last executing test programs:

5m47.388119228s ago: executing program 1 (id=173):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000001c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5ad, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

5m45.85134468s ago: executing program 1 (id=180):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000004000000040000000a"], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x8, 0x6, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2, 0x2000}, 0x10)

5m45.083228737s ago: executing program 1 (id=181):
fanotify_init(0x202, 0x400)
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
connect$bt_sco(r0, &(0x7f0000005340)={0x1f, @none}, 0x8)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socket$packet(0x11, 0x3, 0x300)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r5=>0x0})
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, {0x7, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)

5m43.851035112s ago: executing program 1 (id=189):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000002c0)=ANY=[@ANYBLOB="e00000027f00000101000000020000007f"], 0x18)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
syz_usb_connect(0x3, 0x3f, &(0x7f0000000640)=ANY=[@ANYBLOB="120110035bd79d10ac051b02e2800102030109022d00010b09300809045cff030394020109050503000033070109050103080002030e09050f0c64000901d5"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

5m40.172672565s ago: executing program 1 (id=199):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000100)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @rand_addr=0x4}, 0x3}}, 0x24)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f00000001c0), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x802, 0xa2)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000000)=0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x150}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_usb_connect$uac1(0x0, 0x71, 0x0, 0x0)
io_uring_setup(0x3090, &(0x7f0000000000)={0x0, 0xdfef, 0x40, 0x0, 0x349, 0x0, r2})
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

5m31.988811568s ago: executing program 1 (id=212):
r0 = syz_open_dev$sg(0x0, 0x7fffffff, 0x200500)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0x1d, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000050000008bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141400000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0)={0x0, 0x0, 0x2}, 0x10}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum64={0x2, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x5f, 0x2e, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x5}, 0x28)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
add_key$keyring(&(0x7f0000000200), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x40102, 0x0)
ioctl$FBIOGET_FSCREENINFO(r2, 0x4602, &(0x7f0000000140))
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, 0x0)
r3 = semget$private(0x0, 0x207, 0x0)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000180))
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
write$UHID_INPUT2(0xffffffffffffffff, &(0x7f0000000300)={0xc, {0x1b, "eba0187686a4000b647d0a34838b55b5951c6a8ab51e7fc282ef0f"}}, 0x21)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000000, 0x12, r5, 0xaed6d000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000080000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000010180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff99, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x42a00)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r6, 0xc0505405, &(0x7f0000000580)={{0x3, 0x0, 0x1, 0x1, 0xffffffff}, 0x5, 0xc, 0x400001})
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000680), 0x80, &(0x7f0000000180)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000740)=""/172, 0xac}, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
read$FUSE(r4, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x29, 0x0}, 0x8004)

5m15.523921135s ago: executing program 32 (id=212):
r0 = syz_open_dev$sg(0x0, 0x7fffffff, 0x200500)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0x1d, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000050000008bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141400000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0)={0x0, 0x0, 0x2}, 0x10}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum64={0x2, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x5f, 0x2e, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x5}, 0x28)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
add_key$keyring(&(0x7f0000000200), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x40102, 0x0)
ioctl$FBIOGET_FSCREENINFO(r2, 0x4602, &(0x7f0000000140))
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, 0x0)
r3 = semget$private(0x0, 0x207, 0x0)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000180))
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
write$UHID_INPUT2(0xffffffffffffffff, &(0x7f0000000300)={0xc, {0x1b, "eba0187686a4000b647d0a34838b55b5951c6a8ab51e7fc282ef0f"}}, 0x21)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000000, 0x12, r5, 0xaed6d000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000080000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000010180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff99, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x42a00)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r6, 0xc0505405, &(0x7f0000000580)={{0x3, 0x0, 0x1, 0x1, 0xffffffff}, 0x5, 0xc, 0x400001})
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000680), 0x80, &(0x7f0000000180)=[{&(0x7f0000000040)}], 0x1, &(0x7f0000000740)=""/172, 0xac}, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
read$FUSE(r4, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x29, 0x0}, 0x8004)

18.504973772s ago: executing program 2 (id=945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xa, 0x7, 0x6, 0x8c}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

18.185213167s ago: executing program 2 (id=947):
syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000700), 0xeba, 0x80)
close(r0)

17.676991248s ago: executing program 2 (id=953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')

17.299564017s ago: executing program 2 (id=959):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
mount(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000500)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x220)

16.664581604s ago: executing program 2 (id=969):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
semctl$SEM_STAT_ANY(0x0, 0x1, 0x14, 0x0)

15.524137457s ago: executing program 2 (id=975):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c000000180011af59bd7000000000000a001400fe04ff06"], 0x1c}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

14.252568512s ago: executing program 33 (id=975):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c000000180011af59bd7000000000000a001400fe04ff06"], 0x1c}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

10.626295609s ago: executing program 5 (id=994):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0)
syz_clone3(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

10.625356282s ago: executing program 5 (id=997):
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x778, &(0x7f0000001dc0)="$eJzs3c9rXFUbAOD3TpKmTft9iSBoXQUELZQmpsZWwUXFhQgWCrq2DZNpqJlkSmZSmhDQIoIbQcWFoJuu/VF3bqtu9b9wIZaqabHiQkbuZG4ySWbSJJ1kKvM8cJNz5t6Zc945995zZu7hTgBdazj9k4s4GhEfJhGD9ceTiOirpXojzqxsd295KZ8uSVSrr/+e1La5u7yUj4bnpA7XM49HxPfvRRzPbS63vLA4PVEsFubq+dHKzOXR8sLiiUszE1OFqcLsqbHx8ZOnnzt9qn2x/vnT4pFbH73y9Ndn/n73sRsf/JDEmThSX9cYR7sMx3D9PelL38J1Xm53YR2WdLoC7Ep6aPasHOVxNAajp5Zac7O6omMVBADa7u2IqAIAXSbR/wNAl8m+B7i7vJTPls5+I7G/br8UEQdX4s+ub66s6a1fsztYuw46cDdZd2UkiYihNpQ/HBGff/vml+kSe3QdEqCZd65FxIWh4c3n/2TTnIWdemaLdQciK2U95z/YPzfT8c/zzcZ/udXxTzQZ//Rnc8ce0MbX2HT8H2pDIVtIx38vNsxtu9cQf91QTz33v9qYry+5eKlYSM9t/187fRXGtijj2J1/7rRa1zj+++Pjt75Iy0//r22R+7W3f/1zJicqE7uNd6Pb1yKe6G0Wf7La/kmL8e+5bZbx6gvvf9ZqXRp/Gm+2bI4/6rOT9kb1esRTTdt/rWdKtpyfOFrbHUaznWKDtOm++fnTgVblN7Z/uqTlZ58F9kPa/gNbxz+UNM7XLO+8jB+vD37Xat3942++/x9I3qils3HE1YlKZW4s4kDy2ubHT649N8tn26fxH3uy+fG/1f6ffia8sM34e2/99tXu499bafyTO2r/nSdu3JvuaVX+9tp/fHU2cmzz/LfdCj7IewcAAAAAAAAAAAAAAAAAAAAAAAAA25WLiCOR5EZW07ncyMjKb3g/GgO5YqlcOX6xND87GbXfyh6Kvlx2q8vBhvuhjtXvh5/lT27IPxsRj0TEJ/2Hkuw+ipMdjh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAModb/P5/6pf+TtcOANgzBztdAQBg3+n/AaD76P8BoPvo/wGg++j/AaD76P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY+fOnk2X6l/LS/k0P3llYX66dOXEZKE8PTIznx/Jl+Yuj0yVSlPFwki+NHO/1yuWSpfHY3b+6milUK6MlhcWz8+U5mcr5y/NTEwVzhf69iUqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiZ8sLi9ESxWJiT2EWi+nBUo/OJnvru9LDUZ18TycNRjTYnOnxiAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiP+DcAAP//l3opDw==")
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xfffffffffffffdcf, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="eea0bb1500000000001f000000000000000000000200000000000000"], 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000006800e97800000000000000000a000000000000000800", @ANYRES64=r2], 0x20}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
personality(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='cachefiles_prep_read\x00', r3, 0x0, 0x3}, 0x18)
unshare(0x2040400)
r4 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
unshare(0x2020200)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r5, &(0x7f0000001300)="92", 0x1, 0x10, &(0x7f0000000240)={0xa, 0x4e1c, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000200)={0x1, &(0x7f0000000180)=[{0x2, 0x57, 0x1, 0x7ff}]})

9.371792537s ago: executing program 5 (id=1006):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6}, 0x4)
close(r0)

9.044426855s ago: executing program 5 (id=1009):
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs2z2IVFcUAOAzP2/ejoJrYRFs4loLQbF0ihh2J0ICMiYEFov8IsJWG1iYkMEJbpFYKG4hlmkkMCl21yq6hVUWhdRBLBKEKSxNE2KKfeHNvPlJSISECSH4fcW957173jn3wmtv8L9WjqSIsnQwvfL+c/Oz+Uncjbd7i0tnsizL3oooxflIYiE5sB0R1Yjtm1NV42hE7J+qc+vLfTtf/PR60nt0Lpmu3400Dua5tchLFup/tpX0bx+Wmdts7M5fXl9tXs0fmp3+3jsRW08XW3feuLKxXUle+zB/fynifpFfHYz18uj796rxu5Xn+GwSlqb7j36Oiw+bnf7N3uPje4eblW8unHp2ZOfavRMRa3nlszH42Sdq//zM0zYbu1lh0H9t4fryRuf0sduHbpxs333QelL5pVgetizPpi0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+SzXxYr8XVduPiw2an//n337259XSrdKdWJJSG0/0/fPdxtOOTSCJiJVbio1gdryTTaS+NowPjaLk03b+xO395fbU57P/rvojHx/cON3v1C6eeLe1cu3ei2MRcPpVnduy/6N/pry1cX97onD52+9CNk+27D1pPKsO8lTQ+GB0tnf02AAAAAAAAAAAAAAAAAAAAeMEtLp05cvbV1sE8Pj8XEY1PB7fss7T+dUyu/8fRYv4hHV7lvzUXUY2I3qNzP9fe/fbKj8Wl+G6k0Y2I/V8lEfHyuM+lwVgdPSaTyvyXfgsAAP//2CqJUQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r0, 0x0, 0x0, 0x9000)

8.641306188s ago: executing program 5 (id=1011):
r0 = syz_open_dev$sg(&(0x7f0000000c40), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000080)=0x7fffffff)

8.28051001s ago: executing program 5 (id=1014):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8d0, &(0x7f00000002c0)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYRES64, @ANYRESHEX, @ANYRES16, @ANYRESOCT=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000680)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_retopts={{0x18, 0x0, 0x7, {[@rr={0x7, 0x3, 0x21}, @generic={0x7, 0x2}]}}}], 0x18}}], 0x1, 0x4044000)

5.609510328s ago: executing program 6 (id=1029):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x6c}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x208, 0x98, 0x8, 0xfa04, 0x98, 0x6c02, 0x1e0, 0x194, 0x194, 0x1e0, 0x194, 0x3, 0x0, {[{{@ip={@broadcast, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x74020000}}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'batadv_slave_0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268)

5.021284253s ago: executing program 6 (id=1032):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)

4.770665744s ago: executing program 6 (id=1033):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x1, 0x80, 0x8000000, 0x8000021e}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x2000000, 0x0, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
dup(0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x110404, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x24008040)

4.590471394s ago: executing program 0 (id=1035):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x100000000}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

3.771162361s ago: executing program 0 (id=1036):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r1=>0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r3 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp=r3}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

3.454201605s ago: executing program 0 (id=1038):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)

3.276612717s ago: executing program 3 (id=1040):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00'}, 0x10)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x6000)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000280))
stat(&(0x7f0000002040)='./file0\x00', &(0x7f00000004c0))

3.008484085s ago: executing program 4 (id=1041):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x20000000006}, 0x18)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r1, &(0x7f00000000c0), 0x2, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/../file0\x00')

2.856392822s ago: executing program 3 (id=1042):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r3=>0x0})
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r3, 0x25, 0x4, @val=@tracing={0x0, 0x20000000}}, 0x1c)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r4, r5}, 0x5)

2.705011653s ago: executing program 4 (id=1043):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)

2.390830063s ago: executing program 0 (id=1044):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a300000000009000100"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

2.337297203s ago: executing program 3 (id=1045):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
write(0xffffffffffffffff, &(0x7f0000000040)="1c0000001a009b", 0x7)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, 0x0, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r4, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@version_9p2000}]}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x20008810)

2.289093032s ago: executing program 4 (id=1046):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000005cc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000301010300000000000000000a0000020c00198008000100090400"], 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x4000)

2.006714833s ago: executing program 3 (id=1047):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x200000000003}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0x897, 0x200, 0x0, 0xf})

1.930801988s ago: executing program 0 (id=1048):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x280c021, 0x0, 0x1, 0x0, &(0x7f0000000d40))

1.845097531s ago: executing program 4 (id=1049):
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000100)='./file1\x00', 0x200000, &(0x7f0000000280)=ANY=[], 0x11, 0x736, &(0x7f0000000b40)="$eJzs3c1uG+fVAOBDWY4VfYARfC2CwHWciZOFDTgySSUyhCwKlhrJk1AkMUMFNroogtgujMhJETdArS7SbNJ20UvoItveRO6h6K7XkH1XVTHDH/1Yol1bEQP3eQhzXs6cmffMkODRS3OGAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABErb1Wrzdq0cm6W7eS47XX8t7mlOXj7X13YDKl34ha+S8WFuK14azXfrq3+NXy7nJcHD66GAvlZCF2/u/VV97/yfzceP0pCZ2Kh492Pv14e/vuF7NOZEY20m5W9LLN1kaaZEUvWV1ZqV+/uV4k61knLW4Xg3Qzaedpa9DLkyvtq0ljdXU5SZdu97a6G2utTjqeeeOdZr2+knyw1E9bedHrXv9gqWjfzDqdrLtRxZSLy5gbya8/zz/MBskgbW0myb3723eXn5RkGdR4mqDmk4Ka9Waz0Wg2Gyvvrb53o16fb9YX4sCM+iFxYJWkXp8fv2jjleFr+6mP9T7/eJaV+MHMlXd//3L0hMYfpj+zJ/PGDSdgblT/oxNZdGMrbkVy5K0da5FHLzaPWT7yXcTvq8b1dGq/Zf1eGNX/cZV/bW/xhfLu8sLo0aXj6v8xuZze7WE8ip34ND6O7diOu/HFzDM63dtGpNGNLIroRRab0armJKM5SazGSqxEPX4VN2M9ikhiPbLoRBpF3I4iBpFWr6h25JFGKwbRizySuBLtuBpJNGI1VmM5kkhjKW5HL7aiGxuxFq1qK/fifnXcl6fkOAlqPE1Qc0rQqJiXL7zK/GN/ENTr86NlR9X/G5P6/9eqPjx8+zSrFDN1Ztw4uTdveE674/ofu7v/3i3NOiMAAADgpNWqT99rl16aPF7POukvZ5wVAAAAcJKqrzJdLCdny9brUSvH//W9gJdmlxsAAABwMmpxafQpwGK8MWyNz4SqG/sDAADAi6H6//9L5WSxbM2NZg/H/2NzM0oOAAAAOBF/2rvG/k4ceY3dol8O/+cjovZ1/9bbtQetMq714MxwvTOHtzhYv1A7P9pINVmZHz1qpxdro6tfTi6C+f1ocu9J1/qv5fnZ501g75OMN+8Mp3cmS6peFtezTrrU7nXeb0SrdX5ukN4afPnZ/d9FlL3/ubt5vhb37m/fXfrk8+07VS5fl1v5+sHoirC1/yKX38brw5jXz8Vje7wTtbPViRijfheH/db37/9oX8a79PJT9PnNOOby4nC6eHD/F8o+G0vH7f1i7dxo/efa82/GwW9deWs4OSKL5pQsqmPR3H/8Dx2Lp8oi3joui/OTLJbHWezG+MqYB7NYfs4sAGbl3qQKHay7Zyf1/7G6+wzvcqdT3b+JK8OYKxeqN9b5C0fUlfqRdWX3zKEa++zV7W9xdRhzdRx8XI0t9/kvk34bVb/flit8e2y/RWd8QB78Jq7PPdp5534Ve/ezZnN5pf5uvf5eM85WuzGalJn+a+Fwpi+H2gPwP+1y9f3/ab+xc3TEmb3SXHs33iynP9s3qi5r0qTi/f/klIKl+CQ+j+24E9eqsw0i4o2j+13cdxrCtbg8SvboUevivl94uXb8qG5f7Phvl6eJHf68DAC8SC4/oQ5P6v/4t/jGEVUJHY7dr+0bdy/sjbtjNMI8VMunj47313IA4IeR5t/XFgd/rOXlg8bqaqM1uJkmea/9YZJnaxtpknUHad6+2epupEk/7w167V6nbHyUraVFUmz1+718kKz38qTfK7JbP4+skyajn34v0s1Wd5C1i34nbRVp0u51B632IFnLinbS3/pFJyu+2t3dLVcu+mk7W8/arUHW6yZFbytvp0tJUqTpKPBmmifZWtodZOtZ2ewm/Tw7F/nt5KNeZ2szTdbSop1n/UEvr7IZ95V118/lm9Vml2Z9sAHgR+Lho51PP97evvvF0Y2FOHZR1fjn9NWHjVnvIwBw0LQq/di3zwAAAAAAAAAAAAAAgJl4wvl/z96oHZozFxE/VF8vXGP3q1Ppa3yCx+yenTM/kgP+eOPbfXOSE9zyyxHxo9jBA41zjy+a8RsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzhPwEAAP//ONRIwg==")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r0, 0x0, 0x0)

1.746733388s ago: executing program 3 (id=1050):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = io_uring_setup(0x5b42, &(0x7f0000000640)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x159})
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r2, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
setuid(0xee01)

1.674431669s ago: executing program 6 (id=1051):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'ipvlan1\x00', &(0x7f00000002c0)=@ethtool_rxfh_indir={0x1}})

1.365188237s ago: executing program 4 (id=1052):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)=ANY=[@ANYBLOB="2c0000000a0a050000000000000000000a00000909000100"], 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)

1.320782442s ago: executing program 3 (id=1053):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8ad996ab28735fda)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mbind(&(0x7f00002c5000/0x3000)=nil, 0x3000, 0x4001, &(0x7f0000000000)=0x81, 0x800, 0x2)
syz_usbip_server_init(0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x0)

1.27948198s ago: executing program 6 (id=1054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001380)={0x6, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xe}, {}, {}, [@ldst={0x2, 0x2, 0x3, 0x9, 0x0, 0xfffffffffffffff8, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0xd8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)=""/165, 0xa5}], 0x1}, 0x5}], 0x1, 0x10000, 0x0)

959.936704ms ago: executing program 0 (id=1055):
socket$kcm(0x2, 0x2, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r0, 0x0, 0xe, 0x0, &(0x7f0000000180))
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYRES8, @ANYRESHEX, @ANYRESOCT, @ANYBLOB="ba226044d1128c894e", @ANYRESDEC, @ANYRES64=r1], 0x1c}}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_type(r4, &(0x7f0000000280), 0x2, 0x0)
read(r5, &(0x7f0000001c40)=""/4096, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e24, 0x8, @local, 0xff}}, 0x0, 0x0, 0x400, 0x0, 0x34}, 0x9c)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='wbt_stat\x00', r2, 0x0, 0x401}, 0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000880)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r8, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

851.290936ms ago: executing program 4 (id=1056):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
mbind(&(0x7f00004fa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x1ff, 0x8, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)

0s ago: executing program 6 (id=1057):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r0, 0x6, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x9b69}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x600}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rt_sigqueueinfo(0x0, 0x21, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

kernel console output (not intermixed with test programs):

c0000
[  354.605034][   T24] appletouch 6-1:11.92: Could not find int-in endpoint
[  354.613900][   T24] appletouch 6-1:11.92: probe with driver appletouch failed with error -5
[  354.629788][   T24] usbhid 6-1:11.92: couldn't find an input interrupt endpoint
[  354.698237][   T10] usb 7-1: Using ep0 maxpacket: 16
[  354.933946][ T8547] netlink: 108 bytes leftover after parsing attributes in process `syz.0.673'.
[  354.945000][ T8547] netlink: 108 bytes leftover after parsing attributes in process `syz.0.673'.
[  354.955619][ T8547] netlink: 108 bytes leftover after parsing attributes in process `syz.0.673'.
[  356.016875][   T10] usb 7-1: config 4 has an invalid interface number: 9 but max is 0
[  357.934968][   T10] usb 7-1: config 4 has no interface number 0
[  357.941820][   T10] usb 7-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  357.955757][   T30] audit: type=1326 audit(1753610331.860:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.4.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5cd8e9a9 code=0x7ffc0000
[  357.984841][   T10] usb 7-1: config 4 interface 9 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 167
[  357.996996][   T10] usb 7-1: config 4 interface 9 has no altsetting 0
[  358.015643][   T10] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  358.126598][   T24] usb 6-1: USB disconnect, device number 11
[  358.468318][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.717065][   T10] usb 7-1: Product: syz
[  358.721287][   T10] usb 7-1: Manufacturer: syz
[  358.756714][ T8557] netlink: 4 bytes leftover after parsing attributes in process `syz.5.675'.
[  358.775273][   T10] usb 7-1: SerialNumber: syz
[  358.845924][   T10] usb 7-1: can't set config #4, error -71
[  358.854259][ T8561] netlink: 4 bytes leftover after parsing attributes in process `syz.5.675'.
[  358.916958][   T10] usb 7-1: USB disconnect, device number 11
[  359.079673][ T8563] loop4: detected capacity change from 0 to 64
[  359.203748][   T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  359.373996][   T24] usb 6-1: Using ep0 maxpacket: 16
[  359.581351][   T24] usb 6-1: config 0 has an invalid interface number: 217 but max is 0
[  359.605628][   T24] usb 6-1: config 0 has no interface number 0
[  360.188015][   T24] usb 6-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=32.5e
[  360.240529][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.313666][   T24] usb 6-1: Product: syz
[  360.328378][   T24] usb 6-1: Manufacturer: syz
[  360.366428][   T24] usb 6-1: SerialNumber: syz
[  360.404263][   T24] usb 6-1: config 0 descriptor??
[  360.435333][   T24] ttusb_dec_send_command: command bulk message failed: error -22
[  360.470557][   T24] ttusb-dec 6-1:0.217: probe with driver ttusb-dec failed with error -22
[  360.496948][ T8571] loop4: detected capacity change from 0 to 128
[  360.540656][ T8571] gfs2meta: Unknown parameter 'ª©¦&ãL{šîBRtqÌw@K.€gBp ¿à¡M­Zfú¡)¼\µ'
[  360.788154][   T24] usb 6-1: USB disconnect, device number 12
[  362.336157][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  362.496932][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  362.528957][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  362.601391][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.641270][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  362.760333][   T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  362.790323][   T10] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  362.807259][ T8575] loop0: detected capacity change from 0 to 4096
[  362.819515][ T8583] mkiss: ax0: crc mode is auto.
[  362.830783][   T10] usb 5-1: Manufacturer: syz
[  362.926061][   T10] usb 5-1: config 0 descriptor??
[  363.453953][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  363.456407][   T10] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  363.555127][ T8571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  363.573085][ T8571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  363.588977][   T43] hid (null): unknown global tag 0xe
[  363.603602][   T43] hid (null): unknown global tag 0xe
[  363.612207][   T43] hid (null): unknown global tag 0xe
[  363.617602][   T43] hid (null): invalid report_size 328298723
[  363.628405][ T8571] loop4: detected capacity change from 0 to 128
[  363.637888][   T43] hid (null): unknown global tag 0xe
[  363.645431][   T43] hid (null): report_id 2681975707 is invalid
[  363.651687][   T43] hid (null): unknown global tag 0xd
[  363.658808][   T43] hid (null): report_id 3775897163 is invalid
[  363.666102][   T10] appleir 0003:05AC:8243.0003: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  363.690699][ T5859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.704297][   T24] usb 6-1: device descriptor read/64, error -71
[  363.720422][   T43] hid (null): invalid report_count 48610
[  363.728832][   T43] hid (null): invalid report_count 2075566878
[  363.750528][   T43] hid (null): report_id 29609 is invalid
[  363.787195][   T43] hid (null): unknown global tag 0xc
[  363.816071][   T43] hid (null): unknown global tag 0xd8
[  363.821586][   T43] hid (null): report_id 34405 is invalid
[  363.838818][ T8593] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  363.884240][   T43] hid (null): unknown global tag 0xe
[  363.889750][   T43] hid (null): unknown global tag 0xe
[  363.957641][   T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  363.989624][   T43] hid (null): invalid report_count -396792685
[  364.762253][   T43] hid (null): unknown global tag 0xe
[  364.789039][ T8600] loop3: detected capacity change from 0 to 16
[  364.815403][   T43] hid (null): unknown global tag 0xc
[  364.821152][   T43] hid (null): unknown global tag 0xd
[  364.832115][   T43] hid (null): unknown global tag 0x70
[  364.839116][   T43] hid (null): unknown global tag 0xd
[  364.849372][   T43] hid (null): unknown global tag 0x92
[  364.855846][   T43] hid (null): unknown global tag 0xc
[  364.861378][   T43] hid (null): unknown global tag 0xe
[  364.870960][   T43] hid (null): unknown global tag 0xe
[  364.878058][   T24] usb 6-1: device descriptor read/64, error -71
[  364.887149][ T8600] erofs (device loop3): mounted with root inode @ nid 36.
[  364.896089][   T43] hid (null): unknown global tag 0xd
[  364.902369][   T43] hid (null): unknown global tag 0xd1
[  364.909060][   T43] hid (null): unknown global tag 0x85
[  364.916216][   T43] hid (null): unknown global tag 0xc4
[  364.941778][ T8600] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  365.006700][   T24] usb usb6-port1: attempt power cycle
[  365.016698][   T43] hid (null): report_id 3548124247 is invalid
[  365.081307][   T43] hid (null): unknown global tag 0x3e
[  365.114690][ T5865] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  365.144325][ T8600] erofs (device loop3): failed to decompress -57 in[61, 4035] out[1851]
[  365.166418][   T43] hid (null): unknown global tag 0xd
[  365.179977][   T43] hid (null): unknown global tag 0xc
[  365.186954][   T43] hid (null): unknown global tag 0xf5
[  365.204863][   T43] hid (null): unknown global tag 0xe
[  365.210340][ T8600] erofs (device loop3): read error -117 @ 43 of nid 36
[  365.240931][   T43] hid-generic 0005:000A:0FFF.0004: unknown global tag 0xe
[  365.271128][   T43] hid-generic 0005:000A:0FFF.0004: item 0 1 1 14 parsing failed
[  365.292062][   T43] hid-generic 0005:000A:0FFF.0004: probe with driver hid-generic failed with error -22
[  365.321072][   T10] usb 5-1: USB disconnect, device number 11
[  365.333619][ T5865] usb 7-1: Using ep0 maxpacket: 16
[  365.350461][ T5865] usb 7-1: config 4 has an invalid interface number: 9 but max is 0
[  365.370630][ T5865] usb 7-1: config 4 has no interface number 0
[  365.378332][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  365.398860][ T5865] usb 7-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  365.429937][   T24] usb 6-1: device descriptor read/8, error -71
[  365.463750][ T5865] usb 7-1: config 4 interface 9 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 167
[  365.513591][ T5865] usb 7-1: config 4 interface 9 has no altsetting 0
[  365.545057][ T5865] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  365.565989][ T5865] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.579901][ T5865] usb 7-1: Product: syz
[  365.590613][ T5865] usb 7-1: Manufacturer: syz
[  365.610644][ T5865] usb 7-1: SerialNumber: syz
[  365.621015][ T8603] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22
[  365.640143][ T8603] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22
[  365.691819][ T5865] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  365.713682][   T24] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  365.748029][ T8624] lo speed is unknown, defaulting to 1000
[  365.815875][   T24] usb 6-1: device descriptor read/8, error -71
[  365.846018][   T43] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  366.034573][   T24] usb usb6-port1: unable to enumerate USB device
[  366.073775][   T43] usb 1-1: Using ep0 maxpacket: 8
[  366.393544][   T43] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  367.015588][ T6246] usb 7-1: Failed to submit usb control message: -110
[  367.050680][ T6003] usb 7-1: USB disconnect, device number 12
[  367.060030][ T8629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.697'.
[  367.063150][   T43] usb 1-1: config 0 interface 0 has no altsetting 0
[  367.077691][ T6246] usb 7-1: unable to send the bmi data to the device: -110
[  367.100390][ T6246] usb 7-1: unable to get target info from device
[  367.123829][   T43] usb 1-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  367.164318][ T6246] usb 7-1: could not get target info (-110)
[  367.170321][ T6246] usb 7-1: could not probe fw (-110)
[  367.170576][ T8635] netlink: 4 bytes leftover after parsing attributes in process `syz.5.697'.
[  367.182960][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.248892][   T43] usb 1-1: config 0 descriptor??
[  367.314170][   T43] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input9
[  367.770614][ T5198] bcm5974 1-1:0.0: could not write to device
[  367.810505][ T5198] bcm5974 1-1:0.0: could not read from device
[  367.820615][   T43] usb 1-1: USB disconnect, device number 18
[  368.766268][ T5860] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  368.776650][   T10] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  368.824802][ T5198] bcm5974 1-1:0.0: could not read from device
[  368.993698][ T8644] netlink: 100 bytes leftover after parsing attributes in process `syz.6.701'.
[  369.636099][ T8650] netlink: 'syz.3.703': attribute type 4 has an invalid length.
[  369.746925][ T5860] usb 5-1: Using ep0 maxpacket: 16
[  369.812940][ T8651] loop2: detected capacity change from 0 to 256
[  369.965252][ T8651] exfat: Deprecated parameter 'namecase'
[  369.979972][   T10] usb 6-1: Using ep0 maxpacket: 16
[  369.989258][ T8651] exfat: Deprecated parameter 'namecase'
[  369.998897][ T5860] usb 5-1: unable to get BOS descriptor or descriptor too short
[  370.011359][ T5860] usb 5-1: config 11 has an invalid interface number: 92 but max is 0
[  370.023482][   T10] usb 6-1: device descriptor read/all, error -71
[  370.030308][ T5860] usb 5-1: config 11 has no interface number 0
[  370.039968][ T5860] usb 5-1: config 11 interface 92 altsetting 255 endpoint 0x5 has an invalid bInterval 51, changing to 9
[  370.057108][ T5860] usb 5-1: config 11 interface 92 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  370.071302][ T5860] usb 5-1: config 11 interface 92 altsetting 255 endpoint 0xF has invalid maxpacket 100, setting to 64
[  370.084896][ T5860] usb 5-1: config 11 interface 92 has no altsetting 0
[  370.098852][ T5860] usb 5-1: New USB device found, idVendor=05ac, idProduct=021b, bcdDevice=80.e2
[  370.110195][ T8654] tipc: Started in network mode
[  370.110227][ T8654] tipc: Node identity 52f758789d06, cluster identity 4711
[  370.110395][ T8654] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  370.111209][ T8654] syzkaller0: entered promiscuous mode
[  370.124870][ T5860] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.124897][ T5860] usb 5-1: Product: syz
[  370.124915][ T5860] usb 5-1: Manufacturer: syz
[  370.124933][ T5860] usb 5-1: SerialNumber: syz
[  370.128249][ T8651] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  370.194737][ T8654] syzkaller0: entered allmulticast mode
[  370.277722][ T8653] tipc: Resetting bearer <eth:syzkaller0>
[  370.293568][   T24] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  370.345763][ T8653] tipc: Disabling bearer <eth:syzkaller0>
[  370.409261][ T5860] appletouch 5-1:11.92: Could not find int-in endpoint
[  370.446263][ T5860] appletouch 5-1:11.92: probe with driver appletouch failed with error -5
[  370.475799][ T5860] usbhid 5-1:11.92: couldn't find an input interrupt endpoint
[  370.500790][   T24] usb 4-1: Using ep0 maxpacket: 16
[  370.510077][ T5860] usb 5-1: USB disconnect, device number 12
[  370.528702][   T24] usb 4-1: unable to get BOS descriptor or descriptor too short
[  370.547171][   T24] usb 4-1: config 11 has an invalid interface number: 92 but max is 0
[  370.573630][   T24] usb 4-1: config 11 has no interface number 0
[  370.585196][   T24] usb 4-1: config 11 interface 92 altsetting 255 endpoint 0x5 has an invalid bInterval 51, changing to 9
[  370.665699][   T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  370.873709][   T24] usb 4-1: config 11 interface 92 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  370.894569][   T24] usb 4-1: config 11 interface 92 altsetting 255 endpoint 0xF has invalid maxpacket 100, setting to 64
[  370.906778][   T24] usb 4-1: config 11 interface 92 has no altsetting 0
[  371.108078][ T8671] loop2: detected capacity change from 0 to 2048
[  371.121936][ T8671] ext4: Unknown parameter 'smackfsroot'
[  371.724018][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=021b, bcdDevice=80.e2
[  371.734674][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.744333][   T24] usb 4-1: Product: syz
[  371.744826][   T10] usb 6-1: Using ep0 maxpacket: 32
[  371.748481][   T24] usb 4-1: Manufacturer: syz
[  371.748505][   T24] usb 4-1: SerialNumber: syz
[  372.099933][   T10] usb 6-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  372.319225][   T24] appletouch 4-1:11.92: Could not find int-in endpoint
[  372.331543][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.347115][   T24] appletouch 4-1:11.92: probe with driver appletouch failed with error -5
[  372.360847][   T10] usb 6-1: Product: syz
[  372.378149][   T10] usb 6-1: Manufacturer: syz
[  372.386770][   T24] usbhid 4-1:11.92: couldn't find an input interrupt endpoint
[  372.418795][   T10] usb 6-1: SerialNumber: syz
[  372.455933][   T24] usb 4-1: USB disconnect, device number 16
[  372.546240][   T10] usb 6-1: config 0 descriptor??
[  372.635524][ T8682] lo speed is unknown, defaulting to 1000
[  372.644216][ T5860] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  372.795074][ T5860] usb 3-1: device descriptor read/64, error -71
[  372.946827][   T10] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: version d4.15 found at bus 006 address 018
[  372.963577][   T43] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  372.970918][ T8657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  372.986796][ T8657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  373.373949][   T43] usb 5-1: Using ep0 maxpacket: 8
[  373.613071][   T43] usb 5-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  373.717379][   T43] usb 5-1: config 0 interface 0 has no altsetting 0
[  373.731865][ T8691] FAULT_INJECTION: forcing a failure.
[  373.731865][ T8691] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  373.755862][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  373.755883][   T30] audit: type=1326 audit(1753610352.520:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  373.796443][   T43] usb 5-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  373.826510][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.845242][ T8691] CPU: 1 UID: 0 PID: 8691 Comm: syz.3.717 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  373.845280][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  373.845296][ T8691] Call Trace:
[  373.845306][ T8691]  <TASK>
[  373.845317][ T8691]  dump_stack_lvl+0x189/0x250
[  373.845355][ T8691]  ? __pfx____ratelimit+0x10/0x10
[  373.845384][ T8691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.845415][ T8691]  ? __pfx__printk+0x10/0x10
[  373.845452][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.845494][ T8691]  should_fail_ex+0x414/0x560
[  373.845529][ T8691]  prepare_alloc_pages+0x213/0x610
[  373.845565][ T8691]  __alloc_frozen_pages_noprof+0x123/0x370
[  373.845597][ T8691]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  373.845622][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.845660][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.845687][ T8691]  ? policy_nodemask+0x27c/0x720
[  373.845732][ T8691]  alloc_pages_mpol+0x232/0x4a0
[  373.845782][ T8691]  folio_alloc_mpol_noprof+0x39/0x70
[  373.845823][ T8691]  shmem_alloc_and_add_folio+0x447/0xf60
[  373.845859][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.845891][ T8691]  ? filemap_get_entry+0xad/0x2f0
[  373.845915][ T8691]  ? filemap_get_entry+0xad/0x2f0
[  373.845936][ T8691]  ? filemap_get_entry+0xad/0x2f0
[  373.845961][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.845990][ T8691]  ? filemap_get_entry+0x28f/0x2f0
[  373.846017][ T8691]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  373.846060][ T8691]  ? shmem_allowable_huge_orders+0x1f8/0x420
[  373.846089][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846128][ T8691]  shmem_get_folio_gfp+0x59d/0x1660
[  373.846185][ T8691]  shmem_fallocate+0x80f/0xde0
[  373.846246][ T8691]  ? __pfx_shmem_fallocate+0x10/0x10
[  373.846293][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846321][ T8691]  ? rcu_read_lock_any_held+0xb3/0x120
[  373.846354][ T8691]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  373.846387][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846420][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846456][ T8691]  vfs_fallocate+0x6a3/0x830
[  373.846490][ T8691]  ? __fget_files+0x2a/0x420
[  373.846519][ T8691]  ? __pfx_vfs_fallocate+0x10/0x10
[  373.846553][ T8691]  ? __fget_files+0x2a/0x420
[  373.846579][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846613][ T8691]  __x64_sys_fallocate+0xc0/0x110
[  373.846655][ T8691]  do_syscall_64+0xfa/0x3b0
[  373.846683][ T8691]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.846710][ T8691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.846733][ T8691]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.846761][ T8691]  ? exc_page_fault+0x9f/0xf0
[  373.846795][ T8691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.846820][ T8691] RIP: 0033:0x7faa3bb8e9a9
[  373.846842][ T8691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.846863][ T8691] RSP: 002b:00007faa3ca74038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  373.846890][ T8691] RAX: ffffffffffffffda RBX: 00007faa3bdb5fa0 RCX: 00007faa3bb8e9a9
[  373.846908][ T8691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  373.846924][ T8691] RBP: 00007faa3ca74090 R08: 0000000000000000 R09: 0000000000000000
[  373.846939][ T8691] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000001
[  373.846955][ T8691] R13: 0000000000000000 R14: 00007faa3bdb5fa0 R15: 00007ffe0313b468
[  373.846994][ T8691]  </TASK>
[  373.945444][   T30] audit: type=1326 audit(1753610352.520:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  374.068236][   T43] usb 5-1: config 0 descriptor??
[  374.084819][ T5860] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  374.096441][   T43] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input10
[  374.105534][   T30] audit: type=1326 audit(1753610352.520:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  374.111119][   T10] usb 6-1: USB disconnect, device number 18
[  374.192507][   T30] audit: type=1326 audit(1753610352.520:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  374.192597][   T30] audit: type=1326 audit(1753610352.520:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  374.192650][   T30] audit: type=1326 audit(1753610352.520:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faa3bb8d310 code=0x7ffc0000
[  374.192720][   T30] audit: type=1326 audit(1753610352.520:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faa3bb8d45f code=0x7ffc0000
[  374.192778][   T30] audit: type=1326 audit(1753610352.520:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  374.192854][   T30] audit: type=1326 audit(1753610352.640:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7faa3bb8d3bc code=0x7ffc0000
[  374.192907][   T30] audit: type=1326 audit(1753610352.640:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8690 comm="syz.3.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faa3bb8d45f code=0x7ffc0000
[  374.505453][ T5198] bcm5974 5-1:0.0: could not write to device
[  374.656638][ T5860] usb 3-1: device descriptor read/64, error -71
[  374.775737][ T5860] usb usb3-port1: attempt power cycle
[  374.789362][ T5198] bcm5974 5-1:0.0: could not read from device
[  374.805515][   T43] usb 5-1: USB disconnect, device number 13
[  374.840380][ T8698] netlink: 4 bytes leftover after parsing attributes in process `syz.6.718'.
[  374.898969][ T8701] netlink: 4 bytes leftover after parsing attributes in process `syz.6.718'.
[  375.135220][ T5860] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  375.164513][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  375.464670][   T10] usb 7-1: Using ep0 maxpacket: 16
[  375.598133][   T10] usb 7-1: config 0 has an invalid interface number: 217 but max is 0
[  375.764388][   T10] usb 7-1: config 0 has no interface number 0
[  375.827017][ T5860] usb 3-1: device descriptor read/8, error -71
[  375.836330][   T10] usb 7-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=32.5e
[  375.860178][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.895733][   T10] usb 7-1: Product: syz
[  375.900079][   T10] usb 7-1: Manufacturer: syz
[  375.919661][   T10] usb 7-1: SerialNumber: syz
[  375.961997][   T10] usb 7-1: config 0 descriptor??
[  375.993375][ T8706] loop3: detected capacity change from 0 to 256
[  376.031834][   T10] ttusb_dec_send_command: command bulk message failed: error -22
[  376.047141][   T10] ttusb-dec 7-1:0.217: probe with driver ttusb-dec failed with error -22
[  376.065904][ T8706] exfat: Deprecated parameter 'namecase'
[  376.071619][ T8706] exfat: Deprecated parameter 'namecase'
[  376.079809][ T8709] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  376.118737][ T8709] syzkaller0: entered promiscuous mode
[  376.157009][ T8709] syzkaller0: entered allmulticast mode
[  376.189446][ T8706] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  376.199320][ T8711] loop2: detected capacity change from 0 to 4096
[  376.234648][   T10] usb 7-1: USB disconnect, device number 13
[  376.279265][ T8708] tipc: Resetting bearer <eth:syzkaller0>
[  376.377297][ T8708] tipc: Disabling bearer <eth:syzkaller0>
[  378.049280][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.057221][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  378.494954][ T8740] loop0: detected capacity change from 0 to 256
[  379.032079][ T8734] loop5: detected capacity change from 0 to 4096
[  379.072511][ T8740] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  379.146073][ T8731] loop2: detected capacity change from 0 to 4096
[  379.771006][ T8746] GUP no longer grows the stack in syz.3.734 (8746): 200000006000-20000000a000 (200000005000)
[  379.789709][ T8746] CPU: 0 UID: 0 PID: 8746 Comm: syz.3.734 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  379.789744][ T8746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  379.789759][ T8746] Call Trace:
[  379.789769][ T8746]  <TASK>
[  379.789779][ T8746]  dump_stack_lvl+0x189/0x250
[  379.789819][ T8746]  ? __pfx_dump_stack_lvl+0x10/0x10
[  379.789850][ T8746]  ? __pfx__printk+0x10/0x10
[  379.789881][ T8746]  ? find_vma+0xe7/0x160
[  379.789921][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.789959][ T8746]  __get_user_pages+0x2a60/0x30b0
[  379.790001][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790060][ T8746]  ? __pfx___get_user_pages+0x10/0x10
[  379.790089][ T8746]  ? __gup_longterm_locked+0xbf7/0x15b0
[  379.790121][ T8746]  ? down_read_killable+0x1d1/0x350
[  379.790152][ T8746]  ? try_get_folio+0x633/0x660
[  379.790189][ T8746]  __gup_longterm_locked+0xd66/0x15b0
[  379.790227][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790254][ T8746]  ? try_grab_folio_fast+0x1be/0x4f0
[  379.790301][ T8746]  ? gup_fast_fallback+0x1afc/0x2260
[  379.790337][ T8746]  gup_fast_fallback+0x1cd4/0x2260
[  379.790414][ T8746]  ? __pfx_gup_fast_fallback+0x10/0x10
[  379.790442][ T8746]  ? trace_contention_end+0x39/0x120
[  379.790475][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790502][ T8746]  ? __mutex_lock+0x330/0xe80
[  379.790541][ T8746]  ? is_valid_gup_args+0x11f/0x200
[  379.790574][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790602][ T8746]  ? get_user_pages_fast+0x4d/0xb0
[  379.790636][ T8746]  __iov_iter_get_pages_alloc+0x39a/0xb40
[  379.790682][ T8746]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  379.790703][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790730][ T8746]  ? wait_for_space+0x24d/0x2d0
[  379.790770][ T8746]  iov_iter_get_pages2+0x5e/0xa0
[  379.790810][ T8746]  __se_sys_vmsplice+0x548/0x10d0
[  379.790846][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.790889][ T8746]  ? wake_up_q+0xca/0x110
[  379.790924][ T8746]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  379.790965][ T8746]  ? __pfx_futex_wake+0x10/0x10
[  379.791016][ T8746]  ? __lock_acquire+0xab9/0xd20
[  379.791062][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.791118][ T8746]  ? rcu_is_watching+0x15/0xb0
[  379.791154][ T8746]  ? do_syscall_64+0xbe/0x3b0
[  379.791181][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.791213][ T8746]  do_syscall_64+0xfa/0x3b0
[  379.791239][ T8746]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.791265][ T8746]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.791288][ T8746]  ? srso_alias_return_thunk+0x5/0xfbef5
[  379.791315][ T8746]  ? exc_page_fault+0x9f/0xf0
[  379.791344][ T8746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.791367][ T8746] RIP: 0033:0x7faa3bb8e9a9
[  379.791388][ T8746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.791409][ T8746] RSP: 002b:00007faa3ca74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  379.791440][ T8746] RAX: ffffffffffffffda RBX: 00007faa3bdb5fa0 RCX: 00007faa3bb8e9a9
[  379.791458][ T8746] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000f
[  379.791474][ T8746] RBP: 00007faa3bc10d69 R08: 0000000000000000 R09: 0000000000000000
[  379.791489][ T8746] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  379.791504][ T8746] R13: 0000000000000000 R14: 00007faa3bdb5fa0 R15: 00007ffe0313b468
[  379.791549][ T8746]  </TASK>
[  380.438551][ T8731] ntfs3(loop2): Failed to read $AttrDef (-4).
[  381.359234][ T8763] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.739'.
[  381.374168][ T8763] FAULT_INJECTION: forcing a failure.
[  381.374168][ T8763] name failslab, interval 1, probability 0, space 0, times 0
[  381.454951][ T8763] CPU: 0 UID: 0 PID: 8763 Comm: syz.3.739 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  381.454990][ T8763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  381.455006][ T8763] Call Trace:
[  381.455015][ T8763]  <TASK>
[  381.455026][ T8763]  dump_stack_lvl+0x189/0x250
[  381.455064][ T8763]  ? __pfx____ratelimit+0x10/0x10
[  381.455093][ T8763]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.455123][ T8763]  ? __pfx__printk+0x10/0x10
[  381.455169][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.455206][ T8763]  should_fail_ex+0x414/0x560
[  381.455237][ T8763]  should_failslab+0xa8/0x100
[  381.455275][ T8763]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  381.455308][ T8763]  ? gnet_stats_copy_app+0x5f/0x250
[  381.455336][ T8763]  ? __asan_memcpy+0x40/0x70
[  381.455367][ T8763]  kmemdup_noprof+0x2b/0x70
[  381.455393][ T8763]  gnet_stats_copy_app+0x5f/0x250
[  381.455426][ T8763]  pie_dump_stats+0x230/0x350
[  381.455452][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.455480][ T8763]  ? __pfx_pie_dump_stats+0x10/0x10
[  381.455504][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.455533][ T8763]  ? nla_put_64bit+0xd6/0x150
[  381.455568][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.455592][ T8763]  ? gnet_stats_start_copy_compat+0x363/0x470
[  381.455626][ T8763]  tc_fill_qdisc+0xa7f/0x1150
[  381.455670][ T8763]  ? __pfx_tc_fill_qdisc+0x10/0x10
[  381.455695][ T8763]  ? stack_trace_save+0x9c/0xe0
[  381.455725][ T8763]  ? __pfx___nla_validate_parse+0x10/0x10
[  381.455769][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.455798][ T8763]  ? do_raw_spin_lock+0x121/0x290
[  381.455838][ T8763]  tc_dump_qdisc_root+0x438/0x660
[  381.455881][ T8763]  tc_dump_qdisc+0x4d3/0xd10
[  381.455926][ T8763]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  381.455979][ T8763]  ? __build_skb_around+0x257/0x3e0
[  381.456014][ T8763]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  381.456040][ T8763]  rtnl_dumpit+0xa2/0x200
[  381.456076][ T8763]  netlink_dump+0x6de/0xe60
[  381.456106][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.456145][ T8763]  ? __pfx_netlink_dump+0x10/0x10
[  381.456191][ T8763]  ? netlink_lookup+0x30/0x200
[  381.456221][ T8763]  ? netlink_lookup+0x30/0x200
[  381.456248][ T8763]  ? netlink_lookup+0x30/0x200
[  381.456285][ T8763]  __netlink_dump_start+0x5cb/0x7e0
[  381.456326][ T8763]  rtnetlink_rcv_msg+0x9eb/0xb70
[  381.456358][ T8763]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  381.456383][ T8763]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  381.456412][ T8763]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  381.456440][ T8763]  ? ref_tracker_free+0x63a/0x7d0
[  381.456464][ T8763]  ? __pfx_rtnl_dumpit+0x10/0x10
[  381.456493][ T8763]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  381.456520][ T8763]  ? __skb_clone+0x63/0x7a0
[  381.456551][ T8763]  netlink_rcv_skb+0x208/0x470
[  381.456585][ T8763]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  381.456617][ T8763]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  381.456664][ T8763]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.456695][ T8763]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.456733][ T8763]  netlink_unicast+0x75c/0x8e0
[  381.456775][ T8763]  netlink_sendmsg+0x805/0xb30
[  381.456823][ T8763]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.456859][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.456883][ T8763]  ? aa_sock_msg_perm+0x94/0x160
[  381.456909][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.456934][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.456959][ T8763]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.456993][ T8763]  __sock_sendmsg+0x21c/0x270
[  381.457025][ T8763]  sock_write_iter+0x258/0x330
[  381.457048][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.457077][ T8763]  ? __pfx_sock_write_iter+0x10/0x10
[  381.457113][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.457138][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.457162][ T8763]  ? security_file_permission+0x75/0x290
[  381.457207][ T8763]  vfs_write+0x54b/0xa90
[  381.457243][ T8763]  ? __pfx_sock_write_iter+0x10/0x10
[  381.457269][ T8763]  ? __pfx_vfs_write+0x10/0x10
[  381.457312][ T8763]  ? __fget_files+0x2a/0x420
[  381.457337][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.457367][ T8763]  ksys_write+0x145/0x250
[  381.457401][ T8763]  ? __pfx_ksys_write+0x10/0x10
[  381.457428][ T8763]  ? rcu_is_watching+0x15/0xb0
[  381.457461][ T8763]  ? do_syscall_64+0xbe/0x3b0
[  381.457492][ T8763]  do_syscall_64+0xfa/0x3b0
[  381.457516][ T8763]  ? lockdep_hardirqs_on+0x9c/0x150
[  381.457539][ T8763]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.457559][ T8763]  ? srso_alias_return_thunk+0x5/0xfbef5
[  381.457584][ T8763]  ? exc_page_fault+0x9f/0xf0
[  381.457609][ T8763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.457630][ T8763] RIP: 0033:0x7faa3bb8e9a9
[  381.457648][ T8763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.457667][ T8763] RSP: 002b:00007faa3ca74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  381.457689][ T8763] RAX: ffffffffffffffda RBX: 00007faa3bdb5fa0 RCX: 00007faa3bb8e9a9
[  381.457705][ T8763] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[  381.457718][ T8763] RBP: 00007faa3ca74090 R08: 0000000000000000 R09: 0000000000000000
[  381.457732][ T8763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.457745][ T8763] R13: 0000000000000000 R14: 00007faa3bdb5fa0 R15: 00007ffe0313b468
[  381.457787][ T8763]  </TASK>
[  381.461443][ T8754] lo speed is unknown, defaulting to 1000
[  381.785203][ T8772] loop5: detected capacity change from 0 to 4096
[  381.824629][ T8776] netlink: 244 bytes leftover after parsing attributes in process `syz.6.743'.
[  382.030424][ T8778] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.040347][  T971] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  382.189834][ T8775] syzkaller0: entered promiscuous mode
[  382.209723][ T8775] syzkaller0: entered allmulticast mode
[  382.256064][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.6.745'.
[  382.316340][  T971] usb 3-1: config 0 interface 0 has no altsetting 0
[  382.505545][  T971] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  382.594602][  T971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.658139][  T971] usb 3-1: config 0 descriptor??
[  382.665811][ T8773] tipc: Resetting bearer <eth:syzkaller0>
[  382.686487][ T8783] netlink: 4 bytes leftover after parsing attributes in process `syz.6.745'.
[  382.750704][ T8785] loop4: detected capacity change from 0 to 256
[  382.787275][ T8773] tipc: Disabling bearer <eth:syzkaller0>
[  382.987914][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  382.988000][   T30] audit: type=1326 audit(1753610361.780:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.023932][ T5940] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  383.287910][   T30] audit: type=1326 audit(1753610361.820:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.515038][   T30] audit: type=1326 audit(1753610361.830:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.685413][ T8771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.838264][   T30] audit: type=1326 audit(1753610361.840:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.864182][ T8771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.919803][   T30] audit: type=1326 audit(1753610361.840:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.943963][   T30] audit: type=1326 audit(1753610361.840:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.956781][ T8771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.968003][   T43] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  383.968773][   T30] audit: type=1326 audit(1753610361.840:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  383.969462][   T30] audit: type=1326 audit(1753610361.850:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  384.011297][  T971] video4linux radio48: keene_cmd_set failed (-110)
[  384.011353][  T971] radio-keene 3-1:0.0: V4L2 device registered as radio48
[  384.054080][ T5940] usb 7-1: Using ep0 maxpacket: 16
[  384.073673][ T8771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  384.086220][ T5940] usb 7-1: config 0 has an invalid interface number: 217 but max is 0
[  384.096164][ T5940] usb 7-1: config 0 has no interface number 0
[  384.115766][   T30] audit: type=1326 audit(1753610361.850:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  384.163646][ T5940] usb 7-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=32.5e
[  384.174392][   T43] usb 5-1: Using ep0 maxpacket: 16
[  384.185197][ T5940] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.203783][ T5940] usb 7-1: Product: syz
[  384.208095][   T43] usb 5-1: config 4 has an invalid interface number: 9 but max is 0
[  384.218554][   T43] usb 5-1: config 4 has no interface number 0
[  384.229805][ T5940] usb 7-1: Manufacturer: syz
[  384.238321][   T43] usb 5-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  384.253004][ T5940] usb 7-1: SerialNumber: syz
[  384.262916][   T30] audit: type=1326 audit(1753610361.850:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8787 comm="syz.5.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  384.300253][ T5940] usb 7-1: config 0 descriptor??
[  384.313632][   T43] usb 5-1: config 4 interface 9 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 167
[  384.345026][ T8771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  384.363965][ T5940] ttusb_dec_send_command: command bulk message failed: error -22
[  384.371954][ T5940] ttusb-dec 7-1:0.217: probe with driver ttusb-dec failed with error -22
[  384.390968][   T43] usb 5-1: config 4 interface 9 has no altsetting 0
[  384.391266][ T8771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  384.417954][   T43] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[  384.438357][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.450722][ T8798] loop0: detected capacity change from 0 to 256
[  384.461476][   T43] usb 5-1: Product: syz
[  384.469564][   T43] usb 5-1: Manufacturer: syz
[  384.475187][   T43] usb 5-1: SerialNumber: syz
[  384.486010][ T8785] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  384.494285][ T8785] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  384.519789][   T43] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  384.565463][  T971] usb 7-1: USB disconnect, device number 14
[  384.565794][ T8798] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  384.618173][ T8792] loop3: detected capacity change from 0 to 4096
[  385.191213][ T8806] loop5: detected capacity change from 0 to 256
[  385.231390][ T8806] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  385.249394][ T8805] team0: Device vti0 is of different type
[  385.584179][ T6246] usb 5-1: Failed to submit usb control message: -110
[  385.769196][ T6246] usb 5-1: unable to send the bmi data to the device: -110
[  385.777316][ T6246] usb 5-1: unable to get target info from device
[  385.785632][ T6246] usb 5-1: could not get target info (-110)
[  385.791584][ T6246] usb 5-1: could not probe fw (-110)
[  385.806018][ T8808] loop9: detected capacity change from 0 to 7
[  385.859719][ T8808] Dev loop9: unable to read RDB block 7
[  386.205016][ T8808]  loop9: AHDI p1 p2 p3
[  386.209327][ T8808] loop9: partition table partially beyond EOD, truncated
[  387.275575][ T8808] loop9: p1 start 1601398130 is beyond EOD, truncated
[  387.305182][ T8808] loop9: p2 start 1702059890 is beyond EOD, truncated
[  387.305212][  T971] usb 5-1: USB disconnect, device number 14
[  388.963677][ T8827] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  389.935694][ T8833] netlink: 244 bytes leftover after parsing attributes in process `syz.0.757'.
[  390.141020][   T43] usb 3-1: USB disconnect, device number 15
[  390.326126][ T8837] loop0: detected capacity change from 0 to 256
[  390.448200][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  390.448221][   T30] audit: type=1326 audit(1753610369.240:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.174577][   T30] audit: type=1326 audit(1753610369.270:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.198092][   T30] audit: type=1326 audit(1753610369.270:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.221491][   T30] audit: type=1326 audit(1753610369.280:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.249341][   T30] audit: type=1326 audit(1753610369.290:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.275330][ T8837] msdos: Unknown parameter 'nod"{)RôZWA^ots'
[  391.281462][   T30] audit: type=1326 audit(1753610369.290:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.357934][   T30] audit: type=1326 audit(1753610369.290:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  391.458891][ T8835] loop4: detected capacity change from 0 to 4096
[  391.633551][   T30] audit: type=1326 audit(1753610369.290:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  392.110953][   T30] audit: type=1326 audit(1753610369.290:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  392.366734][   T30] audit: type=1326 audit(1753610369.290:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.2.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6b39f8e9a9 code=0x7ffc0000
[  395.163730][   T43] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  395.309495][ T8875] netlink: 48 bytes leftover after parsing attributes in process `syz.2.772'.
[  395.322967][   T43] usb 6-1: Using ep0 maxpacket: 16
[  395.334742][   T43] usb 6-1: unable to get BOS descriptor or descriptor too short
[  395.394185][   T43] usb 6-1: config 11 has an invalid interface number: 92 but max is 0
[  395.421697][   T43] usb 6-1: config 11 has no interface number 0
[  395.455526][   T43] usb 6-1: config 11 interface 92 altsetting 255 endpoint 0x5 has an invalid bInterval 51, changing to 9
[  395.504145][   T43] usb 6-1: config 11 interface 92 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  395.568623][   T43] usb 6-1: config 11 interface 92 altsetting 255 endpoint 0xF has invalid maxpacket 100, setting to 64
[  395.575292][ T8876] loop4: detected capacity change from 0 to 512
[  395.688304][   T43] usb 6-1: config 11 interface 92 has no altsetting 0
[  395.721891][ T8884] loop0: detected capacity change from 0 to 64
[  395.735280][   T43] usb 6-1: New USB device found, idVendor=05ac, idProduct=021b, bcdDevice=80.e2
[  395.770526][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.823957][ T8885] netlink: 244 bytes leftover after parsing attributes in process `syz.3.774'.
[  395.838561][   T43] usb 6-1: Product: syz
[  396.154655][   T43] usb 6-1: Manufacturer: syz
[  396.160573][   T43] usb 6-1: SerialNumber: syz
[  396.427674][   T43] appletouch 6-1:11.92: Could not find int-in endpoint
[  396.454337][   T43] appletouch 6-1:11.92: probe with driver appletouch failed with error -5
[  396.458112][ T8876] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.512962][   T43] usbhid 6-1:11.92: couldn't find an input interrupt endpoint
[  396.571862][   T43] usb 6-1: USB disconnect, device number 19
[  396.680334][ T8876] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.719994][ T8891] loop3: detected capacity change from 0 to 256
[  396.798284][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  396.798308][   T30] audit: type=1326 audit(1753610375.590:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.450674][ T8891] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  397.544534][ T8897] Bluetooth: MGMT ver 1.23
[  397.632055][   T30] audit: type=1326 audit(1753610375.620:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.657445][   T30] audit: type=1326 audit(1753610375.630:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.684857][   T30] audit: type=1326 audit(1753610375.640:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.711872][   T30] audit: type=1326 audit(1753610375.640:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.736829][   T30] audit: type=1326 audit(1753610375.640:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.761776][   T30] audit: type=1326 audit(1753610375.640:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.786163][   T30] audit: type=1326 audit(1753610375.640:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  397.986647][   T30] audit: type=1326 audit(1753610375.640:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  398.131519][   T30] audit: type=1326 audit(1753610375.640:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.6.778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  398.143953][ T8904] loop0: detected capacity change from 0 to 128
[  398.207267][ T8904] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  398.256995][ T8904] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  398.527394][ T8909] FAULT_INJECTION: forcing a failure.
[  398.527394][ T8909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.544775][ T8909] CPU: 0 UID: 0 PID: 8909 Comm: syz.5.782 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  398.544799][ T8909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  398.544811][ T8909] Call Trace:
[  398.544819][ T8909]  <TASK>
[  398.544827][ T8909]  dump_stack_lvl+0x189/0x250
[  398.544855][ T8909]  ? __pfx____ratelimit+0x10/0x10
[  398.544880][ T8909]  ? __pfx_dump_stack_lvl+0x10/0x10
[  398.544912][ T8909]  ? __pfx__printk+0x10/0x10
[  398.544963][ T8909]  should_fail_ex+0x414/0x560
[  398.544998][ T8909]  _copy_to_user+0x31/0xb0
[  398.545027][ T8909]  do_arpt_get_ctl+0x92f/0x1010
[  398.545054][ T8909]  ? __pfx_do_arpt_get_ctl+0x10/0x10
[  398.545079][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545100][ T8909]  ? __mutex_trylock_common+0x153/0x260
[  398.545129][ T8909]  ? __pfx___mutex_trylock_common+0x10/0x10
[  398.545156][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545177][ T8909]  ? rcu_is_watching+0x15/0xb0
[  398.545205][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545234][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545255][ T8909]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  398.545277][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545304][ T8909]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  398.545331][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545364][ T8909]  nf_getsockopt+0x26e/0x290
[  398.545389][ T8909]  ip_getsockopt+0x1c4/0x220
[  398.545413][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545440][ T8909]  ? __pfx_ip_getsockopt+0x10/0x10
[  398.545469][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545495][ T8909]  ipv6_getsockopt+0x182/0x290
[  398.545523][ T8909]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  398.545544][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545566][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545586][ T8909]  ? sock_common_getsockopt+0x2d/0xb0
[  398.545609][ T8909]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  398.545636][ T8909]  do_sock_getsockopt+0x372/0x450
[  398.545668][ T8909]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  398.545696][ T8909]  ? do_syscall_64+0x20/0x3b0
[  398.545718][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545739][ T8909]  ? __fget_files+0x3a0/0x420
[  398.545756][ T8909]  ? __fget_files+0x2a/0x420
[  398.545780][ T8909]  __x64_sys_getsockopt+0x1a5/0x250
[  398.545808][ T8909]  ? do_syscall_64+0x20/0x3b0
[  398.545831][ T8909]  ? do_syscall_64+0x20/0x3b0
[  398.545856][ T8909]  do_syscall_64+0xfa/0x3b0
[  398.545876][ T8909]  ? lockdep_hardirqs_on+0x9c/0x150
[  398.545896][ T8909]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.545913][ T8909]  ? srso_alias_return_thunk+0x5/0xfbef5
[  398.545934][ T8909]  ? exc_page_fault+0x9f/0xf0
[  398.545955][ T8909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.545974][ T8909] RIP: 0033:0x7ff4d738e9a9
[  398.545990][ T8909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.546005][ T8909] RSP: 002b:00007ff4d829b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  398.546024][ T8909] RAX: ffffffffffffffda RBX: 00007ff4d75b6080 RCX: 00007ff4d738e9a9
[  398.546038][ T8909] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000005
[  398.546048][ T8909] RBP: 00007ff4d829b090 R08: 0000200000000040 R09: 0000000000000000
[  398.546061][ T8909] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000001
[  398.546072][ T8909] R13: 0000000000000000 R14: 00007ff4d75b6080 R15: 00007ffd9c4f9448
[  398.546101][ T8909]  </TASK>
[  398.957568][ T8907] loop2: detected capacity change from 0 to 512
[  398.998061][ T8907] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.783: Failed to acquire dquot type 1
[  399.021701][ T8907] EXT4-fs (loop2): 1 truncate cleaned up
[  399.035118][ T8907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.165378][ T8907] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  399.607288][ T5859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.644226][   T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  399.933972][ T5857] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.788979][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  436.845339][ T8929] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  436.846229][ T8929] syzkaller0: entered promiscuous mode
[  436.846252][ T8929] syzkaller0: entered allmulticast mode
[  436.928345][ T8928] tipc: Resetting bearer <eth:syzkaller0>
[  436.950980][ T8928] tipc: Disabling bearer <eth:syzkaller0>
[  436.975236][ T5865] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  437.010716][ T8936] loop3: detected capacity change from 0 to 256
[  437.019190][ T8930] lo speed is unknown, defaulting to 1000
[  437.030874][ T8936] exfat: Deprecated parameter 'namecase'
[  437.045062][ T8936] exfat: Deprecated parameter 'namecase'
[  437.099328][ T8936] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  437.144992][ T5865] usb 3-1: Using ep0 maxpacket: 8
[  437.155766][ T5865] usb 3-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  437.189853][ T5865] usb 3-1: config 0 interface 0 has no altsetting 0
[  437.201334][ T5865] usb 3-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  437.215170][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.234860][ T5865] usb 3-1: config 0 descriptor??
[  437.260771][ T5865] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input11
[  437.658113][ T5198] bcm5974 3-1:0.0: could not write to device
[  437.671169][ T5198] bcm5974 3-1:0.0: could not read from device
[  437.672534][ T5865] usb 3-1: USB disconnect, device number 16
[  439.426428][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  439.440809][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  458.171839][ T8948] loop3: detected capacity change from 0 to 64
[  458.186463][ T8949] netlink: 12 bytes leftover after parsing attributes in process `syz.5.797'.
[  458.335164][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  458.335201][   T30] audit: type=1326 audit(1753610437.050:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  458.369711][ T8943] loop0: detected capacity change from 0 to 256
[  458.540905][ T8943] msdos: Unknown parameter 'nod"{)RôZWA^ots'
[  459.050224][   T30] audit: type=1326 audit(1753610437.050:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.075679][   T30] audit: type=1326 audit(1753610437.060:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.100944][   T30] audit: type=1326 audit(1753610437.060:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.125811][   T30] audit: type=1326 audit(1753610437.060:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.154992][   T30] audit: type=1326 audit(1753610437.060:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.180612][   T30] audit: type=1326 audit(1753610437.070:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.206721][ T8955] loop5: detected capacity change from 0 to 256
[  459.218494][   T30] audit: type=1326 audit(1753610437.070:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.284957][   T30] audit: type=1326 audit(1753610437.070:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  459.438523][ T8949] gfs2: path_lookup on c::: returned error -2
[  459.463318][   T30] audit: type=1326 audit(1753610437.070:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8944 comm="syz.6.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  460.327591][ T8972] FAULT_INJECTION: forcing a failure.
[  460.327591][ T8972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.383845][ T8972] CPU: 1 UID: 0 PID: 8972 Comm: syz.0.802 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  460.383885][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  460.383901][ T8972] Call Trace:
[  460.383910][ T8972]  <TASK>
[  460.383921][ T8972]  dump_stack_lvl+0x189/0x250
[  460.383958][ T8972]  ? __pfx____ratelimit+0x10/0x10
[  460.383987][ T8972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.384018][ T8972]  ? __pfx__printk+0x10/0x10
[  460.384053][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384097][ T8972]  should_fail_ex+0x414/0x560
[  460.384130][ T8972]  _copy_from_iter+0x1db/0x16f0
[  460.384167][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384194][ T8972]  ? rcu_is_watching+0x15/0xb0
[  460.384226][ T8972]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  460.384265][ T8972]  ? __pfx__copy_from_iter+0x10/0x10
[  460.384298][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384326][ T8972]  ? __build_skb_around+0x257/0x3e0
[  460.384368][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384397][ T8972]  ? skb_put+0x11b/0x210
[  460.384438][ T8972]  netlink_sendmsg+0x6b2/0xb30
[  460.384489][ T8972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.384530][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384557][ T8972]  ? aa_sock_msg_perm+0x94/0x160
[  460.384588][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384615][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384644][ T8972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.384682][ T8972]  __sock_sendmsg+0x21c/0x270
[  460.384719][ T8972]  ____sys_sendmsg+0x505/0x830
[  460.384750][ T8972]  ? __pfx_____sys_sendmsg+0x10/0x10
[  460.384784][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384817][ T8972]  ? import_iovec+0x74/0xa0
[  460.384857][ T8972]  ___sys_sendmsg+0x21f/0x2a0
[  460.384886][ T8972]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.384918][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.384981][ T8972]  ? __fget_files+0x2a/0x420
[  460.385001][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.385029][ T8972]  ? __fget_files+0x3a0/0x420
[  460.385065][ T8972]  __x64_sys_sendmsg+0x19b/0x260
[  460.385092][ T8972]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  460.385128][ T8972]  ? __pfx_ksys_write+0x10/0x10
[  460.385159][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.385195][ T8972]  ? do_syscall_64+0xbe/0x3b0
[  460.385230][ T8972]  do_syscall_64+0xfa/0x3b0
[  460.385257][ T8972]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.385283][ T8972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.385306][ T8972]  ? srso_alias_return_thunk+0x5/0xfbef5
[  460.385333][ T8972]  ? exc_page_fault+0x9f/0xf0
[  460.385362][ T8972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.385385][ T8972] RIP: 0033:0x7fdb87f8e9a9
[  460.385407][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.385428][ T8972] RSP: 002b:00007fdb85df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.385453][ T8972] RAX: ffffffffffffffda RBX: 00007fdb881b6080 RCX: 00007fdb87f8e9a9
[  460.385472][ T8972] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  460.385488][ T8972] RBP: 00007fdb85df6090 R08: 0000000000000000 R09: 0000000000000000
[  460.385503][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.385518][ T8972] R13: 0000000000000001 R14: 00007fdb881b6080 R15: 00007ffdcd3a83c8
[  460.385555][ T8972]  </TASK>
[  461.123378][ T8967] loop3: detected capacity change from 0 to 8192
[  461.253861][ T5860] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  461.416298][ T5860] usb 4-1: Using ep0 maxpacket: 16
[  461.428147][ T5860] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  461.451269][ T5860] usb 4-1: config 0 has no interface number 0
[  461.470630][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  461.529363][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0x8 has an invalid bInterval 25, changing to 8
[  461.584229][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  461.670837][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0xB has an invalid bInterval 36, changing to 9
[  461.748733][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  461.821078][ T5860] usb 4-1: config 0 interface 2 has no altsetting 0
[  461.838132][    T9] usb 1-1: Using ep0 maxpacket: 8
[  461.857938][    T9] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  461.876629][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  461.926994][ T8987] loop2: detected capacity change from 0 to 256
[  461.960086][ T5860] usb 4-1: New USB device found, idVendor=1514, idProduct=2008, bcdDevice=dd.f9
[  461.976543][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  462.019544][ T8987] exfat: Deprecated parameter 'namecase'
[  462.035450][ T5860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.050537][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.065706][ T8987] exfat: Deprecated parameter 'namecase'
[  462.074919][ T5860] usb 4-1: Product: syz
[  462.099831][ T5860] usb 4-1: Manufacturer: syz
[  462.180268][ T5860] usb 4-1: SerialNumber: syz
[  462.200318][    T9] usb 1-1: config 0 descriptor??
[  462.237525][ T8987] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  462.247600][ T5860] usb 4-1: config 0 descriptor??
[  462.268130][    T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input12
[  462.301324][ T5860] ftdi_sio 4-1:0.2: FTDI USB Serial Device converter detected
[  462.340903][ T5860] ftdi_sio ttyUSB0: unknown device type: 0xddf9
[  462.424458][ T8989] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  462.443896][ T8989] syzkaller0: entered promiscuous mode
[  462.449430][ T8989] syzkaller0: entered allmulticast mode
[  462.493859][ T5163] Bluetooth: hci1: unexpected event for opcode 0x0803
[  462.501787][ T5163] Bluetooth: hci1: unexpected event for opcode 0x0803
[  462.546079][   T24] usb 4-1: USB disconnect, device number 17
[  462.575819][ T8988] tipc: Resetting bearer <eth:syzkaller0>
[  462.588785][   T24] ftdi_sio 4-1:0.2: device disconnected
[  462.631545][ T8988] tipc: Disabling bearer <eth:syzkaller0>
[  462.651241][ T5198] bcm5974 1-1:0.0: could not write to device
[  462.679746][ T5198] bcm5974 1-1:0.0: could not read from device
[  462.697300][    T9] usb 1-1: USB disconnect, device number 19
[  462.869999][ T9001] 9pnet_fd: Insufficient options for proto=fd
[  462.945295][ T9001] loop5: detected capacity change from 0 to 1024
[  464.351263][ T9001] IPv6: Can't replace route, no match found
[  466.775682][ T9038] cgroup: noprefix used incorrectly
[  466.896097][ T9025] loop5: detected capacity change from 0 to 4096
[  467.099933][ T9045] tipc: Started in network mode
[  467.210952][ T9045] tipc: Node identity 8eb85a2009d9, cluster identity 4711
[  467.424321][ T9045] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  467.477498][ T9051] syzkaller0: entered promiscuous mode
[  467.669967][ T9051] syzkaller0: entered allmulticast mode
[  467.704244][ T9044] tipc: Resetting bearer <eth:syzkaller0>
[  467.811612][ T9044] tipc: Disabling bearer <eth:syzkaller0>
[  468.092000][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  468.092033][   T30] audit: type=1326 audit(1753610446.880:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  468.905669][   T30] audit: type=1326 audit(1753610446.920:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.007199][ T9059] loop3: detected capacity change from 0 to 8192
[  469.049623][   T30] audit: type=1326 audit(1753610446.920:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.074473][   T30] audit: type=1326 audit(1753610446.930:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.106786][   T30] audit: type=1326 audit(1753610446.930:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.140843][   T30] audit: type=1326 audit(1753610446.930:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.167941][   T30] audit: type=1326 audit(1753610446.930:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.190313][    T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  469.202189][   T30] audit: type=1326 audit(1753610446.940:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.228999][   T30] audit: type=1326 audit(1753610446.940:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.253972][   T30] audit: type=1326 audit(1753610446.940:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9056 comm="syz.5.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  469.344764][ T5860] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  469.356949][    T9] usb 3-1: Using ep0 maxpacket: 8
[  469.368751][    T9] usb 3-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  469.398709][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  469.420381][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  469.458299][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.499694][    T9] usb 3-1: config 0 descriptor??
[  469.514725][ T5860] usb 4-1: Using ep0 maxpacket: 16
[  469.528266][ T5860] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  469.541052][ T5860] usb 4-1: config 0 has no interface number 0
[  469.571385][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input13
[  469.611106][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  469.726807][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0x8 has an invalid bInterval 25, changing to 8
[  470.027947][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0xB has an invalid bInterval 36, changing to 9
[  470.215093][ T5198] bcm5974 3-1:0.0: could not write to device
[  470.285354][    T9] usb 3-1: USB disconnect, device number 17
[  470.304580][   T10] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  470.328889][ T5198] bcm5974 3-1:0.0: could not read from device
[  470.361388][ T5860] usb 4-1: config 0 interface 2 altsetting 6 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  470.385377][ T5198] bcm5974 3-1:0.0: could not read from device
[  470.408517][ T5198] bcm5974 3-1:0.0: could not read from device
[  470.445438][ T5860] usb 4-1: config 0 interface 2 has no altsetting 0
[  470.489130][ T5860] usb 4-1: New USB device found, idVendor=1514, idProduct=2008, bcdDevice=dd.f9
[  470.508018][ T5860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.518829][ T5860] usb 4-1: Product: syz
[  470.527447][ T5860] usb 4-1: Manufacturer: syz
[  470.534112][ T5860] usb 4-1: SerialNumber: syz
[  470.548088][ T5860] usb 4-1: config 0 descriptor??
[  470.556568][   T10] usb 1-1: Using ep0 maxpacket: 16
[  470.566723][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  470.580452][ T5860] ftdi_sio 4-1:0.2: FTDI USB Serial Device converter detected
[  470.596624][   T10] usb 1-1: config 11 has an invalid interface number: 92 but max is 0
[  470.608454][   T10] usb 1-1: config 11 has no interface number 0
[  470.620359][ T5860] ftdi_sio ttyUSB0: unknown device type: 0xddf9
[  470.629230][   T10] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0x5 has an invalid bInterval 51, changing to 9
[  470.649502][   T10] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  470.666404][   T10] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0xF has invalid maxpacket 100, setting to 64
[  470.680263][   T10] usb 1-1: config 11 interface 92 has no altsetting 0
[  470.697561][   T10] usb 1-1: New USB device found, idVendor=05ac, idProduct=021b, bcdDevice=80.e2
[  470.720320][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.754867][   T10] usb 1-1: Product: syz
[  470.759092][   T10] usb 1-1: Manufacturer: syz
[  470.818163][   T43] usb 4-1: USB disconnect, device number 18
[  470.824137][   T10] usb 1-1: SerialNumber: syz
[  470.881202][   T43] ftdi_sio 4-1:0.2: device disconnected
[  470.965333][ T9077] lo speed is unknown, defaulting to 1000
[  471.179507][   T10] appletouch 1-1:11.92: Could not find int-in endpoint
[  471.227402][   T10] appletouch 1-1:11.92: probe with driver appletouch failed with error -5
[  471.351351][   T10] usbhid 1-1:11.92: couldn't find an input interrupt endpoint
[  471.915187][   T10] usb 1-1: USB disconnect, device number 20
[  472.934345][ T9095] loop2: detected capacity change from 0 to 512
[  473.030570][ T9095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.126630][ T9095] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  473.305473][ T9102] loop5: detected capacity change from 0 to 4096
[  474.317448][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  474.317477][   T30] audit: type=1326 audit(1753610452.720:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.354458][   T30] audit: type=1326 audit(1753610452.720:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.378946][   T30] audit: type=1326 audit(1753610452.720:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.410066][   T30] audit: type=1326 audit(1753610452.720:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.451821][   T30] audit: type=1326 audit(1753610452.730:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.481688][   T30] audit: type=1326 audit(1753610452.730:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.659884][   T30] audit: type=1326 audit(1753610452.730:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.775661][   T30] audit: type=1326 audit(1753610452.730:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.839373][   T30] audit: type=1326 audit(1753610452.730:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  474.965267][   T30] audit: type=1326 audit(1753610452.730:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9111 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  475.214078][   T24] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  475.458688][   T24] usb 6-1: device descriptor read/64, error -71
[  475.773580][   T24] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  476.015118][   T24] usb 6-1: device descriptor read/64, error -71
[  476.021673][ T9125] usb usb8: usbfs: process 9125 (syz.4.851) did not claim interface 0 before use
[  476.094364][ T9125] misc userio: Invalid payload size
[  476.414395][   T24] usb usb6-port1: attempt power cycle
[  476.434789][ T5860] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  476.615812][ T5860] usb 5-1: Using ep0 maxpacket: 16
[  476.625636][ T5860] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  476.829907][ T5860] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  476.861601][   T24] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  476.915678][ T5860] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  476.930473][ T5860] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.931292][   T24] usb 6-1: device descriptor read/8, error -71
[  476.996443][ T5860] usb 5-1: Product: syz
[  477.034887][ T5860] usb 5-1: Manufacturer: syz
[  477.039556][ T5860] usb 5-1: SerialNumber: syz
[  477.087069][ T5859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.243620][   T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  477.303805][   T43] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  477.320086][   T24] usb 6-1: device descriptor read/8, error -71
[  477.647675][   T24] usb usb6-port1: unable to enumerate USB device
[  477.811228][   T43] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  477.958170][   T43] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  478.131355][ T9138] loop2: detected capacity change from 0 to 512
[  478.145863][ T5860] usb 5-1: 0:2 : does not exist
[  478.167059][ T5860] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  478.169695][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.377021][ T5860] usb 5-1: USB disconnect, device number 15
[  478.377739][   T43] usb 7-1: config 0 descriptor??
[  478.399932][   T43] pwc: Askey VC010 type 2 USB webcam detected.
[  478.409746][ T9138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.468065][ T9138] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  479.646685][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'.
[  479.905061][   T10] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  480.463643][   T43] pwc: recv_control_msg error -32 req 02 val 2b00
[  480.481006][   T43] pwc: recv_control_msg error -32 req 02 val 2700
[  480.498718][   T43] pwc: recv_control_msg error -32 req 02 val 2c00
[  480.545431][   T43] pwc: recv_control_msg error -32 req 04 val 1000
[  480.560377][   T43] pwc: recv_control_msg error -32 req 04 val 1300
[  480.598950][   T43] pwc: recv_control_msg error -32 req 04 val 1400
[  480.624380][   T10] usb 1-1: Using ep0 maxpacket: 16
[  480.629967][   T43] pwc: recv_control_msg error -32 req 02 val 2000
[  480.653717][   T43] pwc: recv_control_msg error -32 req 02 val 2100
[  480.656224][   T10] usb 1-1: config 0 has an invalid interface number: 217 but max is 0
[  480.675885][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  480.675905][   T30] audit: type=1326 audit(1753610459.470:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  480.676773][   T43] pwc: recv_control_msg error -32 req 04 val 1500
[  480.713575][   T30] audit: type=1326 audit(1753610459.470:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  480.713657][   T10] usb 1-1: config 0 has no interface number 0
[  480.805484][   T30] audit: type=1326 audit(1753610459.470:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  480.859570][ T5859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.872884][   T10] usb 1-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=32.5e
[  480.895864][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.901457][   T43] pwc: recv_control_msg error -32 req 02 val 2500
[  480.909638][   T10] usb 1-1: Product: syz
[  480.924892][   T43] pwc: recv_control_msg error -32 req 02 val 2400
[  480.947524][   T10] usb 1-1: Manufacturer: syz
[  480.955604][   T10] usb 1-1: SerialNumber: syz
[  480.965982][   T30] audit: type=1326 audit(1753610459.470:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f09ef38e5ab code=0x7ffc0000
[  480.971220][   T43] pwc: recv_control_msg error -32 req 02 val 2600
[  481.000585][   T10] usb 1-1: config 0 descriptor??
[  481.054028][ T9162] loop5: detected capacity change from 0 to 256
[  481.085151][   T10] ttusb_dec_send_command: command bulk message failed: error -22
[  481.209913][   T30] audit: type=1326 audit(1753610459.690:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f09ef38e5ab code=0x7ffc0000
[  481.375165][   T10] ttusb-dec 1-1:0.217: probe with driver ttusb-dec failed with error -22
[  481.897895][   T43] pwc: recv_control_msg error -32 req 02 val 2900
[  481.913651][   T43] pwc: recv_control_msg error -32 req 02 val 2800
[  482.131963][   T30] audit: type=1326 audit(1753610459.690:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  482.224036][   T10] usb 1-1: USB disconnect, device number 21
[  482.527770][ T9162] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  482.541596][   T43] pwc: recv_control_msg error -71 req 04 val 1200
[  482.606788][   T30] audit: type=1326 audit(1753610459.690:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f09ef38e5ab code=0x7ffc0000
[  482.635084][   T43] pwc: Registered as video103.
[  482.646658][   T43] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input14
[  483.023731][   T43] usb 7-1: USB disconnect, device number 15
[  483.029771][   T30] audit: type=1326 audit(1753610459.720:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f09ef38e5ab code=0x7ffc0000
[  483.059224][   T30] audit: type=1326 audit(1753610459.720:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ef38e9a9 code=0x7ffc0000
[  483.086870][   T30] audit: type=1326 audit(1753610459.720:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9132 comm="syz.6.853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f09ef38e5ab code=0x7ffc0000
[  484.087880][ T9192] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  484.453821][ T5940] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  484.489925][ T9199] netlink: 20 bytes leftover after parsing attributes in process `syz.6.871'.
[  485.970703][ T9192] loop5: detected capacity change from 0 to 256
[  486.013817][ T5940] usb 3-1: device descriptor read/64, error -71
[  486.069094][ T9192] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  486.086600][ T9184] loop0: detected capacity change from 0 to 512
[  486.120779][ T9192] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  486.157650][ T9192] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  486.218206][ T9184] EXT4-fs warning (device loop0): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop0.
[  486.263921][ T5940] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  486.433577][ T5940] usb 3-1: device descriptor read/64, error -71
[  486.573895][ T5940] usb usb3-port1: attempt power cycle
[  487.276752][ T9216] trusted_key: syz.6.877 sent an empty control message without MSG_MORE.
[  488.508730][ T9222] FAULT_INJECTION: forcing a failure.
[  488.508730][ T9222] name failslab, interval 1, probability 0, space 0, times 0
[  488.521885][ T9222] CPU: 1 UID: 0 PID: 9222 Comm: syz.2.879 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  488.521918][ T9222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  488.521933][ T9222] Call Trace:
[  488.521942][ T9222]  <TASK>
[  488.521952][ T9222]  dump_stack_lvl+0x189/0x250
[  488.521988][ T9222]  ? __pfx____ratelimit+0x10/0x10
[  488.522015][ T9222]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.522045][ T9222]  ? __pfx__printk+0x10/0x10
[  488.522080][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.522122][ T9222]  should_fail_ex+0x414/0x560
[  488.522161][ T9222]  should_failslab+0xa8/0x100
[  488.522203][ T9222]  __kmalloc_cache_noprof+0x70/0x3d0
[  488.522240][ T9222]  ? psample_group_get+0x118/0x280
[  488.522282][ T9222]  psample_group_get+0x118/0x280
[  488.522320][ T9222]  tcf_sample_init+0x455/0x9c0
[  488.522371][ T9222]  ? __pfx_tcf_sample_init+0x10/0x10
[  488.522422][ T9222]  ? nla_memcpy+0x5b/0xc0
[  488.522454][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.522492][ T9222]  tcf_action_init_1+0x463/0x6d0
[  488.522530][ T9222]  ? __pfx_tcf_action_init_1+0x10/0x10
[  488.522560][ T9222]  ? _raw_read_unlock+0x28/0x50
[  488.522583][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.522611][ T9222]  ? tc_action_load_ops+0x214/0x4e0
[  488.522660][ T9222]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  488.522700][ T9222]  ? __nla_parse+0x40/0x60
[  488.522735][ T9222]  tcf_action_init+0x2cf/0xab0
[  488.522786][ T9222]  ? __pfx_tcf_action_init+0x10/0x10
[  488.522851][ T9222]  ? __pfx___nla_validate_parse+0x10/0x10
[  488.522921][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.522954][ T9222]  tc_ctl_action+0x430/0xbd0
[  488.522997][ T9222]  ? __pfx_tc_ctl_action+0x10/0x10
[  488.523036][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.523064][ T9222]  ? rcu_is_watching+0x15/0xb0
[  488.523145][ T9222]  ? __pfx_tc_ctl_action+0x10/0x10
[  488.523176][ T9222]  rtnetlink_rcv_msg+0x77c/0xb70
[  488.523216][ T9222]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  488.523249][ T9222]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  488.523281][ T9222]  ? ref_tracker_free+0x63a/0x7d0
[  488.523307][ T9222]  ? __copy_skb_header+0xa7/0x550
[  488.523334][ T9222]  ? __pfx_ref_tracker_free+0x10/0x10
[  488.523361][ T9222]  ? __skb_clone+0x63/0x7a0
[  488.523394][ T9222]  netlink_rcv_skb+0x208/0x470
[  488.523433][ T9222]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  488.523469][ T9222]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  488.523521][ T9222]  ? netlink_deliver_tap+0x2e/0x1b0
[  488.523553][ T9222]  ? netlink_deliver_tap+0x2e/0x1b0
[  488.523597][ T9222]  netlink_unicast+0x75c/0x8e0
[  488.523642][ T9222]  netlink_sendmsg+0x805/0xb30
[  488.523691][ T9222]  ? __pfx_netlink_sendmsg+0x10/0x10
[  488.523731][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.523758][ T9222]  ? aa_sock_msg_perm+0x94/0x160
[  488.523796][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.523823][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.523852][ T9222]  ? __pfx_netlink_sendmsg+0x10/0x10
[  488.523891][ T9222]  __sock_sendmsg+0x21c/0x270
[  488.523925][ T9222]  ____sys_sendmsg+0x52d/0x830
[  488.523956][ T9222]  ? __pfx_____sys_sendmsg+0x10/0x10
[  488.523989][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.524017][ T9222]  ? import_iovec+0x74/0xa0
[  488.524059][ T9222]  ___sys_sendmsg+0x21f/0x2a0
[  488.524085][ T9222]  ? __pfx____sys_sendmsg+0x10/0x10
[  488.524117][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.524179][ T9222]  ? __fget_files+0x2a/0x420
[  488.524199][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.524226][ T9222]  ? __fget_files+0x3a0/0x420
[  488.524261][ T9222]  __sys_sendmmsg+0x227/0x430
[  488.524291][ T9222]  ? __pfx___sys_sendmmsg+0x10/0x10
[  488.524312][ T9222]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  488.524374][ T9222]  ? ksys_write+0x22a/0x250
[  488.524411][ T9222]  ? __pfx_ksys_write+0x10/0x10
[  488.524451][ T9222]  ? rcu_is_watching+0x15/0xb0
[  488.524489][ T9222]  __x64_sys_sendmmsg+0xa0/0xc0
[  488.524515][ T9222]  do_syscall_64+0xfa/0x3b0
[  488.524542][ T9222]  ? lockdep_hardirqs_on+0x9c/0x150
[  488.524569][ T9222]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.524592][ T9222]  ? srso_alias_return_thunk+0x5/0xfbef5
[  488.524620][ T9222]  ? exc_page_fault+0x9f/0xf0
[  488.524649][ T9222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.524673][ T9222] RIP: 0033:0x7f6b39f8e9a9
[  488.524694][ T9222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.524715][ T9222] RSP: 002b:00007f6b3adb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  488.524740][ T9222] RAX: ffffffffffffffda RBX: 00007f6b3a1b5fa0 RCX: 00007f6b39f8e9a9
[  488.524760][ T9222] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  488.524784][ T9222] RBP: 00007f6b3adb1090 R08: 0000000000000000 R09: 0000000000000000
[  488.524800][ T9222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.524815][ T9222] R13: 0000000000000000 R14: 00007f6b3a1b5fa0 R15: 00007ffe5241a958
[  488.524852][ T9222]  </TASK>
[  489.102050][ T9211] loop4: detected capacity change from 0 to 4096
[  489.356034][ T9226] netlink: 4 bytes leftover after parsing attributes in process `syz.5.878'.
[  490.147394][ T5973] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  490.501776][ T9232] loop2: detected capacity change from 0 to 1024
[  490.513593][ T5973] usb 6-1: Using ep0 maxpacket: 16
[  490.520962][ T5973] usb 6-1: config 0 has an invalid interface number: 217 but max is 0
[  490.545692][ T5973] usb 6-1: config 0 has no interface number 0
[  490.561107][ T5973] usb 6-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=32.5e
[  490.573091][ T5973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  490.581101][ T5973] usb 6-1: Product: syz
[  490.605074][ T5973] usb 6-1: Manufacturer: syz
[  490.609969][ T5973] usb 6-1: SerialNumber: syz
[  490.661493][ T5973] usb 6-1: config 0 descriptor??
[  490.718832][ T5973] ttusb_dec_send_command: command bulk message failed: error -22
[  490.740970][ T5973] ttusb-dec 6-1:0.217: probe with driver ttusb-dec failed with error -22
[  490.932050][ T6246] hfsplus: b-tree write err: -5, ino 4
[  490.943765][ T6003] usb 6-1: USB disconnect, device number 24
[  491.733689][ T9242] netlink: 'syz.0.885': attribute type 1 has an invalid length.
[  491.741598][ T9242] netlink: 224 bytes leftover after parsing attributes in process `syz.0.885'.
[  492.387770][ T9251] netlink: 244 bytes leftover after parsing attributes in process `syz.2.886'.
[  492.758551][ T9262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.889'.
[  492.863667][ T5973] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  492.993785][ T9266] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.113784][ T5973] usb 3-1: device descriptor read/64, error -71
[  493.293010][ T9266] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.930054][ T9274] netlink: 'syz.0.896': attribute type 4 has an invalid length.
[  493.969604][ T6003] lo speed is unknown, defaulting to 1000
[  493.981795][ T6003] syz0: Port: 1 Link DOWN
[  493.983685][ T5973] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  494.173953][ T5973] usb 3-1: device descriptor read/64, error -71
[  494.209530][ T9266] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.306750][ T9266] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.400736][ T5973] usb usb3-port1: attempt power cycle
[  494.406332][ T5860] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  494.478315][ T9281] loop4: detected capacity change from 0 to 512
[  494.561804][ T9266] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  494.585073][ T9266] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  494.603262][ T9266] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  494.624934][ T9266] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  494.694193][ T5860] usb 1-1: Using ep0 maxpacket: 16
[  494.715821][ T5860] usb 1-1: unable to get BOS descriptor or descriptor too short
[  494.795599][ T5860] usb 1-1: config 11 has an invalid interface number: 92 but max is 0
[  494.810900][ T5860] usb 1-1: config 11 has no interface number 0
[  494.819993][ T5860] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0x5 has an invalid bInterval 51, changing to 9
[  494.846606][ T5860] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  494.869716][ T5860] usb 1-1: config 11 interface 92 altsetting 255 endpoint 0xF has invalid maxpacket 100, setting to 64
[  494.899175][ T5860] usb 1-1: config 11 interface 92 has no altsetting 0
[  494.915252][ T9281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.933953][ T5973] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  494.937823][ T5860] usb 1-1: New USB device found, idVendor=05ac, idProduct=021b, bcdDevice=80.e2
[  494.954840][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.966440][ T9281] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  494.984336][ T5973] usb 3-1: device descriptor read/8, error -71
[  494.996398][ T5860] usb 1-1: Product: syz
[  495.000591][ T5860] usb 1-1: Manufacturer: syz
[  495.008325][ T5860] usb 1-1: SerialNumber: syz
[  495.073665][   T43] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  495.223821][ T5973] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  495.246963][ T5860] appletouch 1-1:11.92: Could not find int-in endpoint
[  495.265486][ T5860] appletouch 1-1:11.92: probe with driver appletouch failed with error -5
[  495.305410][ T5860] usbhid 1-1:11.92: couldn't find an input interrupt endpoint
[  495.397533][ T5860] usb 1-1: USB disconnect, device number 22
[  495.676666][   T43] usb 4-1: Using ep0 maxpacket: 8
[  495.950042][   T43] usb 4-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  495.995543][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  496.020671][   T43] usb 4-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[  496.078511][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.144036][ T5973] usb 3-1: device not accepting address 24, error -71
[  496.383811][   T43] usb 4-1: config 0 descriptor??
[  496.390985][ T5973] usb usb3-port1: unable to enumerate USB device
[  496.505236][ T9297] netlink: 20 bytes leftover after parsing attributes in process `syz.2.901'.
[  497.766651][   T43] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input15
[  498.409579][ T5860] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  498.448913][ T5198] bcm5974 4-1:0.0: could not write to device
[  498.459178][   T10] usb 4-1: USB disconnect, device number 19
[  498.575964][ T5860] usb 3-1: Using ep0 maxpacket: 16
[  498.598041][ T5860] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  498.626247][ T5860] usb 3-1: config 0 has no interface number 0
[  498.669088][ T5860] usb 3-1: config 0 interface 2 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  498.724960][ T5860] usb 3-1: config 0 interface 2 altsetting 6 endpoint 0x8 has an invalid bInterval 25, changing to 8
[  498.754890][ T5860] usb 3-1: config 0 interface 2 altsetting 6 endpoint 0xB has an invalid bInterval 36, changing to 9
[  498.781362][ T9310] netlink: 244 bytes leftover after parsing attributes in process `syz.6.906'.
[  498.811538][ T5860] usb 3-1: config 0 interface 2 altsetting 6 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  498.851412][ T5860] usb 3-1: config 0 interface 2 has no altsetting 0
[  498.888907][ T5860] usb 3-1: New USB device found, idVendor=1514, idProduct=2008, bcdDevice=dd.f9
[  498.901491][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.949565][ T5860] usb 3-1: Product: syz
[  498.956244][ T5860] usb 3-1: Manufacturer: syz
[  498.965515][ T5860] usb 3-1: SerialNumber: syz
[  499.468557][ T5860] usb 3-1: config 0 descriptor??
[  499.509151][ T5860] ftdi_sio 3-1:0.2: FTDI USB Serial Device converter detected
[  499.549985][ T5860] ftdi_sio ttyUSB0: unknown device type: 0xddf9
[  499.708897][ T5860] usb 3-1: USB disconnect, device number 25
[  499.728143][ T5860] ftdi_sio 3-1:0.2: device disconnected
[  501.053709][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  501.060174][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  501.490860][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  501.490883][   T30] audit: type=1326 audit(1753610480.280:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  501.561734][ T9337] netlink: 20 bytes leftover after parsing attributes in process `syz.2.915'.
[  501.594809][   T30] audit: type=1326 audit(1753610480.310:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  501.747295][   T30] audit: type=1326 audit(1753610480.340:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  501.791343][ T5857] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.825276][ T9335] wg2: entered promiscuous mode
[  501.830206][ T9335] wg2: entered allmulticast mode
[  501.839790][   T30] audit: type=1326 audit(1753610480.340:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  501.971398][   T30] audit: type=1326 audit(1753610480.340:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  502.121278][   T30] audit: type=1326 audit(1753610480.360:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  502.255830][   T30] audit: type=1326 audit(1753610480.360:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  502.379481][   T30] audit: type=1326 audit(1753610480.360:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  502.490959][   T30] audit: type=1326 audit(1753610480.360:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  502.620320][   T30] audit: type=1326 audit(1753610480.360:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9334 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  503.415147][ T9381] netlink: 8 bytes leftover after parsing attributes in process `syz.6.934'.
[  504.137424][ T9400] loop4: detected capacity change from 0 to 512
[  504.260550][ T9402] loop3: detected capacity change from 0 to 1756
[  504.289281][ T9400] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.938: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  504.360486][ T9400] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.938: Bad quota inode: 3, type: 0
[  504.409923][ T9400] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  504.466948][ T9400] EXT4-fs (loop4): mount failed
[  505.748175][ T9444] loop5: detected capacity change from 0 to 128
[  505.897734][ T9444] syz.5.954: attempt to access beyond end of device
[  505.897734][ T9444] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128
[  506.021928][ T9451] loop2: detected capacity change from 0 to 1024
[  506.159468][ T9451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  506.475747][ T9465] loop3: detected capacity change from 0 to 2364
[  506.799241][ T8910] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.046834][ T9475] lo speed is unknown, defaulting to 1000
[  507.298197][   T30] kauditd_printk_skb: 143 callbacks suppressed
[  507.298220][   T30] audit: type=1326 audit(1753610486.080:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  507.444911][   T30] audit: type=1326 audit(1753610486.090:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  507.554959][   T30] audit: type=1326 audit(1753610486.090:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  507.698588][   T30] audit: type=1326 audit(1753610486.090:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  507.805798][ T9488] loop3: detected capacity change from 0 to 512
[  507.825606][   T30] audit: type=1326 audit(1753610486.090:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  507.907939][ T9488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  507.914573][   T30] audit: type=1326 audit(1753610486.100:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  508.025957][   T30] audit: type=1326 audit(1753610486.100:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  508.139436][   T30] audit: type=1326 audit(1753610486.100:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  508.196785][ T9476] kernel profiling enabled (shift: 17)
[  508.261162][   T30] audit: type=1326 audit(1753610486.100:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3bb8e9a9 code=0x7ffc0000
[  508.418521][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.529611][ T9486] syz.6.974: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  508.565011][ T9486] CPU: 0 UID: 0 PID: 9486 Comm: syz.6.974 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  508.565048][ T9486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  508.565062][ T9486] Call Trace:
[  508.565072][ T9486]  <TASK>
[  508.565083][ T9486]  dump_stack_lvl+0x189/0x250
[  508.565123][ T9486]  ? __pfx_dump_stack_lvl+0x10/0x10
[  508.565153][ T9486]  ? __pfx__printk+0x10/0x10
[  508.565187][ T9486]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  508.565221][ T9486]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  508.565254][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565283][ T9486]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  508.565319][ T9486]  warn_alloc+0x214/0x310
[  508.565350][ T9486]  ? __pfx_warn_alloc+0x10/0x10
[  508.565382][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565410][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565437][ T9486]  ? __get_vm_area_node+0x28f/0x300
[  508.565474][ T9486]  ? packet_set_ring+0x6f4/0x2380
[  508.565518][ T9486]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  508.565585][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565618][ T9486]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  508.565657][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565684][ T9486]  ? alloc_pages_mpol+0x3cd/0x4a0
[  508.565724][ T9486]  ? packet_set_ring+0x6f4/0x2380
[  508.565761][ T9486]  vzalloc_noprof+0xb2/0xf0
[  508.565807][ T9486]  ? packet_set_ring+0x6f4/0x2380
[  508.565845][ T9486]  packet_set_ring+0x6f4/0x2380
[  508.565909][ T9486]  ? __pfx_packet_set_ring+0x10/0x10
[  508.565957][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.565995][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566022][ T9486]  ? _copy_from_user+0x94/0xb0
[  508.566064][ T9486]  packet_setsockopt+0xc5a/0x12c0
[  508.566105][ T9486]  ? __pfx_packet_setsockopt+0x10/0x10
[  508.566150][ T9486]  ? __lock_acquire+0xab9/0xd20
[  508.566181][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566207][ T9486]  ? aa_sk_perm+0x81e/0x950
[  508.566239][ T9486]  ? __pfx_aa_sk_perm+0x10/0x10
[  508.566262][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566293][ T9486]  ? __fget_files+0x2a/0x420
[  508.566315][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566342][ T9486]  ? aa_sock_opt_perm+0x74/0x110
[  508.566370][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566397][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566424][ T9486]  ? __pfx_packet_setsockopt+0x10/0x10
[  508.566464][ T9486]  do_sock_setsockopt+0x17c/0x1b0
[  508.566508][ T9486]  __x64_sys_setsockopt+0x13f/0x1b0
[  508.566553][ T9486]  do_syscall_64+0xfa/0x3b0
[  508.566581][ T9486]  ? lockdep_hardirqs_on+0x9c/0x150
[  508.566607][ T9486]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.566629][ T9486]  ? srso_alias_return_thunk+0x5/0xfbef5
[  508.566656][ T9486]  ? exc_page_fault+0x9f/0xf0
[  508.566685][ T9486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.566709][ T9486] RIP: 0033:0x7f09ef38e9a9
[  508.566732][ T9486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.566753][ T9486] RSP: 002b:00007f09f0147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  508.566786][ T9486] RAX: ffffffffffffffda RBX: 00007f09ef5b5fa0 RCX: 00007f09ef38e9a9
[  508.566805][ T9486] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000005
[  508.566820][ T9486] RBP: 00007f09ef410d69 R08: 000000000000001c R09: 0000000000000000
[  508.566837][ T9486] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  508.566853][ T9486] R13: 0000000000000000 R14: 00007f09ef5b5fa0 R15: 00007fffcfe48f48
[  508.566893][ T9486]  </TASK>
[  508.566912][ T9486] Mem-Info:
[  509.075002][ T9486] active_anon:11201 inactive_anon:105 isolated_anon:0
[  509.075002][ T9486]  active_file:11961 inactive_file:40049 isolated_file:0
[  509.075002][ T9486]  unevictable:768 dirty:94 writeback:0
[  509.075002][ T9486]  slab_reclaimable:10885 slab_unreclaimable:102505
[  509.075002][ T9486]  mapped:29737 shmem:8605 pagetables:955
[  509.075002][ T9486]  sec_pagetables:0 bounce:0
[  509.075002][ T9486]  kernel_misc_reclaimable:0
[  509.075002][ T9486]  free:1281571 free_pcp:16165 free_cma:0
[  509.234617][ T9486] Node 0 active_anon:44704kB inactive_anon:420kB active_file:47844kB inactive_file:159996kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122948kB dirty:376kB writeback:0kB shmem:32884kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12636kB pagetables:3788kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  509.333451][ T9486] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  509.410604][ T9503] Invalid ELF header magic: != ELF
[  509.571567][ T9486] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  509.605704][ T9486] lowmem_reserve[]: 0 2498 2500 2500 2500
[  509.611857][ T9504] netlink: 'syz.3.983': attribute type 13 has an invalid length.
[  509.626042][ T9486] Node 0 DMA32 free:1186776kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44872kB inactive_anon:420kB active_file:47844kB inactive_file:158396kB unevictable:1536kB writepending:356kB present:3129332kB managed:2558492kB mlocked:0kB bounce:0kB free_pcp:46904kB local_pcp:19784kB free_cma:0kB
[  509.785776][ T9486] lowmem_reserve[]: 0 0 1 1 1
[  509.793374][ T9486] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1568kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  509.876048][ T9486] lowmem_reserve[]: 0 0 0 0 0
[  509.895812][ T9486] Node 1 Normal free:3902692kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:18568kB local_pcp:8008kB free_cma:0kB
[  509.996218][ T9486] lowmem_reserve[]: 0 0 0 0 0
[  510.001559][ T9486] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  510.041909][ T9504] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.051243][ T9504] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.099897][ T9486] Node 0 DMA32: 2*4kB (ME) 3*8kB (UME) 275*16kB (UM) 441*32kB (ME) 282*64kB (ME) 91*128kB (UME) 108*256kB (UME) 77*512kB (UME) 46*1024kB (UME) 25*2048kB (UM) 221*4096kB (UM) = 1118832kB
[  510.197683][ T9486] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  510.298627][ T9486] Node 1 Normal: 169*4kB (UE) 48*8kB (UME) 25*16kB (UME) 105*32kB (UME) 36*64kB (UME) 6*128kB (UME) 6*256kB (UME) 2*512kB (M) 3*1024kB (UME) 1*2048kB (E) 949*4096kB (M) = 3902676kB
[  510.374127][ T9486] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  510.415913][ T9486] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  510.428093][ T9486] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  510.428992][ T9504] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  510.448201][ T9486] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  510.448259][ T9486] 60660 total pagecache pages
[  510.448271][ T9486] 105 pages in swap cache
[  510.448282][ T9486] Free swap  = 124576kB
[  510.448293][ T9486] Total swap = 124996kB
[  510.448306][ T9486] 2097051 pages RAM
[  510.448316][ T9486] 0 pages HighMem/MovableOnly
[  510.448327][ T9486] 425386 pages reserved
[  510.448338][ T9486] 0 pages cma reserved
[  510.457353][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  510.519672][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  510.529852][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  510.563345][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  510.603287][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  510.718482][ T9504] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  511.193874][   T30] audit: type=1326 audit(1753610489.980:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.5.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  511.271335][ T9532] loop5: detected capacity change from 0 to 8192
[  511.286160][ T9504] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  511.317165][ T9504] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  511.361764][ T9504] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  511.403502][ T9504] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  511.507159][ T9532]  loop5: p2 p3 p4
[  511.512694][ T9532] loop5: partition table partially beyond EOD, truncated
[  511.534140][ T9532] loop5: p2 start 2936012800 is beyond EOD, truncated
[  511.544426][ T9532] loop5: p3 start 1912602624 is beyond EOD, truncated
[  511.551539][ T9532] loop5: p4 size 656640 extends beyond EOD, truncated
[  511.944858][ T9543] netlink: 'syz.5.989': attribute type 4 has an invalid length.
[  512.009938][ T9543] netlink: 'syz.5.989': attribute type 4 has an invalid length.
[  512.068198][ T9524] lo speed is unknown, defaulting to 1000
[  512.680080][ T9560] loop5: detected capacity change from 0 to 2048
[  512.704958][ T5163] Bluetooth: hci5: command tx timeout
[  512.737504][ T9560] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 18446743798831644674)!
[  512.790415][ T9560] EXT4-fs (loop5): group descriptors corrupted!
[  512.877517][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  512.877541][   T30] audit: type=1326 audit(1753610491.670:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  512.925002][ T9560] netlink: 'syz.5.997': attribute type 3 has an invalid length.
[  513.004294][   T30] audit: type=1326 audit(1753610491.700:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  513.086198][   T30] audit: type=1326 audit(1753610491.700:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  513.141125][   T30] audit: type=1326 audit(1753610491.700:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.0.998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  513.156837][ T9524] chnl_net:caif_netlink_parms(): no params data found
[  513.186745][   T30] audit: type=1326 audit(1753610491.700:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.0.998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  513.260415][   T30] audit: type=1326 audit(1753610491.700:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.0.998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  513.351647][   T30] audit: type=1326 audit(1753610491.700:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  513.445808][   T30] audit: type=1326 audit(1753610491.700:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.0.998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  513.471766][   T30] audit: type=1326 audit(1753610491.700:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.5.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4d738e9a9 code=0x7ffc0000
[  513.505807][   T30] audit: type=1326 audit(1753610491.700:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.0.998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb87f8e9a9 code=0x7ffc0000
[  513.869105][ T9524] bridge0: port 1(bridge_slave_0) entered blocking state
[  513.901808][ T9524] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.945600][ T9524] bridge_slave_0: entered allmulticast mode
[  513.975660][ T9524] bridge_slave_0: entered promiscuous mode
[  513.996970][ T9524] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.053869][ T9524] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.061235][ T9524] bridge_slave_1: entered allmulticast mode
[  514.106001][ T9524] bridge_slave_1: entered promiscuous mode
[  514.235812][ T9594] loop5: detected capacity change from 0 to 2048
[  514.286256][ T9594]  loop5: p1 < > p4
[  514.291926][ T9594] loop5: p4 size 8388608 extends beyond EOD, truncated
[  514.309497][ T9524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.384045][ T9524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.577356][ T9524] team0: Port device team_slave_0 added
[  514.595600][ T9596] sd 0:0:1:0: device reset
[  514.630510][ T9524] team0: Port device team_slave_1 added
[  514.814870][ T5163] Bluetooth: hci5: command tx timeout
[  514.987497][ T9604] loop0: detected capacity change from 0 to 512
[  515.151063][ T9524] batman_adv: batadv0: Adding interface: batadv_slave_0
[  515.185719][ T9524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  515.255244][ T9604] EXT4-fs (loop0): orphan cleanup on readonly fs
[  515.294416][ T9524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  515.313799][ T9604] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1013: bg 0: block 248: padding at end of block bitmap is not set
[  515.418723][ T9524] batman_adv: batadv0: Adding interface: batadv_slave_1
[  515.424166][ T9604] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1013: Failed to acquire dquot type 1
[  515.448329][ T9524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  515.499741][ T9604] EXT4-fs (loop0): 1 truncate cleaned up
[  515.551051][ T9604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  515.598241][ T9617] loop5: detected capacity change from 0 to 128
[  515.626106][ T9524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  515.894774][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.364070][ T9524] hsr_slave_0: entered promiscuous mode
[  516.406358][ T9524] hsr_slave_1: entered promiscuous mode
[  516.454940][ T9524] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  516.495845][ T9524] Cannot create hsr debugfs directory
[  516.903609][ T5163] Bluetooth: hci5: command tx timeout
[  517.665584][ T9524] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  517.810609][ T9524] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  517.867890][ T9524] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  517.928623][ T9524] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  518.011268][ T9652] loop0: detected capacity change from 0 to 512
[  518.155698][ T9652] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1030: casefold flag without casefold feature
[  518.268608][ T9652] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1030: couldn't read orphan inode 15 (err -117)
[  518.309218][ T9652] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  518.560890][ T9524] 8021q: adding VLAN 0 to HW filter on device bond0
[  518.570960][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.679341][ T9671] loop3: detected capacity change from 0 to 512
[  518.711727][ T9524] 8021q: adding VLAN 0 to HW filter on device team0
[  518.738973][ T9671] EXT4-fs: Ignoring removed oldalloc option
[  518.807090][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.814322][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  518.868848][ T9671] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.1034: Parent and EA inode have the same ino 15
[  518.944220][ T5163] Bluetooth: hci5: command tx timeout
[  518.957170][ T9671] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  518.961723][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.977646][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.043966][ T9671] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.1034: Parent and EA inode have the same ino 15
[  519.159575][ T9671] EXT4-fs (loop3): 1 orphan inode deleted
[  519.215058][ T9671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.421127][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.618998][ T9468] Set syz1 is full, maxelem 65536 reached
[  519.936237][ T9686] netlink: 'syz.4.1039': attribute type 3 has an invalid length.
[  520.098245][ T9683] loop0: detected capacity change from 0 to 8192
[  520.318027][ T9524] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.995864][ T9704] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1046'.
[  521.376972][ T9713] loop0: detected capacity change from 0 to 512
[  521.389182][ T9715] loop4: detected capacity change from 0 to 764
[  521.514920][ T9713] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1048: casefold flag without casefold feature
[  521.565098][ T9713] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1048: couldn't read orphan inode 15 (err -117)
[  521.648687][ T9713] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  521.750566][ T9524] veth0_vlan: entered promiscuous mode
[  521.861168][ T9524] veth1_vlan: entered promiscuous mode
[  522.018278][ T9725] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1052'.
[  522.050450][ T9727] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  522.057194][ T9727] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  522.068283][ T9524] veth0_macvtap: entered promiscuous mode
[  522.128179][ T9524] veth1_macvtap: entered promiscuous mode
[  522.147401][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.170159][ T9727] vhci_hcd vhci_hcd.0: Device attached
[  522.270801][ T9524] batman_adv: batadv0: Interface activated: batadv_slave_0
[  522.357244][ T9524] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.374974][ T9510] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  522.423989][ T9524] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.462219][ T9524] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.483559][ T9524] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.523568][ T9524] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  522.876260][ T9729] vhci_hcd: connection reset by peer
[  522.897083][ T1138] vhci_hcd: stop threads
[  522.901948][ T1138] vhci_hcd: release socket
[  522.910768][ T1138] vhci_hcd: disconnect device
[  523.415636][ T6021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.434958][ T9527] Oops: general protection fault, probably for non-canonical address 0xdffffc001fffe000: 0000 [#1] SMP KASAN NOPTI
[  523.436180][ T9524] ieee80211 phy29: Selected rate control algorithm 'minstrel_ht'
[  523.447049][ T9527] KASAN: probably user-memory-access in range [0x00000000ffff0000-0x00000000ffff0007]
[  523.447073][ T9527] CPU: 0 UID: 0 PID: 9527 Comm: kworker/0:11 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) 
[  523.447103][ T9527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  523.447119][ T9527] Workqueue: mld mld_ifc_work
[  523.447160][ T9527] RIP: 0010:add_grec+0x764/0x1670
[  523.447200][ T9527] Code: 41 01 41 89 c7 31 ff 89 c6 e8 88 a6 93 f7 45 85 ff 0f 84 b0 00 00 00 e8 3a a2 93 f7 eb 05 e8 33 a2 93 f7 49 89 ee 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 ef e8 1d b4 f5 f7 48 8b 45 00 48 89 84
[  523.447221][ T9527] RSP: 0018:ffffc900051978f8 EFLAGS: 00010216
[  523.447243][ T9527] RAX: ffffffff8a2c84a6 RBX: ffff888054a5a140 RCX: ffff88801e6f3c00
[  523.447262][ T9527] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  523.447277][ T9527] RBP: 00000000ffff0000 R08: ffff88801e6f3c00 R09: 0000000000000002
[  523.447295][ T9527] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  523.447312][ T9527] R13: 0000000000000005 R14: 000000001fffe000 R15: 0000000000000001
[  523.447330][ T9527] FS:  0000000000000000(0000) GS:ffff888125c23000(0000) knlGS:0000000000000000
[  523.447351][ T9527] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  523.447369][ T9527] CR2: 00007fdb881823f8 CR3: 000000000df38000 CR4: 0000000000350ef0
[  523.447388][ T9527] Call Trace:
[  523.447398][ T9527]  <TASK>
[  523.447423][ T9527]  mld_ifc_work+0x671/0xde0
[  523.447459][ T9527]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.465739][ T6021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.476897][ T9527]  ? process_scheduled_works+0x9ef/0x17b0
[  523.476935][ T9527]  process_scheduled_works+0xae1/0x17b0
[  523.619851][ T9527]  ? __pfx_process_scheduled_works+0x10/0x10
[  523.625851][ T9527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.631492][ T9527]  worker_thread+0x8a0/0xda0
[  523.636128][ T9527]  kthread+0x711/0x8a0
[  523.640216][ T9527]  ? __pfx_worker_thread+0x10/0x10
[  523.645336][ T9527]  ? __pfx_kthread+0x10/0x10
[  523.650028][ T9527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.655671][ T9527]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.660873][ T9527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  523.666507][ T9527]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.671703][ T9527]  ? __pfx_kthread+0x10/0x10
[  523.676298][ T9527]  ret_from_fork+0x3fc/0x770
[  523.680889][ T9527]  ? __pfx_ret_from_fork+0x10/0x10
[  523.686006][ T9527]  ? __switch_to_asm+0x39/0x70
[  523.690777][ T9527]  ? __switch_to_asm+0x33/0x70
[  523.695550][ T9527]  ? __pfx_kthread+0x10/0x10
[  523.700149][ T9527]  ret_from_fork_asm+0x1a/0x30
[  523.704927][ T9527]  </TASK>
[  523.707936][ T9527] Modules linked in:
[  523.715558][ T9527] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  523.807555][ T9742] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1058'.
[  524.447914][ T9527] RIP: 0010:add_grec+0x764/0x1670
[  524.477249][ T9527] Code: 41 01 41 89 c7 31 ff 89 c6 e8 88 a6 93 f7 45 85 ff 0f 84 b0 00 00 00 e8 3a a2 93 f7 eb 05 e8 33 a2 93 f7 49 89 ee 49 c1 ee 03 <43> 80 3c 26 00 74 08 48 89 ef e8 1d b4 f5 f7 48 8b 45 00 48 89 84
[  524.534413][ T9527] RSP: 0018:ffffc900051978f8 EFLAGS: 00010216
[  524.540560][ T9527] RAX: ffffffff8a2c84a6 RBX: ffff888054a5a140 RCX: ffff88801e6f3c00
[  524.574171][ T9527] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  524.594818][ T9527] RBP: 00000000ffff0000 R08: ffff88801e6f3c00 R09: 0000000000000002
[  524.614345][ T9527] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  524.634121][ T9527] R13: 0000000000000005 R14: 000000001fffe000 R15: 0000000000000001
[  524.651196][ T9527] FS:  0000000000000000(0000) GS:ffff888125c23000(0000) knlGS:0000000000000000
[  524.684819][ T9527] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  524.691457][ T9527] CR2: 0000200001000000 CR3: 000000000df38000 CR4: 0000000000350ef0
[  524.734838][ T9527] Kernel panic - not syncing: Fatal exception
[  524.741193][ T9527] Kernel Offset: disabled
[  524.745523][ T9527] Rebooting in 86400 seconds..