
[  437.531097][  T295] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  437.578009][   T26]  rwsem_down_read_slowpath+0x5f9/0xd10
[  437.628667][   T26]  ? down_write_killable+0x120/0x120
[  437.637558][  T295] usb 2-1: SerialNumber: syz
[  437.683922][   T26]  ? __kasan_check_write+0x14/0x20
[  437.732009][   T26]  ? _raw_spin_lock+0x8e/0xe0
[  437.813581][  T295] usb 2-1: config 0 descriptor??
[  437.833310][   T26]  ? _raw_spin_trylock_bh+0x130/0x130
[  437.838730][   T26]  down_read+0x4c/0xd0
[  437.869541][   T26]  iterate_supers+0xad/0x1e0
[  437.874530][   T26]  ? __ia32_sys_quotactl+0xb0/0xb0
[  437.879658][   T26]  __se_sys_quotactl+0x380/0xa90
[  437.903195][   T26]  ? __x64_sys_quotactl+0xb0/0xb0
[  437.908404][   T26]  ? switch_fpu_return+0x197/0x340
[  437.918553][   T26]  ? fpu__clear_all+0x20/0x20
[  437.928672][   T26]  __x64_sys_quotactl+0x9b/0xb0
[  437.945988][   T26]  do_syscall_64+0x31/0x40
[  437.950491][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  437.979267][   T26] RIP: 0033:0x7f785edcfbe9
[  437.983995][   T26] RSP: 002b:00007f785d838038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  437.992797][   T24] audit: type=1400 audit(2000000293.770:1878): avc:  denied  { read } for  pid=9412 comm="syz.5.2860" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  437.992822][   T26] RAX: ffffffffffffffda RBX: 00007f785f006fa0 RCX: 00007f785edcfbe9
[  438.040882][   T26] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102
[  438.049840][   T26] RBP: 00007f785ee52e19 R08: 0000000000000000 R09: 0000000000000000
[  438.058342][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  438.066708][   T26] R13: 00007f785f007038 R14: 00007f785f006fa0 R15: 00007ffe6813b2b8
[  438.069084][  T462] usb 2-1: USB disconnect, device number 11
[  438.076214][   T26] NMI backtrace for cpu 0
[  438.085509][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.240-syzkaller #0
[  438.094900][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  438.105067][   T26] Call Trace:
[  438.108383][   T26]  __dump_stack+0x21/0x24
[  438.112736][   T26]  dump_stack_lvl+0x169/0x1d8
[  438.117436][   T26]  ? show_regs_print_info+0x18/0x18
[  438.122666][   T26]  ? sched_show_task+0x324/0x4a0
[  438.127645][   T26]  ? __rcu_read_unlock+0xa0/0xa0
[  438.132608][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  438.138697][   T26]  dump_stack+0x15/0x1c
[  438.142882][   T26]  nmi_trigger_cpumask_backtrace+0x27f/0x2c0
[  438.148888][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  438.154810][   T26]  watchdog+0xe2e/0xf70
[  438.158997][   T26]  ? hungtask_pm_notify+0x50/0x50
[  438.164047][   T26]  ? __kasan_check_read+0x11/0x20
[  438.169095][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  438.174059][   T26]  kthread+0x346/0x3d0
[  438.178156][   T26]  ? hungtask_pm_notify+0x50/0x50
[  438.183205][   T26]  ? kthread_blkcg+0xd0/0xd0
[  438.187822][   T26]  ret_from_fork+0x1f/0x30
[  438.192409][   T26] Sending NMI from CPU 0 to CPUs 1:
[  438.198358][    C1] NMI backtrace for cpu 1
[  438.198365][    C1] CPU: 1 PID: 9388 Comm: syz.2.2850 Tainted: G        W         5.10.240-syzkaller #0
[  438.198370][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  438.198374][    C1] RIP: 0010:__unwind_start+0x28d/0x3a0
[  438.198382][    C1] Code: 00 00 fc ff df 48 8b 4d 98 80 3c 01 00 74 08 4c 89 ef e8 a6 d1 6e 00 49 8b 5d 00 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 <74> 08 4c 89 e7 e8 89 d1 6e 00 49 8b 04 24 48 8b 55 c8 48 39 da 0f
[  438.198386][    C1] RSP: 0018:ffffc9000263f010 EFLAGS: 00000246
[  438.198395][    C1] RAX: dffffc0000000000 RBX: ffffc90002638000 RCX: 1ffff920004c7e12
[  438.198400][    C1] RDX: ffffc9000263f110 RSI: 1ffff920004c7e12 RDI: ffffc9000263f0e0
[  438.198404][    C1] RBP: ffffc9000263f078 R08: dffffc0000000001 R09: ffffc9000263f088
[  438.198409][    C1] R10: fffff520004c7e1d R11: 1ffff920004c7e11 R12: ffffc9000263f098
[  438.198413][    C1] R13: ffffc9000263f090 R14: ffffc9000263f088 R15: 1ffff920004c7e13
[  438.198418][    C1] FS:  00007f23a50146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  438.198422][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  438.198426][    C1] CR2: 000020000057f000 CR3: 0000000126023000 CR4: 00000000003526a0
[  438.198431][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  438.198435][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  438.198438][    C1] Call Trace:
[  438.198442][    C1]  ? stack_trace_save+0xe0/0xe0
[  438.198445][    C1]  arch_stack_walk+0xd6/0x140
[  438.198448][    C1]  ? stack_trace_save+0x98/0xe0
[  438.198451][    C1]  stack_trace_save+0x98/0xe0
[  438.198455][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  438.198458][    C1]  ? memset+0x35/0x40
[  438.198461][    C1]  save_stack+0x95/0x1f0
[  438.198465][    C1]  ? __reset_page_owner+0x140/0x140
[  438.198468][    C1]  ? sched_clock_cpu+0x1b/0x3d0
[  438.198471][    C1]  __set_page_owner+0x3b/0x2a0
[  438.198475][    C1]  ? kernel_init_free_pages+0xdc/0xf0
[  438.198478][    C1]  prep_new_page+0x179/0x180
[  438.198481][    C1]  get_page_from_freelist+0x2235/0x23d0
[  438.198484][    C1]  ? sched_clock+0x3a/0x40
[  438.198488][    C1]  ? preempt_schedule_irq+0xbb/0x110
[  438.198492][    C1]  ? preempt_schedule_notrace+0x110/0x110
[  438.198495][    C1]  ? __irq_exit_rcu+0x40/0x150
[  438.198498][    C1]  ? irqentry_exit+0x56/0x60
[  438.198502][    C1]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  438.198506][    C1]  ? __alloc_pages_nodemask+0x5f0/0x5f0
[  438.198509][    C1]  __alloc_pages_nodemask+0x268/0x5f0
[  438.198513][    C1]  ? gfp_pfmemalloc_allowed+0x130/0x130
[  438.198517][    C1]  ? sysvec_reboot+0x70/0xe0
[  438.198520][    C1]  __vmalloc_node_range+0x353/0x780
[  438.198524][    C1]  ? __vcalloc+0x36/0x50
[  438.198527][    C1]  __vmalloc+0x79/0x90
[  438.198530][    C1]  ? __vcalloc+0x36/0x50
[  438.198533][    C1]  __vcalloc+0x36/0x50
[  438.198537][    C1]  kvm_arch_prepare_memory_region+0x120/0x790
[  438.198540][    C1]  kvm_set_memslot+0x206/0x1440
[  438.198543][    C1]  ? __bitmap_set+0xbc/0x170
[  438.198547][    C1]  __kvm_set_memory_region+0x9e9/0xbc0
[  438.198550][    C1]  ? __kasan_check_read+0x11/0x20
[  438.198554][    C1]  ? preempt_schedule_common+0xbe/0xf0
[  438.198557][    C1]  ? kvm_put_kvm_no_destroy+0x90/0x90
[  438.198561][    C1]  ? try_to_wake_up+0x638/0xd70
[  438.198564][    C1]  ? __kasan_check_write+0x14/0x20
[  438.198567][    C1]  ? wake_up_q+0x12c/0x1e0
[  438.198571][    C1]  kvm_vm_ioctl_set_memory_region+0x6f/0xa0
[  438.198574][    C1]  kvm_vm_ioctl+0x776/0xa10
[  438.198578][    C1]  ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0
[  438.198581][    C1]  ? do_vfs_ioctl+0x766/0x1510
[  438.198585][    C1]  ? __ia32_compat_sys_ioctl+0x7b0/0x7b0
[  438.198588][    C1]  ? has_cap_mac_admin+0x330/0x330
[  438.198592][    C1]  ? slab_free_freelist_hook+0xc5/0x190
[  438.198595][    C1]  ? kvm_uevent_notify_change+0x305/0x3b0
[  438.198599][    C1]  ? __fd_install+0x13b/0x270
[  438.198602][    C1]  ? selinux_file_ioctl+0x377/0x480
[  438.198605][    C1]  ? kvm_dev_ioctl+0xe94/0x1610
[  438.198609][    C1]  ? selinux_file_alloc_security+0x120/0x120
[  438.198612][    C1]  ? __fget_files+0x2c4/0x320
[  438.198616][    C1]  ? security_file_ioctl+0x84/0xa0
[  438.198620][    C1]  ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0
[  438.198623][    C1]  __se_sys_ioctl+0x121/0x1a0
[  438.198626][    C1]  __x64_sys_ioctl+0x7b/0x90
[  438.198629][    C1]  do_syscall_64+0x31/0x40
[  438.198633][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  438.198636][    C1] RIP: 0033:0x7f23a65abbe9
[  438.198644][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.198648][    C1] RSP: 002b:00007f23a5014038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  438.198656][    C1] RAX: ffffffffffffffda RBX: 00007f23a67e2fa0 RCX: 00007f23a65abbe9
[  438.198660][    C1] RDX: 0000200000000080 RSI: 000000004020ae46 RDI: 0000000000000004
[  438.198665][    C1] RBP: 00007f23a662ee19 R08: 0000000000000000 R09: 0000000000000000
[  438.198670][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  438.198680][    C1] R13: 00007f23a67e3038 R14: 00007f23a67e2fa0 R15: 00007ffe1faa7478
[  439.166756][   T24] audit: type=1400 audit(2000000294.950:1879): avc:  denied  { create } for  pid=9434 comm="syz.8.2867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  439.213179][  T462] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  439.431213][   T24] audit: type=1400 audit(2000000295.210:1880): avc:  denied  { map } for  pid=9438 comm="syz.1.2869" path="socket:[51962]" dev="sockfs" ino=51962 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  439.613246][  T462] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  439.623496][  T462] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  439.703256][  T462] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  439.712578][  T462] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  439.721013][  T462] usb 6-1: SerialNumber: syz
[  440.742235][  T462] usb 6-1: 0:2 : does not exist
[  440.749294][  T462] usb 6-1: USB disconnect, device number 15
[  441.080210][   T24] audit: type=1400 audit(2000000296.860:1881): avc:  denied  { bind } for  pid=9474 comm="syz.2.2881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  441.144276][  T462] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  442.723126][  T462] usb 6-1: Using ep0 maxpacket: 32
[  442.914970][   T24] audit: type=1400 audit(2000000298.700:1882): avc:  denied  { ioctl } for  pid=9506 comm="syz.1.2894" path="socket:[52403]" dev="sockfs" ino=52403 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  442.963227][  T462] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  443.143277][  T462] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  443.152399][  T462] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  443.160966][  T462] usb 6-1: Product: syz
[  443.165184][  T462] usb 6-1: Manufacturer: syz
[  443.169777][  T462] usb 6-1: SerialNumber: syz
[  443.178258][  T462] usb 6-1: config 0 descriptor??
[  443.203214][ T9448] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  443.225227][ T4733] udevd[4733]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  443.426047][  T462] usb 6-1: USB disconnect, device number 16
[  443.603534][ T9525] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.610836][ T9525] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.618468][ T9525] device bridge_slave_0 entered promiscuous mode
[  443.625720][ T9525] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.632831][ T9525] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.640599][ T9525] device bridge_slave_1 entered promiscuous mode
[  443.701040][ T9525] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.708141][ T9525] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.715448][ T9525] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.722475][ T9525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.752246][  T296] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.759980][  T296] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.767801][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  443.775959][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  443.785503][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  443.794045][  T296] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.801105][  T296] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.833511][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  443.860680][  T296] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.867827][  T296] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.917751][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  443.932481][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  443.976029][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  444.013358][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  444.034798][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  444.063841][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  444.090038][ T9525] device veth0_vlan entered promiscuous mode
[  444.122960][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  444.139731][ T9525] device veth1_macvtap entered promiscuous mode
[  444.180523][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  444.200369][ T1731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  444.693143][   T15] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  444.933222][   T15] usb 7-1: Using ep0 maxpacket: 32
[  445.053235][   T15] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  445.064491][   T15] usb 7-1: config 0 has no interface number 0
[  445.076730][   T15] usb 7-1: config 0 interface 12 has no altsetting 0
[  445.244261][   T15] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[  445.316746][   T15] usb 7-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[  445.325617][   T15] usb 7-1: Product: syz
[  445.330237][   T15] usb 7-1: Manufacturer: syz
[  445.336583][   T15] usb 7-1: SerialNumber: syz
[  445.377278][   T15] usb 7-1: config 0 descriptor??
[  445.763206][   T15] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  446.143193][ T4491] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  446.153259][   T15] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.163472][   T15] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  446.172497][   T15] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.181299][   T15] usb 9-1: config 0 descriptor??
[  446.323158][ T2768] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  446.393164][ T4491] usb 6-1: Using ep0 maxpacket: 32
[  446.573246][ T2768] usb 3-1: Using ep0 maxpacket: 16
[  446.673248][ T4491] usb 6-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  446.682437][ T4491] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.690478][ T4491] usb 6-1: Product: syz
[  446.694728][ T4491] usb 6-1: Manufacturer: syz
[  446.699321][ T4491] usb 6-1: SerialNumber: syz
[  446.705229][ T4491] usb 6-1: config 0 descriptor??
[  446.723272][ T2768] usb 3-1: config 1 has an invalid interface number: 214 but max is 0
[  446.731637][ T2768] usb 3-1: config 1 has no interface number 0
[  446.737898][ T2768] usb 3-1: config 1 interface 214 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  446.749916][ T2768] usb 3-1: config 1 interface 214 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  446.760318][ T2768] usb 3-1: config 1 interface 214 has no altsetting 0
[  446.855176][   T24] audit: type=1400 audit(2000000302.640:1883): avc:  denied  { listen } for  pid=9603 comm="syz.1.2929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  446.943343][ T2768] usb 3-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  446.952568][ T2768] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.960618][ T2768] usb 3-1: Product: syz
[  446.964918][ T2768] usb 3-1: Manufacturer: syz
[  446.969530][ T2768] usb 3-1: SerialNumber: syz
[  447.033517][ T9599] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  447.040695][ T9599] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  447.063614][ T2768] ums-alauda 3-1:1.214: USB Mass Storage device detected
[  447.072874][ T2768] scsi host1: usb-storage 3-1:1.214
[  447.273477][ T4492] usb 3-1: USB disconnect, device number 16
[  447.398905][  T462] usb 7-1: USB disconnect, device number 15
[  448.263204][   T15] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  448.485466][  T462] usb 9-1: USB disconnect, device number 8
[  448.492692][ T9654] tipc: Started in network mode
[  448.504585][ T9654] tipc: Own node identity 4e281c38b211, cluster identity 4711
[  448.512299][ T9654] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  448.526902][ T9653] tipc: Resetting bearer <eth:syzkaller0>
[  448.542809][ T9653] tipc: Disabling bearer <eth:syzkaller0>
[  448.623303][   T15] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  448.643187][   T15] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  448.652273][   T15] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.702441][   T15] usb 3-1: config 0 descriptor??
[  448.735269][ T9666] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2947'.
[  448.866629][ T2768] usb 6-1: USB disconnect, device number 17
[  448.946156][ T9681] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2954'.
[  449.618644][ T9703] device syzkaller0 entered promiscuous mode
[  450.031557][  T295] usb 3-1: USB disconnect, device number 17
[  450.101185][ T9736] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2976'.
[  450.150728][ T9738] usb usb1: usbfs: process 9738 (syz.2.2977) did not claim interface 0 before use
[  450.497352][   T24] audit: type=1400 audit(2000000306.280:1884): avc:  denied  { ioctl } for  pid=9762 comm="syz.8.2987" path="socket:[54318]" dev="sockfs" ino=54318 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  450.672443][ T9772] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2991'.
[  450.766204][ T9783] netlink: 'syz.1.2997': attribute type 298 has an invalid length.
[  450.829127][ T9795] device syzkaller0 entered promiscuous mode
[  450.881522][ T9797] device veth0_to_team entered promiscuous mode
[  451.007982][   T24] audit: type=1400 audit(2000000306.780:1885): avc:  denied  { block_suspend } for  pid=9806 comm="syz.5.3007" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  451.059737][   T24] audit: type=1400 audit(2000000306.820:1886): avc:  denied  { create } for  pid=9809 comm="syz.5.3008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  451.258941][ T9820] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  451.316200][ T9820] pit: kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  451.346485][ T9820] pit: kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  451.373776][ T9820] pit: kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  451.388590][ T9820] pit: kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  451.476897][  T459] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  451.546257][ T9841] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[  451.733324][  T459] usb 6-1: Using ep0 maxpacket: 16
[  451.884434][   T24] audit: type=1326 audit(2000000307.670:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9858 comm="syz.2.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  451.913389][  T459] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[  451.940500][  T459] usb 6-1: config 0 has no interface number 0
[  451.954462][  T459] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  451.985483][   T24] audit: type=1326 audit(2000000307.670:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9858 comm="syz.2.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  452.027573][  T459] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  452.078064][   T24] audit: type=1326 audit(2000000307.690:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9858 comm="syz.2.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f23a65aa69f code=0x7ffc0000
[  452.166051][   T24] audit: type=1326 audit(2000000307.690:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9858 comm="syz.2.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  452.253239][  T459] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  452.263323][  T459] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.293147][  T459] usb 6-1: Product: syz
[  452.297408][  T459] usb 6-1: Manufacturer: syz
[  452.302022][  T459] usb 6-1: SerialNumber: syz
[  452.333178][   T24] audit: type=1326 audit(2000000307.690:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9858 comm="syz.2.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  452.334182][  T459] usb 6-1: config 0 descriptor??
[  452.463285][ T9818] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  452.473088][ T9818] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  452.775433][ T9818] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  452.782460][ T9818] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  452.923199][ T4492] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  453.003229][  T459] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: 0
[  453.019695][  T459] asix: probe of 6-1:0.251 failed with error -5
[  453.055474][ T9895] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3044'.
[  453.220564][  T459] usb 6-1: USB disconnect, device number 18
[  453.293184][ T4492] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  453.301804][ T4492] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  453.333266][ T4492] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  453.342342][ T4492] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.483345][ T4492] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  453.492469][ T4492] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  453.501041][ T4492] usb 9-1: Product: syz
[  453.505321][ T4492] usb 9-1: Manufacturer: syz
[  453.579080][ T4492] cdc_wdm 9-1:1.0: skipping garbage
[  453.584411][ T4492] cdc_wdm 9-1:1.0: skipping garbage
[  453.589952][ T4492] cdc_wdm: probe of 9-1:1.0 failed with error -22
[  453.781053][ T4492] usb 9-1: USB disconnect, device number 9
[  454.093309][ T9927] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9927 comm=syz.1.3057
[  454.128092][ T9931] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.551785][ T9980] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3078'.
[  455.702509][ T9980] device bridge_slave_1 left promiscuous mode
[  455.714954][ T9980] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.731105][ T9980] device bridge_slave_0 left promiscuous mode
[  455.746838][ T9980] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.999833][ T4492] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  456.373801][ T4492] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  456.392256][ T4492] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  456.523571][ T4492] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  456.546246][ T4492] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  456.568385][ T4492] usb 3-1: SerialNumber: syz
[  456.877261][ T4492] usb 3-1: 0:2 : does not exist
[  456.974027][ T4492] usb 3-1: USB disconnect, device number 18
[  457.033258][  T462] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  457.268403][ T4733] udevd[4733]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  457.403482][  T462] usb 6-1: Using ep0 maxpacket: 32
[  457.453514][   T24] audit: type=1400 audit(2000000313.150:1892): avc:  denied  { lock } for  pid=10013 comm="syz.1.3090" path="socket:[54946]" dev="sockfs" ino=54946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  457.563587][  T462] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  457.593541][   T24] audit: type=1400 audit(2000000313.160:1893): avc:  denied  { create } for  pid=10013 comm="syz.1.3090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  457.594275][  T462] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  457.793257][  T462] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  457.802341][  T462] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.822911][  T462] usb 6-1: Product: syz
[  457.831373][  T462] usb 6-1: Manufacturer: syz
[  457.841242][  T462] usb 6-1: SerialNumber: syz
[  457.853749][  T462] usb 6-1: config 0 descriptor??
[  457.981268][   T24] audit: type=1400 audit(2000000313.760:1894): avc:  denied  { read } for  pid=10032 comm="syz.6.3097" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  458.201721][  T462] usb 6-1: USB disconnect, device number 19
[  458.923232][   T26] INFO: task syz.5.686:3135 blocked for more than 273 seconds.
[  458.931019][   T26]       Tainted: G        W         5.10.240-syzkaller #0
[  458.951726][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  458.985207][   T26] task:syz.5.686       state:D stack:    0 pid: 3135 ppid:  1328 flags:0x00004004
[  459.058155][   T26] Call Trace:
[  459.076775][   T26]  __schedule+0xb47/0x1310
[  459.081612][   T26]  ? release_firmware_map_entry+0x190/0x190
[  459.127423][   T26]  ? __kasan_check_write+0x14/0x20
[  459.162783][   T26]  ? _raw_spin_lock_irq+0x8f/0xe0
[  459.183782][   T26]  ? _raw_spin_lock_irqsave+0x110/0x110
[  459.206810][   T26]  ? memset+0x35/0x40
[  459.223527][   T26]  schedule+0x13c/0x1d0
[  459.240423][   T26]  rwsem_down_read_slowpath+0x5f9/0xd10
[  459.263185][   T26]  ? down_write_killable+0x120/0x120
[  459.285180][   T26]  ? __kasan_check_write+0x14/0x20
[  459.306903][   T26]  ? _raw_spin_lock+0x8e/0xe0
[  459.346764][   T26]  ? _raw_spin_trylock_bh+0x130/0x130
[  459.372934][   T26]  down_read+0x4c/0xd0
[  459.389602][   T26]  iterate_supers+0xad/0x1e0
[  459.409227][   T26]  ? __ia32_sys_quotactl+0xb0/0xb0
[  459.430764][   T26]  __se_sys_quotactl+0x380/0xa90
[  459.461045][   T26]  ? __x64_sys_quotactl+0xb0/0xb0
[  459.489341][   T26]  ? switch_fpu_return+0x197/0x340
[  459.510309][   T26]  ? fpu__clear_all+0x20/0x20
[  459.529342][   T26]  __x64_sys_quotactl+0x9b/0xb0
[  459.549106][   T26]  do_syscall_64+0x31/0x40
[  459.583776][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  459.621037][   T26] RIP: 0033:0x7f785edcfbe9
[  459.649622][   T26] RSP: 002b:00007f785d838038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  459.723283][   T26] RAX: ffffffffffffffda RBX: 00007f785f006fa0 RCX: 00007f785edcfbe9
[  459.784355][   T26] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102
[  459.792356][   T26] RBP: 00007f785ee52e19 R08: 0000000000000000 R09: 0000000000000000
[  459.812488][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  459.833130][   T26] R13: 00007f785f007038 R14: 00007f785f006fa0 R15: 00007ffe6813b2b8
[  459.863206][   T26] NMI backtrace for cpu 0
[  459.867604][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.240-syzkaller #0
[  459.877068][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  459.887139][   T26] Call Trace:
[  459.890453][   T26]  __dump_stack+0x21/0x24
[  459.894818][   T26]  dump_stack_lvl+0x169/0x1d8
[  459.899601][   T26]  ? show_regs_print_info+0x18/0x18
[  459.904925][   T26]  ? sched_show_task+0x324/0x4a0
[  459.909893][   T26]  ? __rcu_read_unlock+0xa0/0xa0
[  459.914852][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  459.920917][   T26]  dump_stack+0x15/0x1c
[  459.925090][   T26]  nmi_trigger_cpumask_backtrace+0x27f/0x2c0
[  459.931108][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  459.937149][   T26]  watchdog+0xe2e/0xf70
[  459.941337][   T26]  ? hungtask_pm_notify+0x50/0x50
[  459.944569][  T462] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  459.946378][   T26]  ? __kasan_check_read+0x11/0x20
[  459.946389][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  459.946402][   T26]  kthread+0x346/0x3d0
[  459.946414][   T26]  ? hungtask_pm_notify+0x50/0x50
[  459.946424][   T26]  ? kthread_blkcg+0xd0/0xd0
[  459.946436][   T26]  ret_from_fork+0x1f/0x30
[  459.946592][   T26] Sending NMI from CPU 0 to CPUs 1:
[  459.988069][    C1] NMI backtrace for cpu 1
[  459.988076][    C1] CPU: 1 PID: 4491 Comm: kworker/1:11 Tainted: G        W         5.10.240-syzkaller #0
[  459.988081][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  459.988085][    C1] Workqueue: events bpf_prog_free_deferred
[  459.988093][    C1] RIP: 0010:update_stack_state+0x2b7/0x480
[  459.988102][    C1] Code: 83 3e 00 74 26 44 3b 6d ac 75 20 48 8b 45 a0 48 39 45 b0 73 16 31 db 89 d8 48 81 c4 98 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d <c3> 4c 8b 6d 80 4d 85 ed 4c 89 75 b8 74 6f 49 bc 00 00 00 00 00 fc
[  459.988106][    C1] RSP: 0018:ffffc90002487540 EFLAGS: 00000292
[  459.988113][    C1] RAX: 0000000002487601 RBX: ffffc900024875c8 RCX: ffffc90002487a01
[  459.988118][    C1] RDX: ffffc90002487a68 RSI: 1ffff92000490eba RDI: ffffc90002487620
[  459.988123][    C1] RBP: ffffc900024875b8 R08: ffffc90002487690 R09: ffffc90002487688
[  459.988127][    C1] R10: 0000000000000005 R11: 1ffff92000490eb9 R12: 0000000000000000
[  459.988132][    C1] R13: 1ffff92000490ec4 R14: ffffc90002487620 R15: ffffc900024879f8
[  459.988136][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  459.988141][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  459.988145][    C1] CR2: 00007fbdf9ece000 CR3: 000000013b974000 CR4: 00000000003526a0
[  459.988150][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  459.988154][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  459.988157][    C1] Call Trace:
[  459.988161][    C1]  ? unwind_next_frame+0x3d5/0x700
[  459.988165][    C1]  ? stack_trace_save+0xe0/0xe0
[  459.988168][    C1]  arch_stack_walk+0x108/0x140
[  459.988172][    C1]  ? __purge_vmap_area_lazy+0x10d2/0x1470
[  459.988175][    C1]  stack_trace_save+0x98/0xe0
[  459.988178][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  459.988182][    C1]  ? generic_exec_single+0x20e/0x370
[  459.988186][    C1]  ? __reset_page_owner+0x140/0x140
[  459.988189][    C1]  ? memset+0x35/0x40
[  459.988192][    C1]  kasan_set_track+0x4a/0x70
[  459.988195][    C1]  ? kasan_set_track+0x4a/0x70
[  459.988198][    C1]  ? kasan_set_free_info+0x23/0x40
[  459.988202][    C1]  ? ____kasan_slab_free+0x125/0x160
[  459.988205][    C1]  ? __kasan_slab_free+0x11/0x20
[  459.988209][    C1]  ? slab_free_freelist_hook+0xc5/0x190
[  459.988212][    C1]  ? kmem_cache_free+0x100/0x2d0
[  459.988216][    C1]  ? do_kernel_range_flush+0x93/0xc0
[  459.988219][    C1]  ? kmem_cache_free+0x100/0x2d0
[  459.988223][    C1]  kasan_set_free_info+0x23/0x40
[  459.988226][    C1]  ____kasan_slab_free+0x125/0x160
[  459.988230][    C1]  __kasan_slab_free+0x11/0x20
[  459.988241][    C1]  slab_free_freelist_hook+0xc5/0x190
[  459.988245][    C1]  ? __purge_vmap_area_lazy+0x10d2/0x1470
[  459.988249][    C1]  kmem_cache_free+0x100/0x2d0
[  459.988253][    C1]  __purge_vmap_area_lazy+0x10d2/0x1470
[  459.988256][    C1]  _vm_unmap_aliases+0x2f8/0x380
[  459.988259][    C1]  __vunmap+0x66e/0x9d0
[  459.988262][    C1]  vfree+0x61/0x90
[  459.988266][    C1]  module_memfree+0x17/0x30
[  459.988269][    C1]  bpf_jit_free_exec+0x15/0x20
[  459.988273][    C1]  bpf_jit_binary_free+0x4c/0x260
[  459.988276][    C1]  bpf_jit_free+0x7f/0x1e0
[  459.988280][    C1]  bpf_prog_free_deferred+0x552/0x5f0
[  459.988283][    C1]  process_one_work+0x6e1/0xba0
[  459.988286][    C1]  worker_thread+0xa6a/0x13b0
[  459.988289][    C1]  kthread+0x346/0x3d0
[  459.988292][    C1]  ? worker_clr_flags+0x190/0x190
[  459.988296][    C1]  ? kthread_blkcg+0xd0/0xd0
[  459.988299][    C1]  ret_from_fork+0x1f/0x30
[  460.374979][T10072] EXT4-fs error (device loop6): ext4_orphan_get:1421: comm syz.6.3107: bad orphan inode 11862016
[  460.385803][T10072] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  460.394798][T10072] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  460.451565][   T24] audit: type=1400 audit(2000000316.230:1895): avc:  denied  { bind } for  pid=10083 comm="syz.5.3113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  460.559465][T10088] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3114'.
[  460.723226][  T462] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  460.733596][  T462] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  460.813529][  T462] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  460.830825][  T462] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  460.866133][  T462] usb 2-1: SerialNumber: syz
[  460.893257][  T459] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  461.154057][  T462] usb 2-1: 0:2 : does not exist
[  461.159030][  T459] usb 9-1: Using ep0 maxpacket: 8
[  461.168967][  T462] usb 2-1: USB disconnect, device number 12
[  461.283166][  T459] usb 9-1: config 0 has an invalid interface number: 247 but max is 0
[  461.296281][  T459] usb 9-1: config 0 has an invalid descriptor of length 182, skipping remainder of the config
[  461.306966][  T459] usb 9-1: config 0 has no interface number 0
[  461.319937][  T459] usb 9-1: config 0 interface 247 altsetting 188 has 0 endpoint descriptors, different from the interface descriptor's value: 13
[  461.335492][  T459] usb 9-1: config 0 interface 247 has no altsetting 0
[  461.342362][  T459] usb 9-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  461.355474][  T459] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.364418][  T459] usb 9-1: config 0 descriptor??
[  461.446976][   T24] audit: type=1400 audit(2000000317.230:1896): avc:  denied  { transfer } for  pid=10105 comm="syz.2.3121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  461.823379][  T459] usb 9-1: string descriptor 0 read error: -32
[  462.952903][T10141] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  463.618907][  T576] usb 9-1: USB disconnect, device number 10
[  463.746154][   T24] audit: type=1400 audit(2000000319.500:1897): avc:  denied  { create } for  pid=10166 comm="syz.1.3141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  464.713509][ T4492] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  465.008494][ T4492] usb 7-1: Using ep0 maxpacket: 32
[  465.233225][ T4492] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  465.251556][ T4492] usb 7-1: config 0 has no interface number 0
[  465.407826][   T24] audit: type=1400 audit(2000000321.190:1898): avc:  denied  { connect } for  pid=10207 comm="syz.8.3156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  465.427942][ T4492] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  465.448029][ T4492] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.479647][ T4492] usb 7-1: Product: syz
[  465.492218][ T4492] usb 7-1: Manufacturer: syz
[  465.506404][ T4492] usb 7-1: SerialNumber: syz
[  465.517759][ T4492] usb 7-1: config 0 descriptor??
[  467.400472][  T382] usb 7-1: USB disconnect, device number 16
[  468.696624][  T382] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  468.713240][   T24] audit: type=1400 audit(2000000324.500:1899): avc:  denied  { remount } for  pid=10271 comm="syz.8.3179" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  469.193116][  T382] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  469.315434][  T382] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.387251][  T382] usb 6-1: config 0 descriptor??
[  469.405267][   T24] audit: type=1400 audit(2000000326.184:1900): avc:  denied  { connect } for  pid=10285 comm="syz.6.3185" lport=159 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  469.452702][   T24] audit: type=1400 audit(2000000326.224:1901): avc:  denied  { bind } for  pid=10289 comm="syz.6.3187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  470.938536][   T24] audit: type=1400 audit(2000000327.714:1902): avc:  denied  { shutdown } for  pid=10319 comm="syz.2.3198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  471.063483][  T382] usb 6-1: USB disconnect, device number 20
[  471.799786][T10338] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  472.456342][   T24] audit: type=1400 audit(2000000329.234:1903): avc:  denied  { create } for  pid=10366 comm="syz.5.3216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  472.823586][   T24] audit: type=1400 audit(2000000329.604:1904): avc:  denied  { bind } for  pid=10366 comm="syz.5.3216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  473.162532][   T24] audit: type=1400 audit(2000000329.934:1905): avc:  denied  { map } for  pid=10385 comm="syz.6.3222" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  473.183325][T10387] 9pnet: Could not find request transport: rdma
[  475.062834][T10413] netlink: 'syz.1.3231': attribute type 27 has an invalid length.
[  475.193795][T10413] device wg2 left promiscuous mode
[  475.209920][T10413] device veth0_to_team left promiscuous mode
[  475.270701][T10417] EXT4-fs (loop6): Test dummy encryption mode enabled
[  475.321518][T10417] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  475.333445][T10414] device veth1_macvtap left promiscuous mode
[  475.339592][T10417] System zones: 0-5
[  475.345141][T10414] device veth1_macvtap entered promiscuous mode
[  475.352345][T10417] EXT4-fs (loop6): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000004,,errors=continue
[  475.391643][  T382] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  475.413212][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  475.434847][  T382] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  475.462932][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  475.471046][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  475.522632][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  475.530819][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  475.539521][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  475.546629][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  475.592821][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  475.602129][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  475.610524][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  475.617600][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  475.647055][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  475.656538][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  475.665796][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  475.674757][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  475.683969][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  475.692788][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  475.701696][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  475.716545][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  475.764425][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  475.783574][ T4492] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  475.820594][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  475.847824][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  475.865300][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  475.881819][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  475.890480][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  475.898825][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  475.907332][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  475.915801][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  475.923905][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  475.932148][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  475.940829][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  475.949621][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  475.958225][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  475.966842][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  475.975332][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  476.304093][ T4492] usb 3-1: unable to get BOS descriptor or descriptor too short
[  476.513585][ T4492] usb 3-1: config 160 contains an unexpected descriptor of type 0x2, skipping
[  476.549386][ T4492] usb 3-1: config 160 has 0 interfaces, different from the descriptor's value: 1
[  476.703243][   T24] audit: type=1400 audit(2000000333.484:1906): avc:  denied  { setattr } for  pid=10450 comm="syz.5.3246" name="PACKET" dev="sockfs" ino=55980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  476.765004][T10453] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,delalloc,bsdgroups,
[  476.779576][T10453] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  476.825821][T10453] EXT4-fs (loop6): shut down requested (2)
[  476.834385][   T24] audit: type=1400 audit(2000000333.614:1907): avc:  denied  { read } for  pid=77 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  476.843816][ T4492] usb 3-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=31.f3
[  476.856725][   T24] audit: type=1400 audit(2000000333.614:1908): avc:  denied  { search } for  pid=77 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  476.880100][ T4492] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.889304][   T24] audit: type=1400 audit(2000000333.614:1909): avc:  denied  { write } for  pid=77 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  476.895833][ T4492] usb 3-1: Product: syz
[  476.918295][   T24] audit: type=1400 audit(2000000333.614:1910): avc:  denied  { add_name } for  pid=77 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  476.928177][ T4492] usb 3-1: Manufacturer: syz
[  476.947049][   T24] audit: type=1400 audit(2000000333.614:1911): avc:  denied  { create } for  pid=77 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  476.973158][   T24] audit: type=1400 audit(2000000333.614:1912): avc:  denied  { append open } for  pid=77 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  476.986591][ T4492] usb 3-1: SerialNumber: syz
[  477.003807][   T24] audit: type=1400 audit(2000000333.614:1913): avc:  denied  { getattr } for  pid=77 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  477.273205][  T576] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  477.276387][ T4492] usb 3-1: USB disconnect, device number 19
[  477.373139][ T1733] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  477.432387][T10475] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3256'.
[  477.643484][ T1733] usb 7-1: Using ep0 maxpacket: 32
[  477.674557][  T576] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  477.684890][  T576] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.697627][  T576] usb 6-1: config 0 descriptor??
[  477.763215][ T1733] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  477.963299][ T1733] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  477.982333][ T1733] usb 7-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[  477.993274][ T1733] usb 7-1: Product: syz
[  477.997486][ T1733] usb 7-1: Manufacturer: syz
[  478.002103][ T1733] usb 7-1: SerialNumber: syz
[  478.031627][ T1733] usb 7-1: config 0 descriptor??
[  478.175141][T10506] netlink: 'syz.1.3269': attribute type 13 has an invalid length.
[  478.196740][T10506] gretap0: refused to change device tx_queue_len
[  478.212060][T10506] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  478.296509][  T382] usb 7-1: USB disconnect, device number 17
[  479.723215][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  481.114701][T10521] 9pnet_virtio: no channels available for device 
[  481.129378][   T26] INFO: task syz.5.686:3135 blocked for more than 296 seconds.
[  481.168529][   T26]       Tainted: G        W         5.10.240-syzkaller #0
[  481.272104][  T576] usb 6-1: USB disconnect, device number 21
[  481.278459][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  481.329393][   T26] task:syz.5.686       state:D stack:    0 pid: 3135 ppid:  1328 flags:0x00004004
[  481.403399][T10537] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  481.415341][   T26] Call Trace:
[  481.418676][   T26]  __schedule+0xb47/0x1310
[  481.423448][   T26]  ? release_firmware_map_entry+0x190/0x190
[  481.429366][   T26]  ? __kasan_check_write+0x14/0x20
[  481.434544][   T26]  ? _raw_spin_lock_irq+0x8f/0xe0
[  481.447508][   T26]  ? _raw_spin_lock_irqsave+0x110/0x110
[  481.454654][   T26]  ? memset+0x35/0x40
[  481.458661][   T26]  schedule+0x13c/0x1d0
[  481.462827][   T26]  rwsem_down_read_slowpath+0x5f9/0xd10
[  481.468484][   T26]  ? down_write_killable+0x120/0x120
[  481.493454][   T26]  ? __kasan_check_write+0x14/0x20
[  481.519933][   T26]  ? _raw_spin_lock+0x8e/0xe0
[  481.524765][   T26]  ? _raw_spin_trylock_bh+0x130/0x130
[  481.530498][   T26]  down_read+0x4c/0xd0
[  481.534790][   T26]  iterate_supers+0xad/0x1e0
[  481.539543][   T26]  ? __ia32_sys_quotactl+0xb0/0xb0
[  481.544854][   T26]  __se_sys_quotactl+0x380/0xa90
[  481.549940][   T26]  ? __x64_sys_quotactl+0xb0/0xb0
[  481.559819][   T26]  ? switch_fpu_return+0x197/0x340
[  481.573063][   T26]  ? fpu__clear_all+0x20/0x20
[  481.577915][   T26]  __x64_sys_quotactl+0x9b/0xb0
[  481.582869][   T26]  do_syscall_64+0x31/0x40
[  481.587474][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  481.593461][   T26] RIP: 0033:0x7f785edcfbe9
[  481.597955][   T26] RSP: 002b:00007f785d838038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  481.606955][   T26] RAX: ffffffffffffffda RBX: 00007f785f006fa0 RCX: 00007f785edcfbe9
[  481.615153][   T26] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102
[  481.623259][   T26] RBP: 00007f785ee52e19 R08: 0000000000000000 R09: 0000000000000000
[  481.631317][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.647688][   T26] R13: 00007f785f007038 R14: 00007f785f006fa0 R15: 00007ffe6813b2b8
[  481.663278][   T26] INFO: task syz.4.1471:5870 blocked for more than 127 seconds.
[  481.673127][   T26]       Tainted: G        W         5.10.240-syzkaller #0
[  481.680253][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  481.702624][   T26] task:syz.4.1471      state:D stack:    0 pid: 5870 ppid:   278 flags:0x00004004
[  481.712264][   T26] Call Trace:
[  481.715814][   T26]  __schedule+0xb47/0x1310
[  481.720347][   T26]  ? release_firmware_map_entry+0x190/0x190
[  481.726361][   T26]  ? __kasan_check_write+0x14/0x20
[  481.731505][   T26]  ? _raw_spin_lock_irq+0x8f/0xe0
[  481.736641][   T26]  ? _raw_spin_lock_irqsave+0x110/0x110
[  481.742812][   T26]  schedule+0x13c/0x1d0
[  481.748231][   T26]  rwsem_down_read_slowpath+0x5f9/0xd10
[  481.761709][   T26]  ? down_write_killable+0x120/0x120
[  481.773300][   T26]  ? __kasan_check_write+0x14/0x20
[  481.783646][   T26]  ? _raw_spin_lock+0x8e/0xe0
[  481.793246][   T26]  ? _raw_spin_trylock_bh+0x130/0x130
[  481.804873][   T26]  down_read+0x4c/0xd0
[  481.823171][   T26]  iterate_supers+0xad/0x1e0
[  481.827802][   T26]  ? ksys_sync+0x160/0x160
[  481.832210][   T26]  ksys_sync+0x91/0x160
[  481.853118][   T26]  ? sync_filesystem+0x250/0x250
[  481.858095][   T26]  ? __kasan_check_read+0x11/0x20
[  481.863198][   T26]  __ia32_sys_sync+0xe/0x20
[  482.073184][   T26]  do_syscall_64+0x31/0x40
[  482.166308][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  482.193145][   T26] RIP: 0033:0x7f6ca8aafbe9
[  482.204847][   T26] RSP: 002b:00007f6ca7518038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  482.214713][   T26] RAX: ffffffffffffffda RBX: 00007f6ca8ce6fa0 RCX: 00007f6ca8aafbe9
[  482.224263][   T26] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  482.242438][   T26] RBP: 00007f6ca8ce6fa0 R08: 0000000000000000 R09: 0000000000000000
[  482.253383][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.261637][   T26] R13: 00007f6ca8ce7038 R14: 00007f6ca8ce6fa0 R15: 00007fff7f9584b8
[  482.272333][   T26] NMI backtrace for cpu 0
[  482.276889][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.240-syzkaller #0
[  482.286269][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  482.296340][   T26] Call Trace:
[  482.299642][   T26]  __dump_stack+0x21/0x24
[  482.303976][   T26]  dump_stack_lvl+0x169/0x1d8
[  482.308657][   T26]  ? show_regs_print_info+0x18/0x18
[  482.313860][   T26]  ? sched_show_task+0x324/0x4a0
[  482.318800][   T26]  ? __rcu_read_unlock+0xa0/0xa0
[  482.323740][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  482.329810][   T26]  dump_stack+0x15/0x1c
[  482.333970][   T26]  nmi_trigger_cpumask_backtrace+0x27f/0x2c0
[  482.339971][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  482.345871][   T26]  watchdog+0xe2e/0xf70
[  482.350042][   T26]  ? hungtask_pm_notify+0x50/0x50
[  482.355072][   T26]  ? __kasan_check_read+0x11/0x20
[  482.360102][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  482.365055][   T26]  kthread+0x346/0x3d0
[  482.369126][   T26]  ? hungtask_pm_notify+0x50/0x50
[  482.374148][   T26]  ? kthread_blkcg+0xd0/0xd0
[  482.378755][   T26]  ret_from_fork+0x1f/0x30
[  482.383312][   T26] Sending NMI from CPU 0 to CPUs 1:
[  482.388553][    C1] NMI backtrace for cpu 1 skipped: idling at default_idle+0x12/0x20
[  482.529244][T10573] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  482.616407][   T24] audit: type=1400 audit(2000000339.394:1914): avc:  denied  { unmount } for  pid=8641 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  482.663264][  T382] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  482.996151][T10590] netlink: 'syz.5.3297': attribute type 13 has an invalid length.
[  483.006437][T10590] gretap0: refused to change device tx_queue_len
[  483.012990][T10590] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  483.213416][  T382] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  483.222689][  T382] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.250196][  T382] usb 2-1: config 0 descriptor??
[  483.733165][  T576] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  483.823140][    T5] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  484.284644][    T5] usb 9-1: Using ep0 maxpacket: 32
[  484.302837][T10615] udc-core: couldn't find an available UDC or it's busy
[  484.309968][T10615] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  484.403197][    T5] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.414177][    T5] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  484.423969][    T5] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  484.433045][    T5] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.441722][    T5] usb 9-1: config 0 descriptor??
[  484.483759][    T5] hub 9-1:0.0: USB hub found
[  484.650604][  T295] usb 2-1: USB disconnect, device number 13
[  484.683123][T10622] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3309'.
[  484.703226][    T5] hub 9-1:0.0: 1 port detected
[  484.923208][    T5] hub 9-1:0.0: hub_hub_status failed (err = -71)
[  484.934027][    T5] hub 9-1:0.0: config failed, can't get hub status (err -71)
[  485.043270][    T5] usbhid 9-1:0.0: can't add hid device: -71
[  485.055407][    T5] usbhid: probe of 9-1:0.0 failed with error -71
[  485.057165][T10637] netlink: 'syz.5.3315': attribute type 13 has an invalid length.
[  485.070404][T10637] gretap0: refused to change device tx_queue_len
[  485.077103][T10637] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  485.124081][    T5] usb 9-1: USB disconnect, device number 11
[  485.163352][  T295] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  485.403778][  T295] usb 2-1: Using ep0 maxpacket: 16
[  485.523435][  T295] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  485.743438][  T295] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  485.760802][  T295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  485.770080][  T295] usb 2-1: Product: syz
[  485.774827][    T5] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  485.803979][  T295] usb 2-1: Manufacturer: syz
[  485.808699][  T295] usb 2-1: SerialNumber: syz
[  485.814380][  T295] usb 2-1: config 0 descriptor??
[  486.383214][    T5] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  486.399619][    T5] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  486.553275][  T576] usb 7-1: unable to get BOS descriptor or descriptor too short
[  486.561096][    T5] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  486.580877][    T5] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  486.590433][    T5] usb 9-1: SerialNumber: syz
[  486.615343][T10662] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  486.683173][  T576] usb 7-1: unable to read config index 0 descriptor/start: -71
[  486.698511][  T576] usb 7-1: can't read configurations, error -71
[  486.824897][T10680] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  486.833568][T10680] EXT4-fs (loop6): orphan cleanup on readonly fs
[  486.840818][T10680] Quota error (device loop6): v2_read_file_info: Block with free entry too big (1283 >= 6).
[  486.851074][T10680] EXT4-fs warning (device loop6): ext4_enable_quotas:6491: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  486.865793][T10680] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  486.872584][T10680] EXT4-fs error (device loop6): ext4_free_blocks:5685: comm syz.6.3333: Freeing blocks not in datazone - block = 0, count = 4096
[  486.873889][    T5] usb 9-1: 0:2 : does not exist
[  486.891718][T10680] EXT4-fs (loop6): 1 orphan inode deleted
[  486.897579][T10680] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  486.906419][    T5] usb 9-1: USB disconnect, device number 12
[  486.911117][T10680] EXT4-fs error (device loop6): ext4_lookup:1830: inode #15: comm syz.6.3333: iget: bad extended attribute block 6
[  487.848892][  T458] usb 2-1: USB disconnect, device number 14
[  488.220942][T10716] tipc: Started in network mode
[  488.238378][T10716] tipc: Own node identity a6d22757145b, cluster identity 4711
[  488.262423][T10716] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  488.270077][T10716] device syzkaller0 entered promiscuous mode
[  488.278738][T10716] tipc: Resetting bearer <eth:syzkaller0>
[  488.285331][T10711] tipc: Resetting bearer <eth:syzkaller0>
[  488.292044][T10711] tipc: Disabling bearer <eth:syzkaller0>
[  488.307722][   T24] audit: type=1400 audit(2000000345.084:1915): avc:  denied  { create } for  pid=10719 comm="syz.8.3346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  488.363579][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  488.454144][T10728] EXT4-fs (loop6): Ignoring removed nobh option
[  488.466503][T10728] EXT4-fs error (device loop6): ext4_ext_check_inode:500: inode #11: comm syz.6.3350: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  488.486786][T10728] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.3350: couldn't read orphan inode 11 (err -117)
[  488.499988][T10728] EXT4-fs (loop6): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue
[  489.951720][T10755] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  490.301063][T10755] device syzkaller0 entered promiscuous mode
[  490.347922][T10755] tipc: Resetting bearer <eth:syzkaller0>
[  490.385297][T10753] tipc: Resetting bearer <eth:syzkaller0>
[  490.391786][T10753] tipc: Disabling bearer <eth:syzkaller0>
[  490.415698][T10772] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3365'.
[  490.782717][   T24] audit: type=1326 audit(2000000347.554:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.822135][   T24] audit: type=1326 audit(2000000347.554:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.847401][   T24] audit: type=1326 audit(2000000347.554:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.874901][   T24] audit: type=1326 audit(2000000347.554:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.875467][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3368'.
[  490.899709][   T24] audit: type=1326 audit(2000000347.554:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.962964][   T24] audit: type=1326 audit(2000000347.554:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  490.987153][   T24] audit: type=1326 audit(2000000347.554:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  491.011175][   T24] audit: type=1326 audit(2000000347.554:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  491.035558][   T24] audit: type=1326 audit(2000000347.554:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  491.213179][  T576] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  492.174032][T10807] tipc: Started in network mode
[  492.178951][T10807] tipc: Own node identity 1a4266a73529, cluster identity 4711
[  492.243286][T10807] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  492.276684][T10809] device syzkaller0 entered promiscuous mode
[  492.286243][T10807] tipc: Resetting bearer <eth:syzkaller0>
[  492.292846][T10805] tipc: Resetting bearer <eth:syzkaller0>
[  492.301470][T10805] tipc: Disabling bearer <eth:syzkaller0>
[  492.443221][  T576] usb 3-1: Using ep0 maxpacket: 8
[  492.480127][T10830] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3386'.
[  492.795481][  T576] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  492.840546][T10835] erofs: (device loop6): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  492.883173][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.899659][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.003180][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.013403][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.103180][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.118574][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.223216][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.258866][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.328804][T10855] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  493.343344][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.354251][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.413825][T10855] device syzkaller0 entered promiscuous mode
[  493.432464][T10855] tipc: Resetting bearer <eth:syzkaller0>
[  493.448362][T10854] tipc: Resetting bearer <eth:syzkaller0>
[  493.456737][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.480916][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  493.573308][  T576] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  493.584372][T10854] tipc: Disabling bearer <eth:syzkaller0>
[  493.591189][  T576] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  494.223475][  T576] usb 3-1: unable to read config index 7 descriptor/all
[  494.237802][  T576] usb 3-1: can't read configurations, error -71
[  494.289098][   T24] kauditd_printk_skb: 27 callbacks suppressed
[  494.289113][   T24] audit: type=1400 audit(2000000351.064:1952): avc:  denied  { lock } for  pid=10880 comm="syz.1.3406" path="socket:[57747]" dev="sockfs" ino=57747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  494.433169][T10897] tipc: Started in network mode
[  494.448167][T10897] tipc: Own node identity 827bb868173c, cluster identity 4711
[  494.456271][T10897] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  494.502047][T10890] erofs: (device loop6): erofs_read_inode: bogus i_mode (0) @ nid 36
[  494.531470][T10897] device syzkaller0 entered promiscuous mode
[  494.546538][T10897] tipc: Resetting bearer <eth:syzkaller0>
[  494.554027][T10893] tipc: Resetting bearer <eth:syzkaller0>
[  494.563915][T10893] tipc: Disabling bearer <eth:syzkaller0>
[  495.993859][T10948] device pim6reg1 entered promiscuous mode
[  496.072296][T10954] syz.6.3435[10954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  496.072362][T10954] syz.6.3435[10954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  496.229512][T10968] device bridge0 entered promiscuous mode
[  496.709535][T10986] device wg2 entered promiscuous mode
[  497.008699][T11023] device pim6reg1 entered promiscuous mode
[  497.065820][T11027] device wg2 entered promiscuous mode
[  497.433598][T11059] device pim6reg1 entered promiscuous mode
[  497.588077][T11073] device pim6reg1 entered promiscuous mode
[  498.155912][T11097] device veth1_macvtap left promiscuous mode
[  498.233251][ T7072] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  498.533194][ T7072] usb 9-1: device descriptor read/64, error -71
[  498.566625][T11143] device pim6reg1 entered promiscuous mode
[  498.933174][ T7072] usb 9-1: device descriptor read/64, error -71
[  499.203156][ T7072] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  499.783166][ T7072] usb 9-1: device descriptor read/64, error -71
[  500.045660][T11196] dvmrp1: tun_chr_ioctl cmd 2148553947
[  500.173157][ T7072] usb 9-1: device descriptor read/64, error -71
[  500.546849][ T7072] usb usb9-port1: attempt power cycle
[  500.575278][T11217] device wg2 entered promiscuous mode
[  500.683872][T11242] device wg2 entered promiscuous mode
[  500.836134][T11257] device wg2 left promiscuous mode
[  500.851616][T11257] device wg2 entered promiscuous mode
[  500.892190][   T24] audit: type=1400 audit(2000000357.664:1953): avc:  denied  { relabelfrom } for  pid=11260 comm="syz.1.3569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  500.912263][   T24] audit: type=1400 audit(2000000357.664:1954): avc:  denied  { relabelto } for  pid=11260 comm="syz.1.3569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  500.973252][ T7072] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  500.976827][T11266] device pim6reg1 entered promiscuous mode
[  501.224300][T11288] device syzkaller0 entered promiscuous mode
[  501.473461][ T4494] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  501.628006][T11308] tun0: tun_chr_ioctl cmd 1074812118
[  501.686765][T11313] device syzkaller0 entered promiscuous mode
[  501.747838][ T7072] usb 9-1: device not accepting address 15, error -71
[  501.773155][ T4494] usb 6-1: device descriptor read/64, error -71
[  501.870705][T11340] device syzkaller0 entered promiscuous mode
[  502.223228][ T4494] usb 6-1: device descriptor read/64, error -71
[  502.403641][T11369] device syzkaller0 entered promiscuous mode
[  502.513227][ T4494] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  502.645421][T11390] device syzkaller0 entered promiscuous mode
[  502.807064][ T4494] usb 6-1: device descriptor read/64, error -71
[  502.849561][   T24] audit: type=1400 audit(2000000359.614:1955): avc:  denied  { ioctl } for  pid=11403 comm="syz.1.3635" path="/dev/fuse" dev="devtmpfs" ino=90 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  503.283163][ T4494] usb 6-1: device descriptor read/64, error -71
[  503.403408][ T4494] usb usb6-port1: attempt power cycle
[  503.423158][   T15] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  503.510571][T11420] device syzkaller0 entered promiscuous mode
[  503.583983][T11422] erofs: (device loop6): mounted with root inode @ nid 36.
[  503.597246][T11422] attempt to access beyond end of device
[  503.597246][T11422] loop6: rw=524288, want=32, limit=16
[  503.620990][T11422] attempt to access beyond end of device
[  503.620990][T11422] loop6: rw=524288, want=24, limit=16
[  503.633259][T11422] attempt to access beyond end of device
[  503.633259][T11422] loop6: rw=0, want=24, limit=16
[  503.823505][ T4494] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  503.943306][   T24] audit: type=1326 audit(2000000360.644:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.089473][   T24] audit: type=1326 audit(2000000360.644:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.103212][ T4494] usb 6-1: device descriptor read/8, error -71
[  504.137785][   T24] audit: type=1326 audit(2000000360.644:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.180851][   T24] audit: type=1326 audit(2000000360.644:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.211946][   T24] audit: type=1326 audit(2000000360.644:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.246909][   T24] audit: type=1326 audit(2000000360.644:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.277979][   T24] audit: type=1326 audit(2000000360.644:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11432 comm="syz.6.3648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  504.301792][   T15] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  504.316810][   T15] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.345957][   T15] usb 2-1: Product: syz
[  504.350244][   T15] usb 2-1: Manufacturer: syz
[  504.356799][   T15] usb 2-1: SerialNumber: syz
[  504.383288][ T4494] usb 6-1: device descriptor read/8, error -71
[  505.531935][T11474] 9pnet: Could not find request transport: f
[  505.643563][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  505.825210][T11480] EXT4-fs (loop6): 1 orphan inode deleted
[  505.879136][T11480] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobarrier,init_itable=0x0000000000000002,,errors=continue
[  505.905677][   T24] kauditd_printk_skb: 7 callbacks suppressed
[  505.905691][   T24] audit: type=1400 audit(2000000362.684:1970): avc:  denied  { setopt } for  pid=11490 comm="syz.8.3668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  505.946223][T11480] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.200441][T11499] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3671'.
[  507.543987][T11537] device pim6reg1 entered promiscuous mode
[  507.755032][T11558] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3694'.
[  507.923241][  T576] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  507.973118][ T7072] usb 7-1: new full-speed USB device number 20 using dummy_hcd
[  508.386898][ T2768] usb 9-1: new full-speed USB device number 17 using dummy_hcd
[  508.513227][  T576] usb 3-1: Using ep0 maxpacket: 16
[  508.633312][ T7072] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  508.642140][  T576] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.653295][   T15] rtl8150 2-1:1.0: couldn't reset the device
[  508.659414][   T15] rtl8150: probe of 2-1:1.0 failed with error -5
[  508.666447][ T7072] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  508.675621][  T576] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.694032][   T15] usb 2-1: USB disconnect, device number 15
[  508.700154][ T7072] usb 7-1: config 1 has no interface number 1
[  508.707876][  T576] usb 3-1: config 0 interface 0 has no altsetting 0
[  508.718019][ T7072] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  508.733056][  T576] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  508.742512][  T576] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.755321][  T576] usb 3-1: config 0 descriptor??
[  508.776643][T11572] device bridge0 left promiscuous mode
[  508.793809][T11572] device wg2 left promiscuous mode
[  508.813248][ T2768] usb 9-1: unable to get BOS descriptor or descriptor too short
[  508.853252][ T2768] usb 9-1: not running at top speed; connect to a high speed hub
[  508.863288][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  508.933269][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  509.166616][ T7072] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  509.176095][ T7072] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.184177][ T7072] usb 7-1: Product: syz
[  509.188357][ T7072] usb 7-1: Manufacturer: syz
[  509.192959][ T7072] usb 7-1: SerialNumber: syz
[  509.203203][ T2768] usb 9-1: config 1 interface 0 altsetting 14 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  509.214494][ T2768] usb 9-1: config 1 interface 0 has no altsetting 0
[  509.274478][  T576] hid (null): nested delimiters
[  509.373291][ T2768] usb 9-1: New USB device found, idVendor=0b05, idProduct=1a30, bcdDevice= 0.40
[  509.382380][ T2768] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.390500][ T2768] usb 9-1: Product: syz
[  509.394699][ T2768] usb 9-1: Manufacturer: syz
[  509.399302][ T2768] usb 9-1: SerialNumber: syz
[  509.475662][  T301] usb 3-1: USB disconnect, device number 22
[  509.553212][ T7072] usb 7-1: 2:1 : unsupported format bits 0x100
[  509.575508][ T7072] usb 7-1: USB disconnect, device number 20
[  509.784008][ T4720] udevd[4720]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  509.863164][ T2768] usbhid 9-1:1.0: can't add hid device: -71
[  509.869176][ T2768] usbhid: probe of 9-1:1.0 failed with error -71
[  509.884163][ T2768] usb 9-1: USB disconnect, device number 17
[  511.806971][T11629] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  511.845934][T11629] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  511.932803][   T24] audit: type=1400 audit(2000000368.704:1971): avc:  denied  { map } for  pid=11644 comm="syz.8.3725" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  512.012804][   T24] audit: type=1400 audit(2000000368.764:1972): avc:  denied  { execute } for  pid=11628 comm="syz.6.3716" name="file1" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  512.055087][   T24] audit: type=1400 audit(2000000368.764:1973): avc:  denied  { execute_no_trans } for  pid=11628 comm="syz.6.3716" path="/156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  513.223173][ T4494] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  513.730587][T11688] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3739'.
[  513.763219][ T4494] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  513.775255][ T4494] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  513.816776][T11695] device veth1_macvtap left promiscuous mode
[  513.863262][ T4494] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  513.872553][ T4494] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  513.880710][ T4494] usb 7-1: SerialNumber: syz
[  514.272148][ T4494] usb 7-1: 0:2 : does not exist
[  514.315542][ T4494] usb 7-1: USB disconnect, device number 21
[  514.658977][T11709] xt_SECMARK: invalid security context 'system_u:object_r:initctl_t:s0'
[  514.667860][   T24] audit: type=1326 audit(2000000371.434:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  514.695416][   T24] audit: type=1326 audit(2000000371.434:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  514.763260][ T7072] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  514.804700][   T24] audit: type=1326 audit(2000000371.434:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  514.834393][   T24] audit: type=1326 audit(2000000371.434:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  514.893746][   T24] audit: type=1326 audit(2000000371.434:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  514.996321][   T24] audit: type=1326 audit(2000000371.434:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  515.102052][   T24] audit: type=1326 audit(2000000371.434:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11706 comm="syz.1.3747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c19dfbe9 code=0x7ffc0000
[  515.541342][ T7072] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  515.894400][ T7072] usb 6-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  515.903671][ T7072] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.933938][ T7072] usb 6-1: config 0 descriptor??
[  516.650165][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  516.754863][ T7072] wacom 0003:056A:0015.001D: Unknown device_type for 'HID 056a:0015'. Assuming pen.
[  516.773839][ T7072] wacom 0003:056A:0015.001D: hidraw0: USB HID v9.14 Device [HID 056a:0015] on usb-dummy_hcd.5-1/input0
[  516.796225][ T7072] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0015.001D/input/input21
[  516.963793][ T4494] usb 6-1: USB disconnect, device number 26
[  517.123158][  T301] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  517.383254][  T301] usb 2-1: Using ep0 maxpacket: 16
[  517.503515][  T301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  517.527880][  T301] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  517.542798][  T301] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  517.552884][  T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.574172][  T301] usb 2-1: config 0 descriptor??
[  518.065298][  T301] HID 045e:07da: Invalid code 65791 type 1
[  518.081157][  T301] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.001E/input/input24
[  518.102953][  T301] microsoft 0003:045E:07DA.001E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  518.103141][   T15] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[  518.546690][ T4494] usb 2-1: USB disconnect, device number 16
[  518.813196][   T15] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  518.845286][   T15] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  518.870152][T11798] netlink: 51 bytes leftover after parsing attributes in process `syz.5.3779'.
[  518.870598][   T15] usb 7-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  518.894675][   T15] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  518.904076][   T15] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.933176][T11776] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  518.953869][   T15] usb 7-1: invalid MIDI out EP 0
[  518.959023][   T15] snd-usb-audio: probe of 7-1:27.0 failed with error -22
[  519.050541][T11806] netlink: 'syz.5.3781': attribute type 13 has an invalid length.
[  519.070998][T11806] gretap0: refused to change device tx_queue_len
[  519.090163][T11806] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  519.172139][T11808] device pim6reg1 entered promiscuous mode
[  519.194910][T11776] EXT4-fs (loop6): Mount option "noacl" will be removed by 3.5
[  519.194910][T11776] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  519.194910][T11776] 
[  519.593414][T11776] EXT4-fs (loop6): Ignoring removed orlov option
[  519.640125][T11776] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  519.697522][T11776] EXT4-fs (loop6): mounted filesystem without journal. Opts: noacl,i_version,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[  519.949225][  T641] usb 7-1: USB disconnect, device number 22
[  520.343126][ T7072] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  520.593233][ T7072] usb 3-1: Using ep0 maxpacket: 32
[  520.763220][ T7072] usb 3-1: unable to get BOS descriptor or descriptor too short
[  520.853166][ T7072] usb 3-1: config 1 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1439, setting to 1024
[  520.864478][ T7072] usb 3-1: config 1 interface 0 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  520.864504][T11843] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  520.874783][ T7072] usb 3-1: config 1 interface 0 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  520.881683][T11843] EXT4-fs (loop6): Test dummy encryption mode enabled
[  520.891629][ T7072] usb 3-1: config 1 interface 0 has no altsetting 0
[  520.898263][T11843] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  520.911938][T11843] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  520.933697][T11843] EXT4-fs (loop6): 1 truncate cleaned up
[  520.939418][T11843] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,
[  520.967805][T11848] device pim6reg1 entered promiscuous mode
[  521.541764][ T7072] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  521.551079][ T7072] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.559813][ T7072] usb 3-1: Product: syz
[  521.564190][ T7072] usb 3-1: Manufacturer: syz
[  521.568830][ T7072] usb 3-1: SerialNumber: syz
[  521.593224][T11824] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  521.600339][T11824] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  521.607586][T11824] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  521.804833][ T4718] device bridge_slave_1 left promiscuous mode
[  521.811140][ T4718] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.973670][ T7072] cdc_ether: probe of 3-1:1.0 failed with error -71
[  522.047570][ T7072] usb 3-1: USB disconnect, device number 23
[  522.929936][ T4718] device bridge_slave_0 left promiscuous mode
[  522.936269][ T4718] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.963057][T11873] erofs: (device loop6): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  522.976762][T11882] fuse: Bad value for 'fd'
[  523.366088][T11893] device pim6reg1 entered promiscuous mode
[  523.373436][T11896] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3810'.
[  523.423123][  T641] usb 2-1: new low-speed USB device number 17 using dummy_hcd
[  523.910406][T11913] fuse: Bad value for 'fd'
[  524.103443][  T641] usb 2-1: unable to get BOS descriptor or descriptor too short
[  524.151547][   T24] kauditd_printk_skb: 13 callbacks suppressed
[  524.151592][   T24] audit: type=1400 audit(2000000380.924:1994): avc:  denied  { watch watch_reads } for  pid=11918 comm="syz.8.3821" path="/proc/773/task" dev="proc" ino=61390 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  524.234362][  T641] usb 2-1: unable to read config index 0 descriptor/start: -71
[  524.759430][  T641] usb 2-1: can't read configurations, error -71
[  525.051125][T11931] device veth1_macvtap left promiscuous mode
[  525.734643][T11935] device pim6reg1 entered promiscuous mode
[  525.768236][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.777797][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.786686][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.794325][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.801840][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x2
[  525.809415][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.826538][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.835606][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.844502][T11946] fuse: Bad value for 'fd'
[  525.852107][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.868271][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.880298][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.888053][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.895624][  T301] hid-generic 00A0:0006:0003.001F: unknown main item tag 0x0
[  525.908641][  T301] hid-generic 00A0:0006:0003.001F: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  526.089941][T11291] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  526.293162][ T4494] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  526.503409][T11291] usb 6-1: config 0 has an invalid descriptor of length 98, skipping remainder of the config
[  526.523995][T11291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  526.559823][T11291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  526.570012][ T4494] usb 9-1: Using ep0 maxpacket: 16
[  526.597671][T11291] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  526.646002][T11291] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  526.666091][T11291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.675169][T11291] usb 6-1: config 0 descriptor??
[  526.693460][ T4494] usb 9-1: config 0 has no interfaces?
[  526.725847][T11291] usb 6-1: MIDIStreaming interface descriptor not found
[  526.734614][T11291] snd-usb-audio: probe of 6-1:0.0 failed with error -12
[  526.853212][ T4494] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  526.873944][ T4494] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.882120][ T4494] usb 9-1: Product: syz
[  526.894001][ T4494] usb 9-1: Manufacturer: syz
[  526.898682][ T4494] usb 9-1: SerialNumber: syz
[  526.904436][ T4494] usb 9-1: config 0 descriptor??
[  526.925560][T11291] usb 6-1: USB disconnect, device number 27
[  527.013926][T11974] device pim6reg1 entered promiscuous mode
[  527.253994][   T15] usb 9-1: USB disconnect, device number 18
[  529.294013][T12027] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  529.382933][T12027] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  529.413396][T12027] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  529.440446][T12027] System zones: 0-1, 3-36
[  529.458581][T12027] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue
[  529.783231][ T7072] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  529.792374][T12049] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  530.023129][ T7072] usb 7-1: Using ep0 maxpacket: 8
[  530.272441][T12060] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3872'.
[  530.443233][ T7072] usb 7-1: config 0 has an invalid interface number: 52 but max is 0
[  530.452193][ T7072] usb 7-1: config 0 has no interface number 0
[  530.459191][ T7072] usb 7-1: New USB device found, idVendor=0bda, idProduct=8724, bcdDevice=df.31
[  530.567483][ T7072] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.601969][ T7072] usb 7-1: config 0 descriptor??
[  530.611756][   T24] audit: type=1400 audit(2000000387.394:1995): avc:  denied  { audit_write } for  pid=12082 comm="syz.8.3879" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  530.663149][  T462] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  530.671502][T12085] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3880'.
[  530.883171][ T7072] usb 7-1: string descriptor 0 read error: -71
[  530.891225][ T7072] usb 7-1: USB disconnect, device number 23
[  531.023212][  T462] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  531.041949][  T462] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  531.143196][  T462] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  531.158498][  T462] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  531.176879][  T462] usb 2-1: SerialNumber: syz
[  531.435322][T12107] fuse: Invalid rootmode
[  531.496458][  T462] usb 2-1: 0:2 : does not exist
[  531.518341][  T462] usb 2-1: USB disconnect, device number 19
[  531.630533][   T24] audit: type=1326 audit(2000000388.404:1996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12118 comm="syz.6.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  531.761632][   T24] audit: type=1326 audit(2000000388.434:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12118 comm="syz.6.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  531.786032][ T4733] udevd[4733]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  531.805562][   T24] audit: type=1326 audit(2000000388.434:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12118 comm="syz.6.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe03888be9 code=0x7ffc0000
[  531.830361][T12122] erofs: (device loop6): mounted with root inode @ nid 36.
[  531.851515][   T42] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  531.869115][T12122] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  532.173005][T12142] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  532.182135][T12142] ext4 filesystem being mounted at /191/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.193547][T12142] netlink: 'syz.6.3900': attribute type 13 has an invalid length.
[  532.205659][T12142] gretap0: refused to change device tx_queue_len
[  532.212226][T12142] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  534.663738][T12165] EXT4-fs (loop6): Ignoring removed orlov option
[  534.670501][T12165] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  534.703294][T12165] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  534.723271][T12165] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.3910: corrupted in-inode xattr
[  534.854699][T12165] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.3910: couldn't read orphan inode 15 (err -117)
[  534.873558][T12183] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3915'.
[  534.887545][   T24] audit: type=1400 audit(2000000391.664:1999): avc:  denied  { map } for  pid=12177 comm="syz.1.3915" path="socket:[61897]" dev="sockfs" ino=61897 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  535.090993][T12165] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue
[  535.341851][  T462] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  535.363161][ T7072] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  535.733561][  T462] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  535.745375][  T462] usb 3-1: config 0 has an invalid descriptor of length 82, skipping remainder of the config
[  535.757628][  T462] usb 3-1: config 0 has no interface number 0
[  535.766604][T12197] device pim6reg1 entered promiscuous mode
[  535.923910][T12201] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  535.948337][  T462] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  535.964811][  T462] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.978451][  T462] usb 3-1: Product: syz
[  536.210317][  T462] usb 3-1: Manufacturer: syz
[  536.216709][T12201] ext4 filesystem being mounted at /193/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  536.291122][  T462] usb 3-1: SerialNumber: syz
[  536.482855][T12201] netlink: 'syz.6.3920': attribute type 13 has an invalid length.
[  536.616843][  T462] usb 3-1: config 0 descriptor??
[  536.777399][ T7072] usb 6-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  536.786632][ T7072] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.794985][ T7072] usb 6-1: Product: syz
[  536.799154][ T7072] usb 6-1: Manufacturer: syz
[  536.851538][ T7072] usb 6-1: SerialNumber: syz
[  536.885832][T12201] gretap0: refused to change device tx_queue_len
[  536.902794][T12201] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  536.924165][ T7072] usb 6-1: config 0 descriptor??
[  537.043864][  T462] usb 3-1: USB disconnect, device number 24
[  537.253187][ T1733] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  537.584289][T12227] EXT4-fs (loop6): Ignoring removed orlov option
[  537.590875][T12227] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  537.597452][T12230] device pim6reg1 entered promiscuous mode
[  537.605838][T12227] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  537.613307][ T1733] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  537.625306][T12227] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.3930: corrupted in-inode xattr
[  537.631853][ T1733] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  537.637806][T12227] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.3930: couldn't read orphan inode 15 (err -117)
[  537.659012][T12227] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue
[  537.743211][ T1733] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  537.752336][ T1733] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  537.760795][ T1733] usb 9-1: SerialNumber: syz
[  538.003206][  T641] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  538.043947][ T1733] usb 9-1: 0:2 : does not exist
[  538.053788][ T1733] usb 9-1: USB disconnect, device number 19
[  538.119963][ T7072] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  538.352840][ T7072] asix: probe of 6-1:0.0 failed with error -71
[  538.923214][    C1] ip6_tunnel: syztnl2 xmit: Local address not yet configured!
[  539.098023][T12259] device pim6reg1 entered promiscuous mode
[  539.134665][ T7072] usb 6-1: USB disconnect, device number 28
[  539.163214][  T641] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  539.174843][  T641] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  539.193557][T12265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3944'.
[  539.313636][T12276] SELinux: security policydb version 17 (MLS) not backwards compatible
[  539.321938][T12276] SELinux: failed to load policy
[  539.343235][  T641] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  539.352731][  T641] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  539.451194][  T641] usb 3-1: SerialNumber: syz
[  539.458472][T12281] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3950'.
[  539.921435][  T641] usb 3-1: 0:2 : does not exist
[  540.640676][   T24] audit: type=1326 audit(2000000397.414:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.774020][   T24] audit: type=1326 audit(2000000397.444:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.799912][   T24] audit: type=1326 audit(2000000397.484:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.825039][   T24] audit: type=1326 audit(2000000397.494:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.852060][   T24] audit: type=1326 audit(2000000397.494:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.876318][   T24] audit: type=1326 audit(2000000397.504:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.884611][  T641] usb 3-1: USB disconnect, device number 25
[  540.965477][   T24] audit: type=1326 audit(2000000397.514:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  540.993112][  T458] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  541.015058][   T24] audit: type=1326 audit(2000000397.514:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12298 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  541.040204][   T24] audit: type=1326 audit(2000000397.514:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12305 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f23a65de4a5 code=0x7ffc0000
[  541.087649][   T24] audit: type=1326 audit(2000000397.684:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12305 comm="syz.2.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f23a65abbe9 code=0x7ffc0000
[  541.316980][T12326] ==================================================================
[  541.325116][T12326] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x842/0x3280
[  541.333383][T12326] Read of size 8 at addr ffff888116dba3c0 by task syz.8.3968/12326
[  541.341274][T12326] 
[  541.343624][T12326] CPU: 1 PID: 12326 Comm: syz.8.3968 Tainted: G        W         5.10.240-syzkaller #0
[  541.353441][T12326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  541.363499][T12326] Call Trace:
[  541.366897][T12326]  __dump_stack+0x21/0x24
[  541.371236][T12326]  dump_stack_lvl+0x169/0x1d8
[  541.375930][T12326]  ? show_regs_print_info+0x18/0x18
[  541.381140][T12326]  ? thaw_kernel_threads+0x220/0x220
[  541.386438][T12326]  print_address_description+0x7f/0x2c0
[  541.391991][T12326]  ? tc_setup_flow_action+0x842/0x3280
[  541.397455][T12326]  kasan_report+0xe2/0x130
[  541.401877][T12326]  ? flow_action_cookie_create+0x28/0x90
[  541.407519][T12326]  ? tc_setup_flow_action+0x842/0x3280
[  541.412984][T12326]  __asan_report_load8_noabort+0x14/0x20
[  541.418625][T12326]  tc_setup_flow_action+0x842/0x3280
[  541.423918][T12326]  ? __kmalloc+0x1a7/0x330
[  541.428342][T12326]  ? flow_rule_alloc+0x32/0x2c0
[  541.433195][T12326]  mall_replace_hw_filter+0x293/0x810
[  541.438572][T12326]  ? pcpu_block_update_hint_alloc+0x8bc/0xc50
[  541.444710][T12326]  ? mall_set_parms+0x410/0x410
[  541.449572][T12326]  ? tcf_exts_destroy+0xb0/0xb0
[  541.454437][T12326]  ? pcpu_alloc+0xf8a/0x16b0
[  541.459036][T12326]  ? mall_set_parms+0x19d/0x410
[  541.463890][T12326]  mall_change+0x528/0x750
[  541.468311][T12326]  ? __kasan_check_write+0x14/0x20
[  541.473417][T12326]  ? mall_get+0xa0/0xa0
[  541.477678][T12326]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[  541.483591][T12326]  ? nla_strcmp+0xf4/0x140
[  541.488034][T12326]  tc_new_tfilter+0x13f6/0x1a10
[  541.492882][T12326]  ? mall_get+0xa0/0xa0
[  541.497039][T12326]  ? tcf_gate_entry_destructor+0x20/0x20
[  541.502661][T12326]  ? security_capable+0x87/0xb0
[  541.507608][T12326]  ? ns_capable+0x8c/0xf0
[  541.511923][T12326]  ? netlink_net_capable+0x125/0x160
[  541.517197][T12326]  ? tcf_gate_entry_destructor+0x20/0x20
[  541.522813][T12326]  rtnetlink_rcv_msg+0x800/0xb90
[  541.527928][T12326]  ? rtnetlink_bind+0x80/0x80
[  541.532605][T12326]  ? arch_stack_walk+0xee/0x140
[  541.537548][T12326]  ? stack_trace_save+0x98/0xe0
[  541.542386][T12326]  ? stack_trace_snprint+0xf0/0xf0
[  541.547484][T12326]  ? memcpy+0x56/0x70
[  541.551469][T12326]  ? avc_has_perm+0x234/0x360
[  541.556147][T12326]  ? __kasan_slab_alloc+0xbd/0xf0
[  541.561160][T12326]  ? slab_post_alloc_hook+0x5d/0x2f0
[  541.566463][T12326]  ? ___sys_sendmsg+0x1f0/0x260
[  541.571298][T12326]  ? avc_has_perm_noaudit+0x240/0x240
[  541.576743][T12326]  ? selinux_nlmsg_lookup+0x3fb/0x4a0
[  541.582101][T12326]  netlink_rcv_skb+0x1e0/0x430
[  541.586850][T12326]  ? rtnetlink_bind+0x80/0x80
[  541.591515][T12326]  ? netlink_ack+0xb80/0xb80
[  541.596118][T12326]  ? __netlink_lookup+0x387/0x3b0
[  541.601126][T12326]  rtnetlink_rcv+0x1c/0x20
[  541.605962][T12326]  netlink_unicast+0x876/0xa40
[  541.610713][T12326]  netlink_sendmsg+0x88d/0xb30
[  541.615468][T12326]  ? schedule_preempt_disabled+0x20/0x20
[  541.621084][T12326]  ? netlink_getsockopt+0x530/0x530
[  541.626268][T12326]  ? security_socket_sendmsg+0x82/0xa0
[  541.631732][T12326]  ? netlink_getsockopt+0x530/0x530
[  541.636936][T12326]  ____sys_sendmsg+0x5a2/0x8c0
[  541.641685][T12326]  ? __sys_sendmsg_sock+0x40/0x40
[  541.646692][T12326]  ? import_iovec+0x7c/0xb0
[  541.651180][T12326]  ___sys_sendmsg+0x1f0/0x260
[  541.655841][T12326]  ? __sys_sendmsg+0x250/0x250
[  541.660621][T12326]  ? __fdget+0x1a1/0x230
[  541.664859][T12326]  __x64_sys_sendmsg+0x1e2/0x2a0
[  541.669916][T12326]  ? ___sys_sendmsg+0x260/0x260
[  541.674775][T12326]  ? switch_fpu_return+0x197/0x340
[  541.679876][T12326]  do_syscall_64+0x31/0x40
[  541.684279][T12326]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  541.690266][T12326] RIP: 0033:0x7f5d7e43abe9
[  541.694671][T12326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.714395][T12326] RSP: 002b:00007f5d7ce82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  541.722793][T12326] RAX: ffffffffffffffda RBX: 00007f5d7e672090 RCX: 00007f5d7e43abe9
[  541.730748][T12326] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  541.738702][T12326] RBP: 00007f5d7e4bde19 R08: 0000000000000000 R09: 0000000000000000
[  541.746661][T12326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  541.754760][T12326] R13: 00007f5d7e672128 R14: 00007f5d7e672090 R15: 00007ffe817439d8
[  541.762822][T12326] 
[  541.765139][T12326] Allocated by task 12326:
[  541.769544][T12326]  __kasan_kmalloc+0xda/0x110
[  541.774206][T12326]  __kmalloc+0x1a7/0x330
[  541.778627][T12326]  tcf_idr_create+0x5f/0x790
[  541.783202][T12326]  tcf_idr_create_from_flags+0x61/0x70
[  541.788644][T12326]  tcf_gact_init+0x2b4/0x520
[  541.793224][T12326]  tcf_action_init_1+0x3e1/0x670
[  541.798170][T12326]  tcf_action_init+0x1e6/0x700
[  541.803012][T12326]  tcf_exts_validate+0x215/0x510
[  541.808027][T12326]  mall_set_parms+0x4b/0x410
[  541.812609][T12326]  mall_change+0x45c/0x750
[  541.817031][T12326]  tc_new_tfilter+0x13f6/0x1a10
[  541.821895][T12326]  rtnetlink_rcv_msg+0x800/0xb90
[  541.826821][T12326]  netlink_rcv_skb+0x1e0/0x430
[  541.831584][T12326]  rtnetlink_rcv+0x1c/0x20
[  541.835997][T12326]  netlink_unicast+0x876/0xa40
[  541.840742][T12326]  netlink_sendmsg+0x88d/0xb30
[  541.845486][T12326]  ____sys_sendmsg+0x5a2/0x8c0
[  541.850231][T12326]  ___sys_sendmsg+0x1f0/0x260
[  541.855343][T12326]  __x64_sys_sendmsg+0x1e2/0x2a0
[  541.860273][T12326]  do_syscall_64+0x31/0x40
[  541.864672][T12326]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  541.870652][T12326] 
[  541.872966][T12326] Last potentially related work creation:
[  541.878670][T12326]  kasan_save_stack+0x3a/0x60
[  541.883338][T12326]  __kasan_record_aux_stack+0xd2/0x100
[  541.888796][T12326]  kasan_record_aux_stack_noalloc+0xb/0x10
[  541.894593][T12326]  kvfree_call_rcu+0x10c/0x620
[  541.899380][T12326]  fib_rules_unregister+0x2f2/0x380
[  541.904563][T12326]  fib4_rules_exit+0x3b/0x40
[  541.909152][T12326]  ip_fib_net_exit+0x307/0x350
[  541.913896][T12326]  fib_net_exit+0x6c/0x80
[  541.918224][T12326]  cleanup_net+0x586/0xb70
[  541.922637][T12326]  process_one_work+0x6e1/0xba0
[  541.927467][T12326]  worker_thread+0xa6a/0x13b0
[  541.932231][T12326]  kthread+0x346/0x3d0
[  541.936421][T12326]  ret_from_fork+0x1f/0x30
[  541.940842][T12326] 
[  541.943174][T12326] The buggy address belongs to the object at ffff888116dba300
[  541.943174][T12326]  which belongs to the cache kmalloc-192 of size 192
[  541.957222][T12326] The buggy address is located 0 bytes to the right of
[  541.957222][T12326]  192-byte region [ffff888116dba300, ffff888116dba3c0)
[  541.970830][T12326] The buggy address belongs to the page:
[  541.976458][T12326] page:ffffea00045b6e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116dba
[  541.986712][T12326] flags: 0x4000000000000200(slab)
[  541.991733][T12326] raw: 4000000000000200 ffffea00049ed280 0000000400000004 ffff888100043380
[  542.000396][T12326] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  542.008968][T12326] page dumped because: kasan: bad access detected
[  542.015390][T12326] page_owner tracks the page as allocated
[  542.021108][T12326] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4747, ts 486840101315, free_ts 486786140630
[  542.037375][T12326]  prep_new_page+0x179/0x180
[  542.041969][T12326]  get_page_from_freelist+0x2235/0x23d0
[  542.047504][T12326]  __alloc_pages_nodemask+0x268/0x5f0
[  542.052866][T12326]  new_slab+0x84/0x3f0
[  542.056925][T12326]  ___slab_alloc+0x2a6/0x450
[  542.061504][T12326]  __slab_alloc+0x63/0xa0
[  542.065826][T12326]  kmem_cache_alloc_trace+0x1b3/0x2e0
[  542.071187][T12326]  kernfs_fop_open+0x343/0xb30
[  542.075960][T12326]  do_dentry_open+0x793/0x1090
[  542.080709][T12326]  vfs_open+0x73/0x80
[  542.084682][T12326]  path_openat+0x27ad/0x3160
[  542.089258][T12326]  do_filp_open+0x1b3/0x3e0
[  542.093747][T12326]  do_sys_openat2+0x14c/0x6d0
[  542.098414][T12326]  __x64_sys_openat+0x136/0x160
[  542.103263][T12326]  do_syscall_64+0x31/0x40
[  542.107678][T12326]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  542.113558][T12326] page last free stack trace:
[  542.118223][T12326]  free_unref_page_prepare+0x2b7/0x2d0
[  542.123669][T12326]  __free_pages+0x14b/0x380
[  542.128161][T12326]  __free_slab+0xcf/0x190
[  542.132476][T12326]  unfreeze_partials+0x15f/0x190
[  542.137404][T12326]  put_cpu_partial+0xc1/0x180
[  542.142074][T12326]  __slab_free+0x2c9/0x3a0
[  542.146480][T12326]  ___cache_free+0x111/0x130
[  542.151056][T12326]  qlink_free+0x50/0x90
[  542.155204][T12326]  qlist_free_all+0x5f/0xb0
[  542.159694][T12326]  kasan_quarantine_reduce+0x14a/0x160
[  542.165142][T12326]  __kasan_slab_alloc+0x2f/0xf0
[  542.170104][T12326]  slab_post_alloc_hook+0x5d/0x2f0
[  542.175201][T12326]  kmem_cache_alloc+0x165/0x2e0
[  542.180038][T12326]  __anon_vma_prepare+0x51/0x420
[  542.184968][T12326]  wp_page_copy+0xfe1/0x15d0
[  542.189546][T12326]  do_wp_page+0x9a6/0xc80
[  542.193857][T12326] 
[  542.196176][T12326] Memory state around the buggy address:
[  542.201796][T12326]  ffff888116dba280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  542.209988][T12326]  ffff888116dba300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  542.218093][T12326] >ffff888116dba380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  542.226151][T12326]                                            ^
[  542.232298][T12326]  ffff888116dba400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  542.240349][T12326]  ffff888116dba480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  542.248423][T12326] ==================================================================
[  542.256472][T12326] Disabling lock debugging due to kernel taint
[  542.343187][  T458] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  542.357193][  T458] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  542.443275][  T458] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  542.452363][  T458] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  542.460417][  T458] usb 7-1: SerialNumber: syz
[  542.743814][  T458] usb 7-1: 0:2 : does not exist
[  542.750200][  T458] usb 7-1: USB disconnect, device number 24
[  542.953751][ T4733] udevd[4733]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory