last executing test programs:

40m11.498104201s ago: executing program 1 (id=441):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sched_rr_get_interval(r0, &(0x7f0000000180))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
capget(&(0x7f0000000040)={0x19980330, r3}, &(0x7f0000000100)={0x0, 0x1, 0x7, 0x5, 0x1ff, 0x1ff})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x48)
alarm(0x8000000000000001)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
alarm(0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000280), &(0x7f0000000080)=r5}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

40m9.545552909s ago: executing program 1 (id=444):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, &(0x7f00000005c0)}, 0x20)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b70800000000a21511faf0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7040000080000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x200000, &(0x7f0000000c80)={[], [{@subj_role={'subj_role', 0x3d, 'vlan0\x00'}}, {@flag='lazytime'}, {@uid_eq}, {@fowner_lt}, {@fowner_lt}, {@context={'context', 0x3d, 'user_u'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fsmagic={'fsmagic', 0x3d, 0x21bc}}, {@audit}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
mount$incfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x340, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd8, 0x0, {}, [@common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x3}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x288)
r7 = socket$inet6(0x10, 0x2, 0x0)
sendto$inet6(r7, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0)
mmap(&(0x7f00001f0000/0x3000)=nil, 0x3000, 0x2000003, 0x50, 0xffffffffffffffff, 0x1c227000)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)

40m9.102204985s ago: executing program 3 (id=446):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
clock_settime(0xfffffff4, &(0x7f00000001c0)={0x0, 0x3938700})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
mkdir(0x0, 0x40)
open(0x0, 0x30000, 0x1b0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0xfffffff9}, 0x1c)
sendto$inet6(r5, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)

40m7.469966288s ago: executing program 1 (id=449):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000c1010000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000059729ec6850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='xprtrdma_inline_thresh\x00', r3}, 0x18)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, 0x0, 0x0)
dup3(r4, r2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000002200), 0x2, 0x0)
sched_setscheduler(r6, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r9, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)

40m3.601329901s ago: executing program 3 (id=451):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002104"], 0x50)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8, 0x0, 0x0, 0x4}, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000340), 0x10140, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x523, 0x1, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, r1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000240)=r0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x44}, 0x76})
gettid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'lo\x00'})
r5 = gettid()
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200890, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$lock(r6, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r6, 0x26, &(0x7f00000031c0)={0x1})

40m2.864930221s ago: executing program 1 (id=453):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000400)=r0, 0x12)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x18)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3800052, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
creat(0x0, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000080000000000ffffffff000000000002000000000000fe8000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200040000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0)
getdents64(0xffffffffffffffff, &(0x7f00000000c0)=""/44, 0x2c)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x2, 0x87e00000, 0x74, 0x5, 0x6]}, &(0x7f00000002c0)=0x54)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000280), 0x10000, 0x0)

40m1.383574421s ago: executing program 3 (id=458):
r0 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x52, &(0x7f0000001380)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x1c, 0x3a, 0x0, @remote, @mcast2, {[], @mlv2_query={0x82, 0x0, 0x0, 0x4, 0x6, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x1, 0x0, 0x1, 0x2}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x30}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x3, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {0x0, 0x10}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x1, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)

40m0.557540278s ago: executing program 1 (id=459):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x9cf000000000000, 0x4bf3, 0x7ff, 0x25, 0x1, 0x0, 0x68e2, 0x1, 0x100, 0x1, 0x9, 0xfffffffffffffff7, 0x3, 0x4, 0xa, 0xf1e], 0x5000, 0x10000})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0x3f}], 0x1, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='tran'])
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000040)=0xd000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r7, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r8 = syz_open_pts(r7, 0x80)
r9 = dup3(r8, r7, 0x80000)
read(r9, &(0x7f00000000c0)=""/226, 0xe2)

40m0.41590273s ago: executing program 1 (id=461):
socket$inet6(0xa, 0x800000000000002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_emit_ethernet(0x2e, &(0x7f0000000540)=ANY=[], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x68, r6, 0x909, 0x70bd25, 0x0, {{}, {}, {0x4c, 0x18, {0x5, @media='udp\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xffffa888}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004020000000100000100000028"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x1ff, 0x0)

40m0.41559447s ago: executing program 32 (id=461):
socket$inet6(0xa, 0x800000000000002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_emit_ethernet(0x2e, &(0x7f0000000540)=ANY=[], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x68, r6, 0x909, 0x70bd25, 0x0, {{}, {}, {0x4c, 0x18, {0x5, @media='udp\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xffffa888}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004020000000100000100000028"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x1ff, 0x0)

40m0.319959128s ago: executing program 3 (id=463):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000480012800e00010069703667726574617000000034000280140007002001000000000000000000000000000014000600fe80000000000000000000000000001508000100", @ANYRES32=r4, @ANYBLOB="deb0920a105bbd0736ce1e769e17c66987a01610ab71cf9fbfd8149a6744cd818222142847b3d2fc4a4d478f6420ae5041f873c1cddc67513bdba87ad7a6f03f0f0713b1395c61934833718fb81a08a514a07aa8878fba02ea9a4f270177388ba74304b4d3b829a95ff2f33bc9e6e2e9f34bc07d81636bfe"], 0x68}}, 0x0)
close(r1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r7, 0x0, 0x0)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r5}, &(0x7f0000000040), &(0x7f00000002c0)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2007, 0x3a, '\r', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000340)='./file2\x00', 0x321807e, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

39m59.593548756s ago: executing program 3 (id=466):
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000340)=@generic={&(0x7f0000000240)='./file0\x00', 0x0, 0x8}, 0x18)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000700)='./file2\x00', 0x0, &(0x7f0000000740)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
ftruncate(r0, 0x100c17a)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x6a)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYRES8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRES8, @ANYRESDEC=0x0, @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES8, @ANYRES8], 0x1, 0x0, &(0x7f0000000000))
truncate(&(0x7f0000000000)='./file2\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xb, &(0x7f0000000480)=ANY=[@ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0xfffffffffffffc66, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', 0x0, 0x5c, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0)={'#! ', '', [{0x20, '\t\t\xf2`:y\xd4H\xfa\xee=d\xd7T\x0f7\x93`\xc6\xd04\xa3\xacQT\x8cj\x83\xa8\xb1\x88H\xe3\x16\xeb\x16\xaa\x91Pn\xcd\xde}$\xad`\xd6(\xa8\xaa\xc67?anM_\xa0\xcf\x82\x84\xf8\xb0\x8amlKL!\xd7\xaaK\xces\x04\x1e*p\x9e\xf2\x16\x01`\xd2+FG\tX)\x910\x00\x00\x00B\x1d\xc7\xd8\xb5\x81\x15\x0f[D8\x88@A$\x88\xa5O&\xae\xe3\b\xa8\xd4\x9b\xabo\xf4\xd1\f\"e\xcdzA\xf49\xc1\xc8\f\x8c\xf3\xa7*O\xe3\xc3L\xd6H\ta\xf5\xc6\xee\xa2\xd4\xde\xe5\x1b\x1e34~\xa8\xb8aQtp\xc8r_\x14K\xd35;\x8f_\xe0|Y\x8b'}]}, 0xb8)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x8, 0xa)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x68, 0x2c, 0xd27, 0x30bd26, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {}, {0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x34, 0x2, [@TCA_MATCHALL_ACT={0x30, 0x2, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x68}, 0x1, 0x2000000, 0x0, 0x10}, 0x84)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000003c0), 0x80000, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000380)={0x1, 0x29a4})
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)
r5 = signalfd4(r3, &(0x7f0000000000)={[0x7]}, 0x8, 0x800)
r6 = epoll_create(0x40)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
shutdown(r7, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000100)={0x80000000})
ioctl$sock_inet6_tcp_SIOCINQ(r5, 0x541b, &(0x7f0000000080))

39m59.395613222s ago: executing program 3 (id=471):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
pivot_root(0x0, 0x0)
umount2(0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, 0x0, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

39m59.074308678s ago: executing program 33 (id=471):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
pivot_root(0x0, 0x0)
umount2(0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, 0x0, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

37m58.038221187s ago: executing program 2 (id=756):
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x5, 0x7ff, 0x54, 0x7fffdfff, 0x7, 0xc, 0x8008, 0x6, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x400, 0x3ff, 0xfffffff4, 0x4, 0xda6, 0x3, 0xa7, 0xeb36, 0x2, 0x9, 0x76c9, 0x200, 0x800001, 0x1, 0x1, 0x7, 0x9, 0xf, 0xb, 0x10, 0x80000000, 0x9, 0xb50, 0x0, 0x800, 0x3, 0x5, 0xbaa3, 0xfffffffe, 0x5, 0x8, 0x24, 0x7fff, 0x8, 0x6, 0x203, 0x0, 0x0, 0x71c7, 0x964e, 0x2d5, 0x149, 0x4], [0x66ac, 0xfffffff9, 0x4, 0x10, 0x8e, 0x7, 0x13e, 0x4, 0x4, 0x2, 0x1000, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x2, 0x1, 0x40, 0x7ff, 0x7ff, 0x5, 0x9, 0xc00, 0x89, 0x7ff, 0x80000000, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x7, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x80, 0x6, 0xb, 0x4, 0x6, 0x2, 0x8d1, 0xfffffff7, 0xfffffffa, 0xe0, 0x6, 0x10001, 0x4, 0x401, 0xade, 0x7f, 0x9], [0x8396, 0xb, 0x7, 0x9, 0x8000, 0x1, 0x9, 0xe88, 0x8, 0x6, 0x81, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7, 0x3, 0x6, 0x5, 0x5, 0xc9, 0x2, 0x3, 0x0, 0x2, 0x2, 0xc, 0x5, 0xb0f, 0x1e, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xfffffff7, 0x4, 0x80000000, 0x464f, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0x101, 0xffffffff, 0x4, 0x10001, 0xd5d, 0xa0c787d, 0xffffff4e, 0x10001, 0x4, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x3], [0x10000010, 0x7, 0x9, 0x2, 0xa5e, 0x8000fe, 0xff, 0x58, 0x80000000, 0x0, 0xe, 0x7fff, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xdaa, 0x4, 0x3, 0x103, 0x6, 0x6, 0x6, 0x4000403, 0xffffffff, 0xfffffffb, 0x40, 0x80000000, 0x4, 0x7, 0xfff, 0x40, 0x9, 0x0, 0x9, 0x41, 0x0, 0x7, 0x8ac1, 0x3, 0x1, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0xfffff801, 0xffffffff, 0x380, 0xfffffff8, 0xd, 0x7, 0xd, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000800)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000080)={0x0, 0x1, 0xfffffffffffffffc, 0x7})
poll(0x0, 0x0, 0x5)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
close(r6)
connect$inet(0xffffffffffffffff, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)

37m55.695839099s ago: executing program 2 (id=761):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000cab000))
connect$802154_dgram(r1, &(0x7f00000003c0)={0x24, @none={0x0, 0xffff}}, 0x14)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
socket$inet6(0xa, 0x3, 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

37m52.851634503s ago: executing program 2 (id=774):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
pipe2(&(0x7f00000001c0), 0x4000)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r0, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r0, @ANYBLOB="4b76f3b6"], 0x40c}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000a40), 0x26, 0x775, &(0x7f0000000280)="$eJzs3M9rHGUfAPDvTLJJf+Tt5oUX3vf1IEILLZRukubSnhov3gqFgtcakkkImWRDdlOzsWDrWajNRUEQ9Sh68yqU+gd4k4KCd0G0xoN4WZnNJrUxSbdJk5X084HJPs+z88z3+80OT3YgMwG8sF4pfiQRAxFxLSLK7fE0IvparWMRt9f3W3t0a6LYkmg2r/+cFNNirVnePFbSfj0ZrSnxv4h4UIo4/87f49YaK7PjeZ4ttvtD9bmFoVpj5cLM3Ph0Np3Nj4xeHr40OnppePSpNfy3w1rPvH75+L1vXltd/fbL+t2Xey8kMdaqO9q1dXiYZ7L+OynF2Jbx+YMI1kVJtxMAAKAjxff8nojobX1LLUdPqwUAAAAcJc3+JgAAAHDkJdHtDAAAAICDtfF/ABv39h7UfbA7+enViBjcLn5v6x7iiGNRiogTa8kTdyYk69NgX27fiYj7Y1vPv0+LM+z2Po89vKX/5D3Sffs8Os/D/WL9Gdtu/Uk315/YZv3p3Xh2wj7tvP49jt+zw/p3rcMYX330/9KO8e9EvNS7XfxkM36yQ/w3Oox/d/Xde63GNlk0P4k4u+3fn+SJWLs8H2Jsaibf9fEDD/4493C3+k/sFD/Zvf6FDut/a+3X2Z3WkiL+udO7f/7bxS/OiffaeaQRca/9WvRXt8Q4Pffd17vVPxnR3Mvn/3GH9f/wef9yh7sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABASxoRA5Gklc12mlYqEScj4j9xIs2rtfr5qerS/GTxXsRglNKpmTwbjojyej8p+iOt9uP+xS390Yj49/fH14PO5FlloppPdrt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANp2MiIFI0kpEpBHxWzlNK5WI3g7m9h9CfgAAAMBzMtjtBAAAAIAD18H1f99h5AEAAAAcnOL6v2cP85IDyAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4sq5dvVpszbVHtyaK/uTNxtJs9eaFyaw2W5lbmqhMVBcXKtPV6nSeVSaqc087Xl6tLoxcjqXloXpWqw/VGis35qpL8/UbM3Pj09mNrHQoVQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCsBlpbklYiIm2107RSifhXRAxGKZmaybPhiDgVEQ/Lpf6iP9LtpAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjuao2V2fE8zxaPVmPsn5GGxt4an506smdmu/F2ROxp+sWBQ8qw2ysTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdUGuszI7nebZY63YmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdFf6YxIRxXa2fGZg67t9ye/l1mtEvPnh9feXx+v1xZFi/JfN8foH7fGL3cgfAAAAXghXnmXnjev0jet4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATtUaK7PjeZ4t7q9xJRorzeSvI8tfbO7T7RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9+TMAAP//fzTFrw==")
syz_emit_ethernet(0x8a, &(0x7f0000000440)={@broadcast, @empty, @val={@void, {0x8100, 0x3, 0x0, 0x3}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x3, "da6ca01020d5ff6edbf49de844407619298b6901b45ee03339c2df002553143e", "43930000c811720789fd0003f2ffffff", {"a076cb180632819ecc406a591986e233", "71a8d06c8b82dc3f7fe97431cb04cafa"}}}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2800c12, &(0x7f0000000000)={[{@usrquota}, {@acl}]}, 0xff, 0x261, &(0x7f0000000780)="$eJzs3T9oG1ccB/DfnaS6tkVx26VQ+gdKKa3BuFuhi7u0YCjGlFJoCy6ldGmxC65NN7tTlgzJGJLgKYsJ2eJkDF5MloRAJifR4CyBxGSIyZAEFKSzwH/k2LFkKeE+Hzjuzn73fu+4+z5Jw3EB5NZARIxERCEiBiOiFBHJ1gYfZ8vA5u5C78pERLX6w8Ok3i7bzzSO64+I+Yj4KiKW0yT+KkbMLv2y9nj1u8+Oz5Q+Pbf0c29HT3LT+lrl+42zY8cujn45e/3m/bEkRqK87bzaL2nyt2IS8c5RFHtFJMVuj4CDGP/vwq1a7t+NiE/q+S9FGtnFOzH9xnIpvjiz17EnH9x4v5NjBdqvWi3VPgPnq0DupBFRjiQdiohsO02HhrLv8LcLfenfU9P/Dv45NTP5R7dnKqB1bzY2Kt9e7rnUvyP/9wpZ/vfQ7Ocs8DrJUlz5cXzxTm1jo9DtAQEd8UG2KkdUBn+b+zzkH3JH/iG/5B/yS/4hv+Qf8kv+Ib/kH/JL/iG/5B/y69D5P/Xs6AYFdMTW/AMA+VLtOdRTw+1/EBnouG7PPwAAAAAAAAAAAAAAAAAAwG4LvSsTjaU9PRb3bXH1dMT6N1nT3fUL9fcRN95X3Pco2dZjcqAKL/brRy120KLzXX76+q273a1/7cPu1p+bjJj/PyKGi8Xd91+yef8d3tv7/L/0e4sFXtLOl3d//VNn6+/0dPHo+p49QJvR1YgrtflnuNn8k8Z79XXz+adcu34tjvGfJy12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMc8DwAA//8se25L")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(0xffffffffffffffff, 0x40082102, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
chdir(&(0x7f0000000240)='./file0\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20)
ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

37m49.770914456s ago: executing program 2 (id=777):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000294648a1d933c4", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x404, &(0x7f0000000380)={[{@init_itable}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5dd, &(0x7f0000001200)="$eJzs3c9vVNUeAPDvmf6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJo4ZqZzS6e90x/TH5f0fj7J0HPPmcs5l+Hbc+bMOXcCKK3B2h+ViIMRMZ0i+tP8YllnNAoHF5736M+PztceKarV135PkRp52fNT42df4+SeiPjxhxQHOlbWOzN34/L41NTk9cbx8OyV6eGZuRtHL10Zvzh5cfLq6Aujp06eOHlq5Fhb13UzJ+/s7Xff7/9k7M1vvvorjXz7y1iK0/Fy44lLr2OrDMZg/d8krSzqO7XVlRWko/H/ZOlLnDoLbBAbkr1+XRHxv+iPjnj84vXHx68U2jhgW1VTRBUoqST+oaSycUD23n75++BKIaMSYCc8PLMwAbAy/jsX5gajpz43sPdRiqXTOiki2puZa7YvIu7fG7t94d7Y7dimeTgg3/ytiPh/XvynevwPRE8M1OO/0hT/tXHBucbPWv6rbda/fKpY/MPOWYj/nlXjP1rE/1tL4v/tNusffJx8p7cp/nvbvSQAAAAAAAAorbtnIuL5vM//K4vrfyJn/U9fRJzegvoHlx2v/Py/8mALqgFyPDwT8VLu+t9Ktvp3IEv9q74eoCtduDQ1eSwi/h0RR6JrT+14ZJU6jn564MtWZYON9X/Zo1b//cZawEY7HnTuaT5nYnx2fLPXDUQ8vBXxVO7637TY/6ec/r/2+2B6nXUcePbOuVZla8c/sF2qX0cczu3/H9+1Iq1+f47h+nhgOBsVrPT0h59916r+duPfLSZg82r9/97V438gLb1fz8zG6zg+11ltVdbu+L87vV6/5Ux3I++D8dnZ6yMR3elsRy23KX90422G3SiLhyxeavF/5JnV5//yxv+9ETG/7O9OfzTvKc789+++X1u1x/gfilOL/4kN9f8bT4zeGfi+Vf3r6/9P1Pv6I40c83+w4IssTLub83PCsTOvaKfbCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7QSUi9kWqDC2mK5WhoYi+iPhP7K1MXZuZfe7CtfeuTtTK6t//X8m+6bd/4Thl3/8/sOR4dNnx8YjYHxGfd/TWj4fOX5uaKPriAQAAAAAAAAAAAAAAAAAA4AnR12L/f81vHUW3Dth2nUU3AChMTvz/VEQ7gJ2n/4fyEv9QXuIfykv8Q3mJfygv8Q/lJf6hvMQ/AAAAAADsKvsP3f05RcT8i731R013o6yr0JYB261SdAOAwrjFD5SXpT9QXt7jA2mN8p6WJ6115mqmz2/iZAAAAAAAAAAAAAAoncMH7f+HsrL/H8rL/n8or2z//6GC2wHsPO/xgVhjJ3/u/v81zwIAAAAAAAAAAAAAttLM3I3L41NTk9cl3ljnkzsi4klp8yYT1Wr1Zuyeyyk6kS2Ff1LasyyR7fVb31nF/U4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RMAAP//yhsjCA==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_WRITEPROTECT(r5, 0xc018aa06, &(0x7f0000000080)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x1})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x2)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0, <r9=>0x0}, &(0x7f0000000280)=0xc)
lchown(&(0x7f0000005580)='./file0\x00', r8, r9)

37m47.809172927s ago: executing program 2 (id=780):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=ANY=[], 0x30}, 0x800)
pivot_root(&(0x7f0000000580)='./cgroup.cpu/cpuset.cpus\x00', 0x0)
umount2(0x0, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r2], 0x48)
r5 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r5, 0x29, 0x2, &(0x7f0000000040)=0xffff, 0x4)
sendto$inet6(r5, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x4000, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYRES64=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r4}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r6}, 0x20)
getpid()
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x3}]}}}]}, 0x3c}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')

37m46.829281727s ago: executing program 2 (id=784):
io_setup(0x6, &(0x7f0000001380))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
syz_open_dev$usbfs(&(0x7f0000000300), 0x2, 0x393800)
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x18)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r6, 0x1)
bind$inet6(r6, &(0x7f0000000500)={0xa, 0x4e22, 0x9, @empty, 0x10}, 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
connect$inet6(r6, &(0x7f0000000440)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r7 = syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000280)='./file1\x00', 0x8, &(0x7f0000000080), 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r0)
sendmsg$TIPC_NL_LINK_GET(r0, 0x0, 0x0)
mount$incfs(0x0, &(0x7f0000000400)='./file1\x00', &(0x7f0000000380), 0x1a80941, 0x0)
readlinkat(r7, &(0x7f0000000340)='./file1\x00', &(0x7f0000000540)=""/220, 0xdc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

37m46.290812072s ago: executing program 34 (id=784):
io_setup(0x6, &(0x7f0000001380))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
syz_open_dev$usbfs(&(0x7f0000000300), 0x2, 0x393800)
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x18)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r6, 0x1)
bind$inet6(r6, &(0x7f0000000500)={0xa, 0x4e22, 0x9, @empty, 0x10}, 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
connect$inet6(r6, &(0x7f0000000440)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r7 = syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000280)='./file1\x00', 0x8, &(0x7f0000000080), 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r0)
sendmsg$TIPC_NL_LINK_GET(r0, 0x0, 0x0)
mount$incfs(0x0, &(0x7f0000000400)='./file1\x00', &(0x7f0000000380), 0x1a80941, 0x0)
readlinkat(r7, &(0x7f0000000340)='./file1\x00', &(0x7f0000000540)=""/220, 0xdc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

13m36.985137481s ago: executing program 4 (id=8383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2$9p(&(0x7f00000004c0), 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x10)

13m34.644790229s ago: executing program 4 (id=8388):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000004040)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000980)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x6, [@enum={0x3, 0x1, 0x0, 0xf, 0x4000000, [{}]}, @struct]}, {0x0, [0x0, 0x0, 0x2e, 0x25]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

13m34.208024385s ago: executing program 4 (id=8391):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r5 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c0)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x3a)

13m32.133414842s ago: executing program 4 (id=8395):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @long={0x3, 0x45efc01b74ad075b}}, 0x14)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000200)='./file1\x00', 0x30a0000, &(0x7f0000000140)={[{@noinit_itable}, {@dax_never}, {@errors_remount}, {@usrjquota}]}, 0x1, 0x526, &(0x7f0000001540)="$eJzs3e9rJGcdAPDvTHbT3F3qblXkLNgWW7kreruXhrZRpK0g+qqg1vdnTDYhZJM9spt6CUVT/AMEERX8A3wj+AcI0j9BhIK+FxVF9KovfKEdmd2JJtndZM2vvW4+H5jb55lnZr7PM5d9dn48zARwZT0TEa9FxFREPB8RlWJ+Wkz38sxeb7n3Hr61lE9JZNkbf00iKebtbyvPlyLiRm+VmImIr3054ptJf9z2zu76YrPZ2Cry9c7G/Xp7Z/fO2sbiamO1sTk/P/fSwssLLy7czQpnamc1Il754h9/+L2ffumVX37mW7+79+fb386r9fmPlaKo3tKZAgzR23a5uy/25fto6yKCjUnenvLUuGsBAMAo8mP8D0fEJ7vH/5WY6h7NAQAAAJMke3U2/pVEZAAAAMDESiNiNpK0VowFmI00rdV6Y3g/GtfTZqvd+fRKa3tzOS+LqEY5XVlrNu4WY4WrUU7y/FwxxnY//8KR/HxEPBERP6hc6+ZrS63m8rgvfgAAAMAVcePpw+f//6ik3TQAAAAwYapDMwAAAMCkcMoPAAAAk8/5PwAAAEy0r7z+ej5l++/xXn5zZ3u99ead5UZ7vbaxvVRbam3dr622WqvdZ/ZtnLS9Zms6Ija3H9Q7jXan3t7ZvbfR2t7s3Fs79ApsAAAA4BI98fQ7v00iYu9z17pTFM8BBDjkD+OuAHCepsZdAWBsSuOuADA25ROX0EPApEtOKO8fvNO7Vhi/upj6AAAA5+/Wx/vv/08XZSdfGwA+yIz1AYCrx909uLrKpx0BePO8awKMy4d6H48NKx/68I4R7v/3rjFk2akqBgAAnJvZ7pSkteI4fTbStFaLeLz7WoBysrLWbNwtzg9+Uyk/lufnumsmJ44ZBgAAAAAAAAAAAAAAAAAAAAAAAAB6siyJDAAAAJhoEemfku7T/CNuVZ6bPXx14Mhbv37yxo8eLHY6W3MR08nfKvms6Yjo/LiY/0LmlQAAAADwCOidpxefc+OuDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACT5r2Hby3tT5cZ9y9fiIjqoPilmOl+zkQ5Iq7/PYnSgfWSiJg6h/h7b0fEzUHxk3g/y7JqUYtB8a9dcPxqd9cMjp9GxI1ziA9X2Tt5//PaoO9fGs90Pwd//0rFdFbD+7/0v/3f1JD+5/Ej+WGefPfn9aHx3454sjS4/9mPn/TiHwqRZ54dsY3f+Pru7sCCA5scFP9grHpn4369vbN7Z21jcbWx2ticn597aeHlhRcX7tZX1pqN4t+BYb7/iV+8f1z7rw+JXz3c/r79/9xIrc/i3+8+ePiRXqY8KP7tZwf//t4cEj8tfvs+VaTz8lv76b1e+qCnfvbrp45r//KQ9s+c0P7bI7U/Pvv8V7/7+4ElfXsDALgM7Z3d9cVms7F1TGJmhGUuOfHq4KJk7BUbIVGJiP6iuLCg/8yy7FFp+9BE9p3e3+PZtnPG1fsS2VlWLw34X/6/E9N939OpOO0Gk4i9fFujrTXGTgkAALgQ/zvoP+4OEgAAAAAAAAAAAAAAAAAAAHCRTvlYspmIGHnhozH3xtNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBj/ScAAP//AujQew==")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00'})
socket$key(0xf, 0x3, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r6, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000880)={0x20, r7, 0x4f79951a91b7df8f, 0x70bd2c, 0x3, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4005}, 0x40000)

13m29.574082178s ago: executing program 4 (id=8400):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4008810}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000040), &(0x7f0000000080)=r5}, 0x20)
socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

13m28.295663502s ago: executing program 4 (id=8405):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
pivot_root(0x0, 0x0)
umount2(0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

13m13.237704346s ago: executing program 35 (id=8405):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
pivot_root(0x0, 0x0)
umount2(0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

9.240081104s ago: executing program 8 (id=12228):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)

9.218099756s ago: executing program 8 (id=12229):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x320)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESOCT=r0, @ANYBLOB])
llistxattr(&(0x7f0000000a00)='./file0\x00', 0x0, 0x0)

9.188310609s ago: executing program 8 (id=12230):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x1002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00'})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004a80)={0x14, 0x0, 0x301, 0x70bd28, 0x25dfdbfb, {0x1c}}, 0x14}}, 0x2404c816)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cc, 0x0)
r3 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_open_dev$char_usb(0xc, 0xb4, 0x2000000)
close_range(r0, 0xffffffffffffffff, 0x0)

5.282671004s ago: executing program 8 (id=12251):
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x27b8, 0x1ed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000480)={0x24, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x2, "438ba30b"}]}}, 0x0}, 0x0)

4.84051463s ago: executing program 7 (id=12260):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x49, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.742980738s ago: executing program 7 (id=12261):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000004300)="f465093edb43f9200b0a987d29cd1ab18f896ba9c7f9434216fa69ec1fc37cad813c459b27fb6cda8b255e91ee7c1622a521ccb5b1b52ab4e821596da72a0f0d90d93174d6b1af08c4457ba642185e87cef6c2829bccd7c2879ffc678b8c9d7d27e75dc4886bd87b9722e328c94ff18bcf53205fe2c884c56a93f87224ce021db37275e8ba14743f3d6e6bc0ff6468612ca50e82e1d1d1bd216e7613c42c18394b6129a77e78d29e57de5be998b50db8cc3fa43f978abca2a832cd9b4457f8fb0e06cffee59b33dbb2836bd93df0eabe483d71600f9088ff92a1ad059611792edee584c164331f02cd78ed2708e3c2ca5a06d6ace355344ada26b0a88582e9929ab95471d52ef32811e0bc6e75bea781f5370f1e60924695637f909587a23ef1d5489c6325467e59ba74cd18f9b7f946a479ac85bb7dad5cedd1ae3a54b4433b5bd391b06c77a33e30514a29948a5ff951ab9debaeb3b70a3daf51ffea1512922f5350526b1e2cb4c5dfc6f7ff1eb1920d7c119bc61fd4a24f67d08d632583c3018d86053dc90c71a37f7445d74f54a9a15a267d823bf942a5dbf02d4a8831a27b383a000b7ae36b341938ecbaf5b62a16381b2bd618f9cc6c16e54a24abc1c46d24a1c131b353a36b49b117dfb4482818e95489b5c41585aa8ba7f6b2b122664adb8a26309f4f3c2f6752711e81f97759878ccfc695c190861c2b2dbd2e1228910b3a726ff2792792007d6667b0e611ab39e9f876579a4309f2d6acd0b86ec7fcd82c862a229adb2abb5117e7e56de45aa60725135d4256bdf3657a67777fbf3bed66759f18f6f10ff58f747cdb553f9edfb3bff17eda41f7bc171eef4966545f5aea792ea8d4c214d52c7acc04c6a21c9bfd174cae6043af2ecce5bb7ccc33ce5318399633fa60c8adf9bf0a794729e4cd4337ba677ef493fded1b6fe75de583d3cffc2f3243be8721813346a910ff993ebad6cde23d6b0b3181c4795872dd1273fda496af9390ee503eaf9a163690178e838489b679bd3763bbd6e5e1d1fc9a8dd10f9d2a0353f315", 0x2ea}], 0x1}}], 0x1, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

3.492872198s ago: executing program 7 (id=12263):
r0 = socket$inet6(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x6, 0xfffffffe, 0x4, @private1, @private2, 0x1, 0x80, 0x2a, 0x4}})

3.10140501s ago: executing program 8 (id=12265):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28de, 0x1102, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xd0, 0x0, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x1, 0xf9, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x50}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.10081844s ago: executing program 7 (id=12266):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0xb, 0x3}, @fd={0x66642a85, 0x0, r1}, @flat=@weak_handle={0x77682a85, 0x1115}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000680)={0x4c, 0x0, &(0x7f00000006c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x1000000000000, 0x0})

3.031924265s ago: executing program 6 (id=12267):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
syz_pidfd_open(0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r1, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
writev(r0, &(0x7f0000000340)=[{&(0x7f0000000080)="5800000014001923f8834b80040d8c560a067f020000000000000000000058000b4824ca945f64009400ff032501", 0x2e}], 0x1)

3.031547566s ago: executing program 7 (id=12268):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd0001110004000000a60c6eec00be00442ffffe8000000000000000000000000000aaff020000000000000000000000000001042022eb"], 0xfdef)

2.873210068s ago: executing program 7 (id=12271):
r0 = syz_open_dev$hiddev(0x0, 0x9, 0x3a180)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x3e, 0x208604)
r2 = syz_usb_connect$cdc_ecm(0x0, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001020000402505a1a440000102030d0902"], 0x0)
syz_usb_disconnect(r2)
syz_usb_disconnect(r1)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$hiddev(r0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x0, 0x0, &(0x7f00000014c0)={0x0, 0x0, 0x5, &(0x7f00000012c0)={0x5, 0xf, 0x5}, 0x2, [{0x0, 0x0}, {0x0, 0x0}]})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r3, &(0x7f0000000480)=""/74, 0x4a)
syz_usb_disconnect(r2)

2.804095424s ago: executing program 6 (id=12272):
syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x90, &(0x7f0000000140)=ANY=[@ANYBLOB='showexec,shortname=winnt,shortname=lower,utf8=1,iocharset=cp865,shortname=win95,uni_xlate=1,shortname=win95,check=strict,shortname=winnt,utf8=0,iocharset=iso8859-5,codepage=874,shortname=mixed,shortname=win95,shortname=mixed,nonumtail=0,shortname=mixed,shortname=mixed,uni_xlate=1,rodir,nnonuni_xlate=1,shortname=win95,shortname=win95,utf8=0,nnonumtail=1,shortname=win95,shortname=win95,nnonumtail=1,uni_xlate=1,nfs=nostale_ro,\x00'/444], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
umount2(&(0x7f0000000000)='./file1\x00', 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

2.759846488s ago: executing program 5 (id=12274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000640)={&(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e, 0x0}, 0x0)

2.752368448s ago: executing program 5 (id=12275):
mkdir(0x0, 0x0)
pipe2$9p(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000740)={0x1f, @none}, 0x8)
listen(r1, 0x0)
accept4(r1, 0x0, 0x0, 0x80800)

2.433332264s ago: executing program 0 (id=12277):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x8b, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0xfffffff3, 0x9, 0x80, 0xfffffffe, 0x2000003, 0x7f, 0x6, 0x40, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x9, 0x3, 0x0, 0x5, 0x4, 0x8, 0x8, 0x3c5b, 0x1, 0x3, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe660, 0x4, 0x7, 0x101, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0xfffffff8, 0x7, 0x0, 0x0, 0xc, 0x3e, 0x8f, 0x6, 0x10000006, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x200006, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x134, 0x7ffe, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x0, 0x9, 0x6, 0x3, 0x1, 0x7, 0x5, 0x0, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x4009, 0x400, 0x5, 0x800, 0x5, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0x10a, 0x4, 0x9, 0x0, 0x800, 0x6, 0xb, 0x8000, 0x1, 0xfe000000, 0xff7f, 0x2, 0x207f, 0x9, 0x2, 0xffffffff, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x8000002], [0x400, 0x4, 0x0, 0x5, 0xfffffffe, 0x180, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x10001, 0x1ef, 0x5, 0x8, 0x83, 0x80000003, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800f38, 0x5, 0x20000004, 0x6d01, 0xa56a, 0x38, 0x800003, 0x101, 0x80, 0xf, 0x9, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0xfffffffe, 0x3, 0x7ff, 0x7ffffff9, 0x1, 0xfffffffd, 0xffff, 0x0, 0x1c, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x1, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1f6, 0x2, 0xf58, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7ffe, 0x8, 0x200a620, 0x4, 0x5, 0x1, 0x2, 0x800014c, 0x60a7, 0xe, 0x6, 0x2, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0xfffff000, 0xffff, 0x2, 0x7f, 0x100, 0x9602, 0x7, 0x2, 0x4, 0x6, 0x0, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x5, 0x7ff, 0x2, 0x6c1b, 0x0, 0x4, 0x100005, 0xa, 0x1, 0x40200, 0xffbf2441, 0xfff]}, 0x45c)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000600)=0xdfc, 0x10)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000380)="cebdd21fe03e57c125bd9c3965b579407c9962373117b122c45bf84c98a973ecb6b9ad663b6a07bdfb5c17a5a2cd48dc09da2f20c69872e6399874332704872ec2a432d22928522671038af0783ef06a2f8ef5bf4c1852cc25f1ab39b7c146d2cb25084504d5606202f98d0b03dc", 0x6e}, {&(0x7f0000000040)="dcf6c7a8594cbefed4f7b6af317a47ee47be6e2d4a61e5cc0a2a79081670698a39", 0x21}, {&(0x7f0000000580)="43b6624bcf70a4c826371a24e33c4d2bae5d7babbfb1ba2c6ecf970f9def87320ccb4fbbb31e12d8fd21d656ef864f17c24210eac6248dd40efb9b0ac8da179915840a5c9d2f213d47a7367669a3870626413286b92bd7b51f2b4f99eec1b6ff81751fb805f86ea434a7531f3c9878bdc2cadebaba4621", 0x77}, {&(0x7f00000002c0)="518d090c62a0a9a11ff26593bd52165b011c0e9f6c2c05550d880894aea3fd3718de3675e1f30ffff0ff511d8b6a90c94d442c509c6a01f65cad16374ea2e62749579d", 0x43}, {&(0x7f00000001c0)="9f189b8d5e6ee068cce816de05698d4fe01cdb8e875eefe3db5e153722b1745423f726b35f80b980f8a7e6cab9983bc947924f6d30813d0899d80c2cb6a3cb80a16f14c194157b98c823780ea180f5f304f5694e0b90569c14c118c5896396f9c79d867b5026d66ae9eda462f1233702f941cf239ec1bfe8c9ca3c5faa4c0efa368def9717a2da7e0cde5146db635972858964020d656353a476e01071bc9367c8ab8ee6b5ff6cd25be88a2326b81df502c8b117250afb4a1b9f205eac48359e3c4323ff3e32f2be7c235dfb3613995f704263f6085512d9e267d49f43cb", 0xde}, {&(0x7f00000008c0)="aa27de4a8cfe6fc7fd36ac634de0b7dce04f6ce3e3d452f1c75502b2cbb29fa999d2a372e83819556e792a18e17c128a1ee3a593fbac892cbb42575f483fe523c9abe644830816977ccba1f493bdfa33d63b1dbfd5dde8b03dfa6162f0849ad9823f4e302f12d77cefff93dae1d25662ce8cfe9cdf57a066565ea4a78f8b0e0379110f8d424740bb27839ccc87e687adf0d23ac64ce9c971e0d3eec711e7d49d051cb97526f79fe31b00421399b4101c763b33224a71d2e0b64c02374fc4f0ebc5fdb156e3b8716cba396ad951a983a24404dddcc37b8b5d32e138185df4c6326f8e9c5e4e5c2088c513", 0xea}, {&(0x7f00000009c0)="d650774632b71a34a88292fcf26ad63f611e11baa9b64a99773dd6fbfe12178987d7b005129705e9d23da9376d714ea8cadc0d1b4f2d7fc2e73242b432015e5e298fd6e2161beacaa75ecb41f6aa8cca9a50239a518873cc1eef5ffcc67226fd", 0x60}], 0x7}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000f00)='2', 0x1}], 0x1}}], 0x2, 0x40)

2.405867436s ago: executing program 0 (id=12278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
close(0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x1, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000380)={r1, &(0x7f0000000300), &(0x7f0000000340)=""/55}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

2.405237246s ago: executing program 0 (id=12279):
close(0x4)

2.343990261s ago: executing program 0 (id=12280):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)

1.896938667s ago: executing program 6 (id=12281):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd0001110004000000a60c6eec00be00442ffffe8000000000000000000000000000aaff020000000000000000000000000001042022eb"], 0xfdef)

1.847647411s ago: executing program 5 (id=12282):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
syz_pidfd_open(0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r1, 0x1000)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
writev(r0, &(0x7f0000000340)=[{&(0x7f0000000080)="5800000014001923f8834b80040d8c560a067f020000000000000000000058000b4824ca945f64009400ff032501", 0x2e}], 0x1)

992.5566ms ago: executing program 0 (id=12283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000008000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r2}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r3, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

992.34663ms ago: executing program 8 (id=12284):
syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc45, 0x760b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x100, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f9}}}}]}}]}}, 0x0)
syz_usb_connect$uac1(0x1, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$hidraw(&(0x7f0000000440), 0x243c2917, 0x14a042)
write$hidraw(r0, &(0x7f0000000040)='F', 0xfffffe41)
r1 = syz_open_dev$hidraw(&(0x7f0000002300), 0x243c2917, 0x14a042)
write$hidraw(r1, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000000), 0x5, 0x200)
write$hidraw(r1, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000002300), 0x243c2917, 0x160302)

886.328549ms ago: executing program 5 (id=12285):
preadv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000000140)=""/37, 0x25}, {0x0}], 0x2, 0x1, 0x1)

886.116699ms ago: executing program 6 (id=12286):
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x21c0, 0x103)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
lsetxattr$security_capability(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x1)

885.963729ms ago: executing program 0 (id=12287):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000001018610f4205ae06d6c010203010902240001010000000904690202ff5aa30009050402100000fa00090582e840000000"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x44, 0x0, &(0x7f0000000040)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

885.907979ms ago: executing program 5 (id=12288):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x0, 0x3, 0x1001, {0x6, 0x1}, {0x47, 0x2}, @const={0x4, {0x1000, 0x7f, 0x7, 0xc}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

869.22931ms ago: executing program 5 (id=12289):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b1a0100001000090455070103490200090582030004"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$printer(0x0, 0x0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f0000000140)=ANY=[@ANYBLOB="3900004ed13eeb00eda9a4e58c38180b002f49e1bd834f5028461f"])
r1 = syz_usb_connect(0x2, 0x24, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

47.458196ms ago: executing program 6 (id=12290):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x1, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x3, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x4, {{0x43, 0x2}, 0x4}}, 0x10, 0x0}, 0x0)

0s ago: executing program 6 (id=12291):
syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x90, &(0x7f0000000140)=ANY=[@ANYBLOB='showexec,shortname=winnt,shortname=lower,utf8=1,iocharset=cp865,shortname=win95,uni_xlate=1,shortname=win95,check=strict,shortname=winnt,utf8=0,iocharset=iso8859-5,codepage=874,shortname=mixed,shortname=win95,shortname=mixed,nonumtail=0,shortname=mixed,shortname=mixed,uni_xlate=1,rodir,nnonuni_xlate=1,shortname=win95,shortname=win95,utf8=0,nnonumtail=1,shortname=win95,shortname=win95,nnonumtail=1,uni_xlate=1,nfs=nostale_ro,\x00'/444], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

kernel console output (not intermixed with test programs):

639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5717a86b69 code=0x7ffc0000
[ 2601.083821][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2601.093421][   T24] audit: type=1326 audit(3372.475:28271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4312 comm="syz.8.11639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5717a86b69 code=0x7ffc0000
[ 2601.121154][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2601.141375][ T4333] overlayfs: failed to clone upperpath
[ 2601.207634][ T4335] overlayfs: failed to clone lowerpath
[ 2601.235402][ T4335] overlayfs: failed to clone upperpath
[ 2601.350734][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2601.411566][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2601.419941][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2601.429137][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2601.437731][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2601.446501][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2601.455349][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2601.474968][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2601.483212][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2601.497421][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2601.512674][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2601.528497][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2601.545151][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2601.572303][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2601.589789][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2601.605792][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2601.621628][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2601.638657][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2601.658367][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2601.688005][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2602.704503][ T4370] netlink: 'syz.5.11655': attribute type 2 has an invalid length.
[ 2604.618924][ T4385] overlayfs: failed to clone lowerpath
[ 2604.639111][ T4385] overlayfs: failed to clone upperpath
[ 2604.729891][ T4394] syz.7.11665[4394] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2604.729961][ T4394] syz.7.11665[4394] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2605.689469][ T4418] netlink: 'syz.6.11673': attribute type 2 has an invalid length.
[ 2605.908171][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2606.387980][   T24] kauditd_printk_skb: 128 callbacks suppressed
[ 2606.398917][   T24] audit: type=1326 audit(3378.175:28400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2606.460386][ T4414] overlayfs: failed to clone lowerpath
[ 2606.464621][   T24] audit: type=1326 audit(3378.185:28401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2606.719960][   T24] audit: type=1326 audit(3378.225:28402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.072922][   T24] audit: type=1326 audit(3378.245:28403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.101034][   T24] audit: type=1326 audit(3378.255:28404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.125736][   T24] audit: type=1326 audit(3378.255:28405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.150411][ T4435] syz.7.11679[4435] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2607.150505][ T4435] syz.7.11679[4435] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2607.162729][   T24] audit: type=1326 audit(3378.255:28406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.198554][   T24] audit: type=1326 audit(3378.255:28407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.267197][   T24] audit: type=1326 audit(3378.255:28408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.290727][   T24] audit: type=1326 audit(3378.255:28409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4426 comm="syz.7.11676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2607.614561][ T4440] overlayfs: failed to clone upperpath
[ 2607.666505][ T4446] overlayfs: failed to clone lowerpath
[ 2607.816309][ T4436] overlayfs: failed to clone upperpath
[ 2607.829019][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2608.469038][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2608.732054][ T4461] netlink: 'syz.6.11686': attribute type 27 has an invalid length.
[ 2608.808929][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2608.857012][ T4461] device veth0_vlan left promiscuous mode
[ 2608.865049][ T4461] device veth0_vlan entered promiscuous mode
[ 2608.907663][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2608.919139][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2608.931621][ T4472] syz.5.11690[4472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2608.931689][ T4472] syz.5.11690[4472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2608.952724][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2609.260650][ T4475] netlink: 'syz.0.11689': attribute type 2 has an invalid length.
[ 2609.490747][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2609.607052][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2610.043880][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2610.052407][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2610.061551][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2610.112442][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2610.133699][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2610.143224][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2610.182177][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2610.190974][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2610.218609][  T283] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2610.232272][  T283] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2610.241065][ T4485] netlink: 'syz.6.11695': attribute type 6 has an invalid length.
[ 2610.248958][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2610.564279][ T4486] overlayfs: failed to clone upperpath
[ 2610.609988][ T4501] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2610.628417][ T4505] syz.5.11702[4505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2610.628500][ T4505] syz.5.11702[4505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2610.676932][ T4511] netlink: 'syz.5.11706': attribute type 27 has an invalid length.
[ 2610.718168][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2610.849256][ T4516] netlink: 'syz.6.11704': attribute type 2 has an invalid length.
[ 2611.108213][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2611.778603][   T24] kauditd_printk_skb: 118 callbacks suppressed
[ 2611.778616][   T24] audit: type=1326 audit(3383.565:28528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.7.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2611.840660][   T24] audit: type=1326 audit(3383.575:28529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.7.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2611.875609][   T24] audit: type=1326 audit(3383.575:28530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.7.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2611.915279][   T24] audit: type=1326 audit(3383.575:28531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.7.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2611.946136][   T24] audit: type=1326 audit(3383.575:28532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4512 comm="syz.7.11707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2612.666834][   T24] audit: type=1326 audit(3383.845:28533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4510 comm="syz.5.11706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2612.672230][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[ 2612.699805][ T4532] netlink: 316 bytes leftover after parsing attributes in process `syz.6.11711'.
[ 2612.712078][   T24] audit: type=1326 audit(3384.455:28534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4510 comm="syz.5.11706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2612.762553][ T4515] device veth0_vlan left promiscuous mode
[ 2612.769522][ T4515] device veth0_vlan entered promiscuous mode
[ 2612.770976][ T4540] syz.7.11715[4540] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2612.775620][ T4540] syz.7.11715[4540] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2612.850527][   T24] audit: type=1326 audit(3384.615:28535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.7.11720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2612.887483][   T24] audit: type=1326 audit(3384.615:28536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.7.11720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2612.920047][   T24] audit: type=1326 audit(3384.615:28537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.7.11720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f23b2a46b69 code=0x7ffc0000
[ 2612.945041][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2612.970687][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2612.988638][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2613.007685][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2613.021684][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2613.040386][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2613.063384][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2613.082219][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2613.098623][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2613.117288][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2613.137495][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2613.157850][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2613.165862][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2613.185900][T26063] ip6_tunnel: K xmit: Local address not yet configured!
[ 2613.199688][T26063] ip6_tunnel: K xmit: Local address not yet configured!
[ 2613.208172][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2613.223725][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2613.588257][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2613.688200][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2613.817038][ T4579] syz.7.11731[4579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2613.817103][ T4579] syz.7.11731[4579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2614.007552][ T4590] netlink: 96 bytes leftover after parsing attributes in process `syz.5.11735'.
[ 2614.068582][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2614.148225][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2614.527172][ T4601] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2614.622190][ T4607] syz.0.11743[4607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2614.622257][ T4607] syz.0.11743[4607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2614.737356][ T4617] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11740'.
[ 2615.618976][ T4638] syz.6.11756[4638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2615.619045][ T4638] syz.6.11756[4638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2615.720316][ T4654] netlink: 'syz.5.11762': attribute type 27 has an invalid length.
[ 2615.906067][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[ 2615.944923][ T4656] device veth0_vlan left promiscuous mode
[ 2615.959175][ T4656] device veth0_vlan entered promiscuous mode
[ 2616.000183][ T4659] overlayfs: failed to clone lowerpath
[ 2616.019661][ T4659] overlayfs: failed to clone upperpath
[ 2616.021280][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2616.042047][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2616.063234][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2616.077613][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2616.091827][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2616.105699][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2616.119629][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2616.133469][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2616.149671][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2616.164751][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2616.180238][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2616.195133][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2616.211696][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2616.226600][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2616.242504][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2616.257386][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2616.272827][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2616.281579][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2616.290239][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2616.299721][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2616.310370][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2616.318688][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2616.327109][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2616.340301][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): ÿÿÿÿÿÿ: link becomes ready
[ 2616.353646][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[ 2616.367502][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2616.384416][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[ 2616.397159][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2616.413633][T29235] ip6_tunnel: K xmit: Local address not yet configured!
[ 2616.428395][T29235] ip6_tunnel: K xmit: Local address not yet configured!
[ 2616.448178][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2616.458737][ T4661] netlink: 96 bytes leftover after parsing attributes in process `syz.0.11763'.
[ 2616.510340][ T4663] netlink: 'syz.0.11764': attribute type 27 has an invalid length.
[ 2616.528191][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2616.618293][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2616.699090][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2616.861602][   T24] kauditd_printk_skb: 130 callbacks suppressed
[ 2616.861617][   T24] audit: type=1326 audit(3388.655:28668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4673 comm="syz.6.11767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2616.900429][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2616.904588][   T24] audit: type=1326 audit(3388.665:28669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2616.944428][ T4681] syz.8.11769[4681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2616.944524][ T4681] syz.8.11769[4681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2616.956394][   T24] audit: type=1326 audit(3388.665:28670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2616.962588][ T4667] device veth0_vlan left promiscuous mode
[ 2616.978451][   T24] audit: type=1326 audit(3388.665:28671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2616.992940][ T4667] device veth0_vlan entered promiscuous mode
[ 2617.020553][   T24] audit: type=1326 audit(3388.665:28672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.028597][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2617.050408][   T24] audit: type=1326 audit(3388.665:28673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.080829][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2617.081221][   T24] audit: type=1326 audit(3388.665:28674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.094034][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2617.119362][   T24] audit: type=1326 audit(3388.665:28675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.148459][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2617.158275][   T24] audit: type=1326 audit(3388.665:28676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.234576][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2617.247565][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2617.255756][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2617.263609][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2617.271330][   T24] audit: type=1326 audit(3388.665:28677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4662 comm="syz.0.11764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2617.429675][ T4693] netlink: 16 bytes leftover after parsing attributes in process `syz.7.11771'.
[ 2617.559896][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2617.578617][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2617.591723][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2617.601182][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2617.609978][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2617.618698][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2617.627538][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2617.636705][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2617.645374][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2617.653861][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2617.662583][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2617.671763][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2617.680181][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2617.687741][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2617.696673][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2617.704923][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2617.713299][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2617.731076][ T4697] ªªªªªª: renamed from vlan0
[ 2617.737004][ T4698] netlink: 96 bytes leftover after parsing attributes in process `syz.6.11775'.
[ 2617.746435][T26074] ip6_tunnel: K xmit: Local address not yet configured!
[ 2617.754333][T26074] ip6_tunnel: K xmit: Local address not yet configured!
[ 2617.768183][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2617.808181][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2617.948161][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 2618.884562][ T4730] syz.8.11787[4730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2618.884633][ T4730] syz.8.11787[4730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2619.067323][ T4730] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 2619.212184][ T4751] netlink: 'syz.0.11794': attribute type 27 has an invalid length.
[ 2619.417263][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2619.464263][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2619.484541][ T4761] device veth0_vlan left promiscuous mode
[ 2619.510311][ T4761] device veth0_vlan entered promiscuous mode
[ 2619.530302][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2619.547680][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2619.555629][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2619.569610][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2619.890020][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2619.900556][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2619.917027][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2619.944140][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2619.963229][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2619.978370][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2619.987282][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2619.999661][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2620.008708][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2620.017431][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2620.071626][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2620.080832][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2620.088966][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2620.096894][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2620.105002][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[ 2620.112789][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): ªªªªªª: link becomes ready
[ 2620.128323][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2620.620988][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2620.635387][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2620.648853][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth6: link becomes ready
[ 2620.666962][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 2620.936666][ T4809] syz.8.11820[4809] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2620.936734][ T4809] syz.8.11820[4809] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2621.090598][ T4812] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 2621.346729][ T4817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2621.359974][ T4817] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2621.367927][ T4817] device bridge_slave_0 entered promiscuous mode
[ 2621.375703][ T4817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2621.383034][ T4817] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2621.391293][ T4817] device bridge_slave_1 entered promiscuous mode
[ 2621.399176][ T4828] netlink: 'syz.8.11826': attribute type 27 has an invalid length.
[ 2621.418466][ T4828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2621.425755][ T4828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2621.433380][    C0] ip6_tnl_xmit_ctl: 4 callbacks suppressed
[ 2621.433388][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2621.510665][ T4833] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2621.582488][ T4830] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2621.589641][ T4830] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2621.598162][ T4830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2621.605223][ T4830] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2621.624096][ T4830] device veth0_vlan left promiscuous mode
[ 2621.641165][ T4830] device veth0_vlan entered promiscuous mode
[ 2621.655230][ T4830] device veth1_macvtap left promiscuous mode
[ 2621.668250][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2621.671197][ T4830] device veth1_macvtap entered promiscuous mode
[ 2621.710553][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2621.771392][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2621.863845][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2621.881057][   T24] kauditd_printk_skb: 261 callbacks suppressed
[ 2621.881070][   T24] audit: type=1326 audit(3393.675:28939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2621.910495][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2621.928666][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2621.938477][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2621.958526][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2621.959737][   T24] audit: type=1326 audit(3393.705:28940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2621.966749][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2621.998446][   T24] audit: type=1326 audit(3393.705:28941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.022107][   T24] audit: type=1326 audit(3393.705:28942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.022171][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2622.045591][   T24] audit: type=1326 audit(3393.705:28943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.077792][   T24] audit: type=1326 audit(3393.705:28944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.078832][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2622.101494][   T24] audit: type=1326 audit(3393.705:28945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.133202][   T24] audit: type=1326 audit(3393.705:28946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.6.11828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ac01d3b69 code=0x7ffc0000
[ 2622.138649][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2622.165359][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2622.173962][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2622.182492][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2622.190792][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2622.210136][ T4835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11827'.
[ 2622.233893][  T642] tipc: Disabling bearer <udp:s>
[ 2622.239194][  T642] tipc: Left network mode
[ 2622.280205][ T4817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2622.287303][ T4817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2622.294648][ T4817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2622.301934][ T4817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2622.325067][   T24] audit: type=1326 audit(3394.115:28947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.0.11831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2622.366085][T20227] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2622.369385][   T24] audit: type=1326 audit(3394.145:28948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.0.11831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd4d3cf7b69 code=0x7ffc0000
[ 2622.396589][T20227] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2622.429909][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2622.437898][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2622.460834][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2622.469992][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2622.478764][T20227] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2622.485871][T20227] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2622.494384][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2622.503385][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2622.511993][T20227] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2622.519092][T20227] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2622.537189][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2622.546579][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2622.554613][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2622.564687][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2622.573207][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2622.590381][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2622.599936][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2622.616098][ T4817] device veth0_vlan entered promiscuous mode
[ 2622.623088][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2622.636267][ T4852] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2622.643673][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2622.652301][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2622.660283][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2622.700440][ T4817] device veth1_macvtap entered promiscuous mode
[ 2622.707759][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2622.716450][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2622.725062][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2622.736712][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2622.745760][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2622.796710][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2622.849938][T20227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2622.949185][ T4854] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11834'.
[ 2623.119789][  T642] device bridge_slave_0 left promiscuous mode
[ 2623.125997][  T642] device veth1_macvtap left promiscuous mode
[ 2625.028217][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2628.948271][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2634.068768][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2639.188418][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2640.408326][ T4861] netlink: 'syz.5.11836': attribute type 27 has an invalid length.
[ 2640.418265][   T24] kauditd_printk_skb: 19 callbacks suppressed
[ 2640.418279][   T24] audit: type=1326 audit(3412.185:28968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.495036][   T24] audit: type=1326 audit(3412.185:28969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.518614][   T24] audit: type=1326 audit(3412.185:28970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.542666][   T24] audit: type=1326 audit(3412.185:28971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.606020][ T4877] overlayfs: failed to clone lowerpath
[ 2640.606486][   T24] audit: type=1326 audit(3412.185:28972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.645645][ T4877] overlayfs: failed to clone upperpath
[ 2640.647965][   T24] audit: type=1326 audit(3412.185:28973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.700609][   T24] audit: type=1326 audit(3412.185:28974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.754740][ T4870] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[ 2640.762560][   T24] audit: type=1326 audit(3412.185:28975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.799795][ T4870] device veth0_vlan left promiscuous mode
[ 2640.806334][ T4870] device veth0_vlan entered promiscuous mode
[ 2640.812709][   T24] audit: type=1326 audit(3412.195:28976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.852119][   T24] audit: type=1326 audit(3412.195:28977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4860 comm="syz.5.11836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d1ee90b69 code=0x7ffc0000
[ 2640.856859][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2640.902990][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2640.936232][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2640.945750][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2640.981323][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2640.990505][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2641.012137][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2641.021966][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2641.030611][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2641.052993][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2641.061989][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2641.070770][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[ 2641.079271][  T642] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[ 2641.088668][T29235] ip6_tunnel: K xmit: Local address not yet configured!
[ 2641.096011][T29235] ip6_tunnel: K xmit: Local address not yet configured!
[ 2641.110320][T20227] tipc: Disabling bearer <udp:syz2>
[ 2641.118130][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2641.165762][T20227] tipc: Left network mode
[ 2641.718573][ T4873] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2641.774827][ T4873] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2641.988440][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2642.148144][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2642.329594][ T4873] device bridge_slave_0 entered promiscuous mode
[ 2642.336857][ T4873] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2642.350830][ T4873] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2642.359993][ T4873] device bridge_slave_1 entered promiscuous mode
[ 2642.870344][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2642.880232][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2642.913553][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2642.925454][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2642.934988][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2642.942138][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2642.951026][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2642.959561][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2642.967904][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2642.974991][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2642.982758][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2642.991258][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2643.016487][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2643.037338][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2643.050499][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2643.059226][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2643.068401][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2643.146454][ T4873] device veth0_vlan entered promiscuous mode
[ 2643.182505][ T4936] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2643.184402][ T4873] device veth1_macvtap entered promiscuous mode
[ 2643.204348][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2643.300119][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2643.322948][T20227] device veth0_vlan left promiscuous mode
[ 2643.708389][ T4945] overlayfs: failed to clone lowerpath
[ 2643.758251][ T4945] overlayfs: failed to clone upperpath
[ 2644.119953][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2644.128791][ T4942] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11863'.
[ 2644.459261][ T4974] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11835'.
[ 2644.666779][ T4973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2644.674035][ T4973] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2644.681654][ T4973] device bridge_slave_0 entered promiscuous mode
[ 2644.689176][ T4973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2644.696291][ T4973] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2644.704323][ T4973] device bridge_slave_1 entered promiscuous mode
[ 2644.749777][ T4973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2644.757198][ T4973] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2644.764710][ T4973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2644.772021][ T4973] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2644.792014][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2644.799896][T27819] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2644.807528][T27819] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2644.823921][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2644.832517][T27819] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2644.839697][T27819] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2644.847333][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2644.855950][T27819] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2644.862994][T27819] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2644.873764][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2644.888109][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2644.917366][ T4973] device veth0_vlan entered promiscuous mode
[ 2644.928730][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2644.937778][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2644.948511][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 2644.951009][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2644.963372][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2644.981395][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2644.994181][ T4973] device veth1_macvtap entered promiscuous mode
[ 2645.007042][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2645.020873][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2645.413098][ T5017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2645.420660][ T5017] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2645.433384][ T5017] device bridge_slave_0 entered promiscuous mode
[ 2645.441397][ T5017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2645.448887][ T5017] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2645.456670][ T5017] device bridge_slave_1 entered promiscuous mode
[ 2645.512653][ T5017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2645.519788][ T5017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2645.527449][ T5017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2645.534527][ T5017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2645.560408][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2645.569051][T27819] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2645.576460][T27819] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2645.587479][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2645.596335][T27819] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2645.603430][T27819] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2645.612708][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2645.621095][T27819] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2645.628489][T27819] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2645.643574][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2645.653388][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2645.672010][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2645.686502][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2645.695237][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2645.703027][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2645.712507][ T5017] device veth0_vlan entered promiscuous mode
[ 2645.725730][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2645.735838][ T5017] device veth1_macvtap entered promiscuous mode
[ 2645.746975][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2645.759443][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2645.854233][ T5031] syz.7.11894[5031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2645.854302][ T5031] syz.7.11894[5031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2645.867501][   T24] kauditd_printk_skb: 192 callbacks suppressed
[ 2645.867515][   T24] audit: type=1326 audit(3417.655:29170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2645.917329][   T24] audit: type=1326 audit(3417.655:29171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2645.921236][ T5028] netlink: 'syz.8.11892': attribute type 27 has an invalid length.
[ 2645.947269][   T24] audit: type=1326 audit(3417.705:29172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2645.959488][ T5033] syz.7.11895[5033] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2645.972532][ T5033] syz.7.11895[5033] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2645.985832][   T24] audit: type=1326 audit(3417.705:29173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2646.021083][   T24] audit: type=1326 audit(3417.705:29174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2646.054060][ T5028] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2646.057027][   T24] audit: type=1326 audit(3417.705:29175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2646.061317][ T5028] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2646.103648][   T24] audit: type=1326 audit(3417.705:29176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2646.830940][   T24] audit: type=1326 audit(3417.705:29177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2647.050344][ T5034] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2647.057631][ T5034] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2647.066334][   T24] audit: type=1326 audit(3417.705:29178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2647.173175][ T5052] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2647.389031][   T24] audit: type=1326 audit(3417.705:29179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5026 comm="syz.8.11892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2647.449971][ T5034] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2647.457249][ T5034] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2647.499583][ T5048] EXT4-fs (loop0): Ignoring removed bh option
[ 2647.567746][ T5048] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000005,bh,init_itable,
[ 2647.655534][ T5034] device veth0_vlan left promiscuous mode
[ 2647.767588][ T5034] device veth0_vlan entered promiscuous mode
[ 2647.813911][ T5034] device veth1_macvtap left promiscuous mode
[ 2647.855700][ T5034] device veth1_macvtap entered promiscuous mode
[ 2647.897991][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2647.941012][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2647.994818][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2648.105731][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2648.184692][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2648.287666][ T4873] EXT4-fs error (device loop0): ext4_read_inline_dir:1596: inode #12: block 7: comm syz-executor: path /6/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[ 2648.318622][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2648.327177][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2648.334007][ T4873] EXT4-fs (loop0): Remounting filesystem read-only
[ 2648.335523][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2648.350111][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2648.350242][ T4873] EXT4-fs error (device loop0): ext4_read_inline_dir:1596: inode #12: block 7: comm syz-executor: path /6/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[ 2648.359256][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2648.389399][ T5049] EXT4-fs error (device loop7): ext4_acquire_dquot:6226: comm syz.7.11897: Failed to acquire dquot type 0
[ 2648.405157][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2648.416169][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2648.425920][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2648.435534][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2648.445086][T27819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2648.581243][ T5049] EXT4-fs error (device loop7): mb_free_blocks:1524: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[ 2648.595879][ T5049] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2648.604965][ T5049] EXT4-fs error (device loop7): ext4_dirty_inode:6143: inode #13: comm syz.7.11897: mark_inode_dirty error
[ 2648.616668][ T5049] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2648.651720][ T5049] EXT4-fs error (device loop7): __ext4_ext_dirty:182: inode #13: comm syz.7.11897: mark_inode_dirty error
[ 2648.663678][ T5049] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2648.672797][ T5049] EXT4-fs error (device loop7) in ext4_orphan_del:3292: error 27
[ 2648.681268][ T5049] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2648.689700][ T5049] EXT4-fs error (device loop7): ext4_truncate:4390: inode #13: comm syz.7.11897: mark_inode_dirty error
[ 2648.701227][ T5049] EXT4-fs error (device loop7) in ext4_orphan_cleanup:3108: error 27
[ 2648.710303][ T5049] EXT4-fs (loop7): 1 truncate cleaned up
[ 2648.716146][ T5049] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2648.858328][ T5044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2648.865398][ T5044] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2648.873876][ T5044] device bridge_slave_0 entered promiscuous mode
[ 2648.881415][ T5044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2648.888718][ T5044] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2648.896402][ T5044] device bridge_slave_1 entered promiscuous mode
[ 2648.982549][ T5076] syz.8.11906[5076] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2648.982617][ T5076] syz.8.11906[5076] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2649.049771][T20227] device bridge_slave_1 left promiscuous mode
[ 2649.108655][T20227] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2649.276696][T20227] device bridge_slave_0 left promiscuous mode
[ 2649.465204][T20227] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2649.566326][T20227] device veth1_macvtap left promiscuous mode
[ 2649.626533][T20227] device veth0_vlan left promiscuous mode
[ 2650.079433][ T5113] syz.6.11918[5113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2650.079526][ T5113] syz.6.11918[5113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2650.099466][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2650.135544][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2650.164488][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2650.174302][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2650.183409][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2650.190490][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2650.199526][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2650.208715][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2650.217306][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2650.224376][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2650.246074][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2650.546127][ T5121] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.11920: inode #1: comm syz.7.11920: iget: illegal inode #
[ 2650.560248][ T5121] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.11920: error while reading EA inode 1 err=-117
[ 2650.573574][ T5121] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.11920: inode #1: comm syz.7.11920: iget: illegal inode #
[ 2650.587596][ T5121] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.11920: error while reading EA inode 1 err=-117
[ 2650.600931][ T5121] EXT4-fs (loop7): 1 orphan inode deleted
[ 2650.606695][ T5121] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue
[ 2651.339108][ T5044] device veth0_vlan entered promiscuous mode
[ 2651.352238][ T5044] device veth1_macvtap entered promiscuous mode
[ 2651.593037][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2651.983025][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2651.995780][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2652.004219][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2652.012391][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2652.036084][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2652.047542][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2652.056002][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2652.064742][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2652.073431][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2652.088565][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2652.097856][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2652.105750][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2652.126762][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2652.135449][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2652.143995][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2652.153362][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2652.232948][T20227] tipc: Disabling bearer <udp:syz2>
[ 2652.243236][T20227] tipc: Left network mode
[ 2652.367824][   T24] kauditd_printk_skb: 95 callbacks suppressed
[ 2652.367837][   T24] audit: type=1326 audit(3424.155:29273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2652.507722][   T24] audit: type=1326 audit(3424.155:29274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2652.678672][   T24] audit: type=1326 audit(3424.155:29275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2652.772848][   T24] audit: type=1326 audit(3424.155:29276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2653.311590][   T24] audit: type=1326 audit(3424.155:29277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2653.406126][ T5156] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[ 2653.780019][ T5166] syz.0.11930[5166] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2653.781142][ T5166] syz.0.11930[5166] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2653.797093][   T24] audit: type=1326 audit(3424.155:29278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2654.050518][ T5155] Quota error (device loop7): find_tree_dqentry: Getting block too big (64 >= 6)
[ 2654.059756][ T5155] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 2654.060115][T20227] device veth0_vlan left promiscuous mode
[ 2654.069693][ T5155] EXT4-fs error (device loop7): ext4_acquire_dquot:6226: comm syz.7.11926: Failed to acquire dquot type 0
[ 2654.087455][ T5155] EXT4-fs error (device loop7): mb_free_blocks:1524: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[ 2654.102131][ T5155] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2654.104593][ T5169] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2654.111755][   T24] audit: type=1326 audit(3424.155:29279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2654.140769][ T5155] EXT4-fs error (device loop7): ext4_dirty_inode:6143: inode #13: comm syz.7.11926: mark_inode_dirty error
[ 2654.158202][   T24] audit: type=1326 audit(3424.155:29280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.8.11927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90c2182b69 code=0x7ffc0000
[ 2654.181348][ T5155] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2654.189964][ T5155] EXT4-fs error (device loop7): __ext4_ext_dirty:182: inode #13: comm syz.7.11926: mark_inode_dirty error
[ 2654.238661][ T5155] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2654.247115][ T5155] EXT4-fs error (device loop7) in ext4_orphan_del:3292: error 27
[ 2654.255410][ T5155] EXT4-fs error (device loop7) in ext4_do_update_inode:5336: error 27
[ 2654.264023][ T5155] EXT4-fs error (device loop7): ext4_truncate:4390: inode #13: comm syz.7.11926: mark_inode_dirty error
[ 2654.275513][ T5155] EXT4-fs error (device loop7) in ext4_orphan_cleanup:3108: error 27
[ 2654.284662][ T5155] EXT4-fs (loop7): 1 truncate cleaned up
[ 2654.291270][ T5155] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2654.785095][ T5179] tmpfs: Unknown parameter 'grpquota,9'
[ 2655.088195][T27579] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[ 2655.115783][ T5180] EXT4-fs error (device loop8): ext4_acquire_dquot:6226: comm syz.8.11933: Failed to acquire dquot type 0
[ 2655.127868][ T5180] EXT4-fs error (device loop8): mb_free_blocks:1524: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[ 2655.142492][ T5180] EXT4-fs error (device loop8) in ext4_do_update_inode:5336: error 27
[ 2655.158260][ T5180] EXT4-fs error (device loop8): ext4_dirty_inode:6143: inode #13: comm syz.8.11933: mark_inode_dirty error
[ 2655.170027][ T5180] EXT4-fs error (device loop8) in ext4_do_update_inode:5336: error 27
[ 2655.178638][ T5180] EXT4-fs error (device loop8): __ext4_ext_dirty:182: inode #13: comm syz.8.11933: mark_inode_dirty error
[ 2655.192428][ T5180] EXT4-fs error (device loop8) in ext4_do_update_inode:5336: error 27
[ 2655.200955][ T5180] EXT4-fs error (device loop8) in ext4_orphan_del:3292: error 27
[ 2655.208951][ T5180] EXT4-fs error (device loop8) in ext4_do_update_inode:5336: error 27
[ 2655.217287][ T5180] EXT4-fs error (device loop8): ext4_truncate:4390: inode #13: comm syz.8.11933: mark_inode_dirty error
[ 2655.229460][ T5180] EXT4-fs error (device loop8) in ext4_orphan_cleanup:3108: error 27
[ 2655.248585][ T5180] EXT4-fs (loop8): 1 truncate cleaned up
[ 2655.254289][ T5180] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[ 2655.378295][ T5171] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11931'.
[ 2655.402066][ T5184] netlink: 'syz.5.11935': attribute type 27 has an invalid length.
[ 2655.463915][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2655.471317][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2655.488277][T27579] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 2655.529407][ T5192] fuse: Unknown parameter 'euid<00000000000000000000'
[ 2655.602179][T27579] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 2655.612026][T27579] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2655.624960][T27579] usb 8-1: config 0 descriptor??
[ 2655.642945][ T5194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.11936: inode #1: comm syz.0.11936: iget: illegal inode #
[ 2655.658282][ T5179] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2655.672352][ T5185] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2655.679544][ T5185] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2655.761554][ T5194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.11936: error while reading EA inode 1 err=-117
[ 2655.865703][ T5185] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2655.872926][ T5185] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2655.901938][ T5194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.11936: inode #1: comm syz.0.11936: iget: illegal inode #
[ 2655.940993][ T5194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.11936: error while reading EA inode 1 err=-117
[ 2655.959473][ T5185] device veth0_vlan left promiscuous mode
[ 2655.965638][ T5194] EXT4-fs (loop0): 1 orphan inode deleted
[ 2655.972155][ T5194] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue
[ 2656.000629][ T5185] device veth0_vlan entered promiscuous mode
[ 2656.051954][ T5185] device veth1_macvtap left promiscuous mode
[ 2656.059756][ T5185] device veth1_macvtap entered promiscuous mode
[ 2656.066746][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2656.074793][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2656.088539][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2656.103543][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2656.126007][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2656.234336][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2656.334259][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2656.362527][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2656.370940][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2656.379479][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2656.387770][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2656.396581][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2656.405313][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2656.413800][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2656.417441][ T5194] netlink: 'syz.0.11936': attribute type 2 has an invalid length.
[ 2656.422268][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2656.438830][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2656.447235][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2656.455676][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2656.464038][T14847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2656.474608][ T5199] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11938'.
[ 2656.628129][T27579] usbhid 8-1:0.0: can't add hid device: -71
[ 2656.634337][T27579] usbhid: probe of 8-1:0.0 failed with error -71
[ 2656.649163][T27579] usb 8-1: USB disconnect, device number 4
[ 2656.898481][ T5224] netlink: 220 bytes leftover after parsing attributes in process `syz.8.11945'.
[ 2657.092799][ T5232] tipc: Started in network mode
[ 2657.110411][ T5232] tipc: Own node identity 7e312e073a78, cluster identity 4711
[ 2657.168250][ T5232] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2657.180805][ T5236] device syzkaller0 entered promiscuous mode
[ 2657.201995][ T5232] tipc: Resetting bearer <eth:syzkaller0>
[ 2657.232659][ T5231] tipc: Resetting bearer <eth:syzkaller0>
[ 2657.247787][ T5231] tipc: Disabling bearer <eth:syzkaller0>
[ 2657.470724][ T5251] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2657.514779][ T5251] device syzkaller0 entered promiscuous mode
[ 2657.516511][   T24] kauditd_printk_skb: 93 callbacks suppressed
[ 2657.516525][   T24] audit: type=1400 audit(3429.305:29372): avc:  denied  { connect } for  pid=5255 comm="syz.7.11961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2657.529600][ T5251] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 2657.588639][   T24] audit: type=1400 audit(3429.345:29373): avc:  denied  { ioctl } for  pid=5255 comm="syz.7.11961" path="socket:[113504]" dev="sockfs" ino=113504 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2657.648125][   T24] audit: type=1400 audit(3429.375:29374): avc:  denied  { name_bind } for  pid=5260 comm="syz.8.11963" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[ 2657.653882][ T5251] tipc: Resetting bearer <eth:syzkaller0>
[ 2657.768964][ T5277] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2657.776244][ T5277] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2657.815328][   T24] audit: type=1400 audit(3429.605:29375): avc:  denied  { read } for  pid=5279 comm="syz.7.11972" name="ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2657.838304][   T24] audit: type=1400 audit(3429.605:29376): avc:  denied  { open } for  pid=5279 comm="syz.7.11972" path="/dev/ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2657.863108][   T24] audit: type=1400 audit(3429.605:29377): avc:  denied  { ioctl } for  pid=5279 comm="syz.7.11972" path="/dev/ppp" dev="devtmpfs" ino=153 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2657.910821][ T5250] tipc: Resetting bearer <eth:syzkaller0>
[ 2657.917616][ T5250] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.062519][ T5321] tipc: Started in network mode
[ 2658.076282][ T5321] tipc: Own node identity 8660aca83ed9, cluster identity 4711
[ 2658.084940][ T5321] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.104575][ T5321] device syzkaller0 entered promiscuous mode
[ 2658.118844][ T5323] tipc: Started in network mode
[ 2658.123774][ T5323] tipc: Own node identity da54d8cdabbb, cluster identity 4711
[ 2658.134788][ T5323] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.144694][ T5334] tipc: Started in network mode
[ 2658.159749][ T5334] tipc: Own node identity de6ea89f41cc, cluster identity 4711
[ 2658.171961][ T5334] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.172729][   T24] audit: type=1400 audit(3429.965:29378): avc:  denied  { setopt } for  pid=5337 comm="syz.5.12000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2658.204029][ T5323] device syzkaller0 entered promiscuous mode
[ 2658.214183][ T5334] device syzkaller0 entered promiscuous mode
[ 2658.221717][ T5323] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.228548][ T5341] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.235801][ T5320] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.242328][ T5320] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.250679][ T5322] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.257170][ T5322] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.264292][ T5345] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.272863][ T5334] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.279160][ T5333] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.285553][ T5333] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.292874][ T5345] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.299861][ T5344] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.342833][ T5351] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.350019][ T5351] device syzkaller0 entered promiscuous mode
[ 2658.359565][ T5351] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.366031][ T5350] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.372829][ T5350] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.562554][   T24] audit: type=1400 audit(3430.355:29379): avc:  denied  { relabelfrom } for  pid=5378 comm="syz.0.12019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 2658.624741][   T24] audit: type=1400 audit(3430.355:29380): avc:  denied  { relabelto } for  pid=5378 comm="syz.0.12019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 2658.631494][ T5384] tipc: Started in network mode
[ 2658.646446][   T24] audit: type=1400 audit(3430.375:29381): avc:  denied  { getopt } for  pid=5379 comm="syz.5.12020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2658.654804][ T5384] tipc: Own node identity 8e3586545ea5, cluster identity 4711
[ 2658.676200][ T5384] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.689094][ T5387] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 2658.701219][ T5384] device syzkaller0 entered promiscuous mode
[ 2658.713342][ T5393] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2658.722193][ T5384] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.737621][ T5393] device syzkaller0 entered promiscuous mode
[ 2658.745127][ T5382] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.764953][ T5382] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.787514][ T5393] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.804169][ T5392] tipc: Resetting bearer <eth:syzkaller0>
[ 2658.812338][ T5392] tipc: Disabling bearer <eth:syzkaller0>
[ 2658.891050][ T5420] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12037'.
[ 2659.133696][ T5437] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2659.324569][ T5437] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,inlinecrypt,i_version,data_err=ignore,barrier=0x0000000000000009,data_err=ignore,grpquota,noblock_validity,user_xattr,resuid=0x0000000000000000,quota,,errors=continue
[ 2659.471773][ T5437] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3342: comm syz.6.12047: Allocating blocks 385-513 which overlap fs metadata
[ 2659.499603][ T5447] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12048'.
[ 2659.513390][ T5437] EXT4-fs (loop6): pa ffff88811ac1ef18: logic 16, phys. 129, len 24
[ 2659.521627][ T5437] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 8
[ 2659.553495][ T5451] EXT4-fs (loop8): Ignoring removed nobh option
[ 2659.565485][ T5451] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[ 2659.575709][ T5451] EXT4-fs error (device loop8): ext4_free_branches:1026: inode #13: comm syz.8.12049: invalid indirect mapped block 256 (level 1)
[ 2659.589746][ T5451] EXT4-fs (loop8): Remounting filesystem read-only
[ 2659.601342][ T5451] EXT4-fs error (device loop8): ext4_free_branches:1026: inode #13: comm syz.8.12049: invalid indirect mapped block 2683928664 (level 1)
[ 2659.616240][ T5451] EXT4-fs (loop8): 1 truncate cleaned up
[ 2659.621981][ T5451] EXT4-fs (loop8): mounted filesystem without journal. Opts: noblock_validity,dioread_lock,nobh,nojournal_checksum,errors=remount-ro,usrjquota=.grpquota,barrier=0x0000000000000009,jqfmt=vfsv0,noload,,
[ 2659.641810][ T4973] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.653042][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.660759][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.668731][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.676482][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.677999][ T4973] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.691658][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.699288][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.706792][  T642] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.714383][ T4973] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.728384][ T4973] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.739456][ T5444] Trying to write to read-only block-device loop6 (partno 0)
[ 2659.941856][ T5466] netlink: 32 bytes leftover after parsing attributes in process `syz.5.12057'.
[ 2659.961783][ T5468] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2661.227538][ T5503] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12069'.
[ 2661.247549][ T5503] device veth1_macvtap left promiscuous mode
[ 2661.508547][ T5516] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2661.537947][ T5516] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 2661.683058][ T5520] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2661.690183][ T5521] erofs: (device loop0): mounted with root inode @ nid 36.
[ 2661.690282][ T5520] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2661.706058][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 26 @ nid 36
[ 2661.715684][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 25 @ nid 36
[ 2661.726332][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36
[ 2661.735848][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 23 @ nid 36
[ 2661.745179][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 22 @ nid 36
[ 2661.755800][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 21 @ nid 36
[ 2661.768300][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 20 @ nid 36
[ 2661.778009][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 16 @ nid 36
[ 2661.788216][ T5521] erofs: (device loop0): z_erofs_readahead: readahead error at page 10 @ nid 36
[ 2661.797811][ T5521] attempt to access beyond end of device
[ 2661.797811][ T5521] loop0: rw=524288, want=736, limit=16
[ 2661.810097][ T5521] attempt to access beyond end of device
[ 2661.810097][ T5521] loop0: rw=524288, want=525160, limit=16
[ 2661.822742][ T5521] attempt to access beyond end of device
[ 2661.822742][ T5521] loop0: rw=524288, want=24, limit=16
[ 2661.834892][ T5521] attempt to access beyond end of device
[ 2661.834892][ T5521] loop0: rw=524288, want=13716630384, limit=16
[ 2662.436597][ T5540] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2662.522212][ T5540] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2662.721922][ T5551] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2662.773666][ T5551] EXT4-fs error (device loop5): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 2662.818102][ T5218] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[ 2662.940133][ T5556] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 2662.969435][ T5556] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2663.012493][ T5556] EXT4-fs error (device loop6): ext4_orphan_get:1421: comm syz.6.12089: bad orphan inode 131083
[ 2663.024426][ T5556] EXT4-fs (loop6): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue
[ 2663.089151][   T24] kauditd_printk_skb: 34 callbacks suppressed
[ 2663.089163][   T24] audit: type=1400 audit(3434.885:29416): avc:  denied  { create } for  pid=5555 comm="syz.6.12089" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 2663.129773][ T5562] EXT4-fs (loop5): Ignoring removed bh option
[ 2663.154993][ T5562] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2663.218254][ T5218] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2663.229677][ T5562] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nodioread_nolock,user_xattr,bh,dioread_nolock,,errors=continue
[ 2663.267929][ T5218] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2663.302812][ T5218] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2663.340159][ T5218] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2663.480516][ T5573] tap0: tun_chr_ioctl cmd 1074025675
[ 2663.485983][ T5573] tap0: persist enabled
[ 2663.490856][ T5573] tap0: tun_chr_ioctl cmd 1074025675
[ 2663.496296][ T5573] tap0: persist disabled
[ 2663.896298][ T5578] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 2663.929176][ T5578] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2219: inode #15: comm syz.8.12094: corrupted in-inode xattr
[ 2663.942566][ T5578] EXT4-fs (loop8): 1 truncate cleaned up
[ 2663.948341][ T5578] EXT4-fs (loop8): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000006c,lazytime,errors=remount-ro,errors=continue,
[ 2664.078868][ T5576] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27
[ 2664.121946][ T5571] F2FS-fs (loop5): invalid crc value
[ 2664.277989][ T5576] EXT4-fs error (device loop0): ext4_dirty_inode:6143: inode #16: comm syz.0.12096: mark_inode_dirty error
[ 2664.676943][ T5571] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 2664.733883][ T5576] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27
[ 2664.749227][ T5576] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #16: comm syz.0.12096: mark_inode_dirty error
[ 2664.761094][ T5576] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27
[ 2664.765193][ T5571] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[ 2664.769911][ T5576] EXT4-fs error (device loop0) in ext4_orphan_del:3292: error 27
[ 2664.785285][ T5576] EXT4-fs error (device loop0) in ext4_do_update_inode:5336: error 27
[ 2664.798116][ T5576] EXT4-fs error (device loop0): ext4_truncate:4390: inode #16: comm syz.0.12096: mark_inode_dirty error
[ 2664.809679][ T5576] EXT4-fs error (device loop0) in ext4_orphan_cleanup:3108: error 27
[ 2664.818627][ T5576] EXT4-fs (loop0): 1 truncate cleaned up
[ 2664.824600][ T5576] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 2664.858508][ T5594] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2664.867911][ T5044] attempt to access beyond end of device
[ 2664.867911][ T5044] loop5: rw=2049, want=45104, limit=40427
[ 2664.902691][ T5044] attempt to access beyond end of device
[ 2664.902691][ T5044] loop5: rw=2051, want=45064, limit=40427
[ 2664.914372][ T5044] attempt to access beyond end of device
[ 2664.914372][ T5044] loop5: rw=2051, want=131072, limit=40427
[ 2664.931303][ T5044] F2FS-fs (loop5): Issue discard(4615, 4615, 1018) failed, ret: -5
[ 2664.931325][ T5044] F2FS-fs (loop5): Issue discard(5638, 5638, 10746) failed, ret: -5
[ 2665.072285][ T5602] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12102'.
[ 2665.104736][ T5602] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12102'.
[ 2665.115222][   T24] audit: type=1400 audit(3436.855:29417): avc:  denied  { append } for  pid=5598 comm="syz.8.12102" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2665.713272][T26067] usb 8-1: USB disconnect, device number 5
[ 2665.857578][ T5608] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12103'.
[ 2666.057072][   T24] audit: type=1400 audit(3437.845:29418): avc:  denied  { append } for  pid=5618 comm="syz.8.12109" name="loop-control" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 2666.098123][  T283] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 2666.138133][   T24] audit: type=1400 audit(3437.845:29419): avc:  denied  { open } for  pid=5618 comm="syz.8.12109" path="/dev/loop-control" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 2666.163833][   T24] audit: type=1400 audit(3437.845:29420): avc:  denied  { ioctl } for  pid=5618 comm="syz.8.12109" path="/dev/loop-control" dev="devtmpfs" ino=114 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 2666.480577][ T5638] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 2666.554454][   T24] audit: type=1400 audit(3438.345:29421): avc:  denied  { write } for  pid=5637 comm="syz.0.12115" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2666.638142][  T283] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2666.728230][  T283] usb 7-1: config 33 has an invalid interface number: 225 but max is 2
[ 2666.733365][   T24] audit: type=1400 audit(3438.375:29422): avc:  denied  { add_name } for  pid=5637 comm="syz.0.12115" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2666.736583][  T283] usb 7-1: config 33 has an invalid interface number: 228 but max is 2
[ 2666.770205][   T24] audit: type=1400 audit(3438.375:29423): avc:  denied  { associate } for  pid=5637 comm="syz.0.12115" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2666.868200][  T283] usb 7-1: config 33 has an invalid interface number: 228 but max is 2
[ 2666.883309][  T283] usb 7-1: config 33 has an invalid descriptor of length 0, skipping remainder of the config
[ 2666.903943][  T283] usb 7-1: config 33 has 2 interfaces, different from the descriptor's value: 3
[ 2666.907651][   T24] audit: type=1400 audit(3438.695:29424): avc:  denied  { unmount } for  pid=4873 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2666.923242][  T283] usb 7-1: config 33 has no interface number 0
[ 2666.958083][  T283] usb 7-1: config 33 has no interface number 1
[ 2666.964403][  T283] usb 7-1: config 33 interface 228 altsetting 3 bulk endpoint 0x8 has invalid maxpacket 1023
[ 2666.979117][  T283] usb 7-1: config 33 interface 228 altsetting 3 has a duplicate endpoint with address 0x7, skipping
[ 2666.991676][  T283] usb 7-1: config 33 interface 228 altsetting 3 has a duplicate endpoint with address 0xD, skipping
[ 2667.003047][  T283] usb 7-1: config 33 interface 228 altsetting 3 bulk endpoint 0xC has invalid maxpacket 1023
[ 2667.013837][  T283] usb 7-1: config 33 interface 228 altsetting 204 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 2667.025339][  T283] usb 7-1: config 33 interface 228 altsetting 204 has an invalid endpoint with address 0x80, skipping
[ 2667.041830][ T5644] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 2667.050338][  T283] usb 7-1: config 33 interface 228 altsetting 204 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[ 2667.064544][ T5644] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 2667.077999][  T283] usb 7-1: config 33 interface 225 has no altsetting 0
[ 2667.102998][  T283] usb 7-1: config 33 interface 228 has no altsetting 0
[ 2667.111293][ T5644] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 2667.128556][  T283] usb 7-1: config 33 interface 228 has no altsetting 1
[ 2667.199143][ T5644] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 2667.206419][ T5644] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 2667.244481][   T24] audit: type=1400 audit(3439.035:29425): avc:  denied  { setattr } for  pid=5643 comm="syz.7.12116" name="/" dev="loop7" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2667.328253][  T283] usb 7-1: New USB device found, idVendor=12d1, idProduct=7b1f, bcdDevice=ca.cf
[ 2667.347554][  T283] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2667.357629][  T283] usb 7-1: Product: syz
[ 2667.367728][  T283] usb 7-1: Manufacturer: syz
[ 2667.377828][  T283] usb 7-1: SerialNumber: syz
[ 2667.419915][ T5647] kvm [5646]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[ 2667.821571][ T5679] F2FS-fs (loop5): fault_injection options not supported
[ 2667.833855][ T5679] F2FS-fs (loop5): invalid crc value
[ 2667.898258][T27579] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 2667.921532][T29236] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 2667.952617][ T5679] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 2667.974957][ T5679] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 2667.983055][  T283] rndis_host 7-1:33.228: skipping garbage
[ 2667.989186][  T283] rndis_host 7-1:33.228: skipping garbage
[ 2667.995061][  T283] usb 7-1: bad CDC descriptors
[ 2668.003695][  T283] usb 7-1: USB disconnect, device number 4
[ 2668.032769][ T5044] attempt to access beyond end of device
[ 2668.032769][ T5044] loop5: rw=2049, want=45104, limit=40427
[ 2668.168223][T29236] usb 9-1: Using ep0 maxpacket: 8
[ 2668.198076][T27579] usb 1-1: Using ep0 maxpacket: 32
[ 2668.246286][ T5697] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12131'.
[ 2668.264568][ T5699] netlink: 112 bytes leftover after parsing attributes in process `syz.6.12132'.
[ 2668.298251][T29236] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2668.309307][T29236] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 2668.318225][T27579] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 2668.319159][T29236] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2668.346571][T29236] usb 9-1: config 0 descriptor??
[ 2668.508172][T27579] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 2668.517322][T27579] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 2668.526241][T27579] usb 1-1: Product: syz
[ 2668.530574][T27579] usb 1-1: Manufacturer: syz
[ 2668.535174][T27579] usb 1-1: SerialNumber: syz
[ 2668.541215][T27579] usb 1-1: config 0 descriptor??
[ 2668.558113][T26067] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 2668.558153][ T5685] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 2668.578431][T27579] hub 1-1:0.0: bad descriptor, ignoring hub
[ 2668.585698][T27579] hub: probe of 1-1:0.0 failed with error -5
[ 2668.606943][   T24] kauditd_printk_skb: 5 callbacks suppressed
[ 2668.606955][   T24] audit: type=1400 audit(3440.395:29431): avc:  denied  { mounton } for  pid=5719 comm="syz.7.12142" path="/proc/158/task" dev="proc" ino=115388 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 2668.635906][ T5218] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 2668.798080][T26067] usb 7-1: Using ep0 maxpacket: 16
[ 2668.878213][ T5218] usb 6-1: Using ep0 maxpacket: 32
[ 2668.902732][ T5731] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 2668.915011][T29236] usb 1-1: USB disconnect, device number 6
[ 2668.918267][T26067] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 2668.930475][T26067] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 2668.940657][T26067] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 2668.950615][T26067] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 2668.960461][T26067] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 2668.970728][T26067] usb 7-1: config 1 interface 0 has no altsetting 0
[ 2668.977720][T26067] usb 7-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 2668.986977][T26067] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2669.008255][ T5218] usb 6-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 2669.017391][ T5218] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2669.027951][ T5218] usb 6-1: config 0 descriptor??
[ 2669.034585][T26067] ums-sddr09 7-1:1.0: USB Mass Storage device detected
[ 2669.240151][T26067] scsi host1: usb-storage 7-1:1.0
[ 2669.382116][   T24] audit: type=1400 audit(3441.175:29432): avc:  denied  { transfer } for  pid=5740 comm="syz.7.12149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 2669.446474][T26067] usb 7-1: USB disconnect, device number 5
[ 2669.479995][ T5739] F2FS-fs (loop0): fault_injection options not supported
[ 2669.497430][ T5739] F2FS-fs (loop0): invalid crc value
[ 2669.504169][ T5739] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2669.525735][ T5739] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2669.737285][   T24] audit: type=1400 audit(3441.525:29433): avc:  denied  { create } for  pid=5738 comm="syz.0.12148" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 2669.758195][   T24] audit: type=1400 audit(3441.525:29434): avc:  denied  { read } for  pid=5738 comm="syz.0.12148" name="file1" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 2670.326799][ T5761] kvm: emulating exchange as write
[ 2670.333547][ T4873] attempt to access beyond end of device
[ 2670.333547][ T4873] loop0: rw=2049, want=45104, limit=40427
[ 2670.361382][T29236] usb 6-1: USB disconnect, device number 2
[ 2670.382187][   T24] audit: type=1400 audit(3442.175:29435): avc:  denied  { unmount } for  pid=5044 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 2670.450322][T26067] usb 9-1: USB disconnect, device number 2
[ 2670.681344][ T5777] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[ 2670.716546][   T24] audit: type=1400 audit(3442.505:29436): avc:  denied  { read } for  pid=5783 comm="syz.0.12155" name="event2" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2670.756560][   T24] audit: type=1400 audit(3442.505:29437): avc:  denied  { open } for  pid=5783 comm="syz.0.12155" path="/dev/input/event2" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2670.780672][   T24] audit: type=1400 audit(3442.505:29438): avc:  denied  { ioctl } for  pid=5783 comm="syz.0.12155" path="/dev/input/event2" dev="devtmpfs" ino=268 ioctlcmd=0x4592 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2670.878093][T29241] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 2671.234809][   T24] audit: type=1400 audit(3443.025:29439): avc:  denied  { listen } for  pid=5800 comm="syz.8.12167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2671.257355][   T24] audit: type=1400 audit(3443.055:29440): avc:  denied  { accept } for  pid=5800 comm="syz.8.12167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2671.268847][T29236] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 2671.458143][T29241] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2671.468439][T29241] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 2671.477485][T29241] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2671.486444][T29241] usb 6-1: config 0 descriptor??
[ 2671.528157][T29236] usb 7-1: Using ep0 maxpacket: 32
[ 2671.578101][ T5217] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 2671.648197][T29236] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 2671.656417][T29236] usb 7-1: config 0 has no interface number 0
[ 2671.818226][T29236] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 2671.827407][T29236] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2671.835824][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 2671.843976][T29236] usb 7-1: Product: syz
[ 2671.848347][T29236] usb 7-1: Manufacturer: syz
[ 2671.853209][T29236] usb 7-1: SerialNumber: syz
[ 2671.858862][T29236] usb 7-1: config 0 descriptor??
[ 2671.968194][ T5217] usb 8-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 2671.977409][ T5217] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2671.986252][ T5217] usb 8-1: config 0 descriptor??
[ 2672.168142][ T5218] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 2672.448477][ T5218] usb 1-1: Using ep0 maxpacket: 16
[ 2672.568193][ T5218] usb 1-1: config 0 has no interfaces?
[ 2672.728165][ T5218] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 2672.737417][ T5218] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2672.745526][ T5218] usb 1-1: Product: syz
[ 2672.749860][ T5218] usb 1-1: Manufacturer: syz
[ 2672.754470][ T5218] usb 1-1: SerialNumber: syz
[ 2672.759916][ T5218] usb 1-1: config 0 descriptor??
[ 2672.791885][T29236] usb 6-1: USB disconnect, device number 3
[ 2673.006984][T29241] usb 1-1: USB disconnect, device number 7
[ 2673.292412][T29236] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 2673.410601][T29241] usb 8-1: USB disconnect, device number 6
[ 2673.658200][T29236] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2673.668509][T29236] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2673.749055][T29236] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2673.758225][T29236] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2673.759064][ T5217] usb 7-1: USB disconnect, device number 6
[ 2673.766223][T29236] usb 6-1: SerialNumber: syz
[ 2673.811852][   T24] kauditd_printk_skb: 2 callbacks suppressed
[ 2673.811864][   T24] audit: type=1400 audit(3445.605:29443): avc:  denied  { shutdown } for  pid=5846 comm="syz.6.12182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2673.838295][   T24] audit: type=1400 audit(3445.605:29444): avc:  denied  { read } for  pid=5846 comm="syz.6.12182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2673.858252][   T24] audit: type=1107 audit(3445.605:29445): pid=5848 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='^ö+'
[ 2673.888090][T29241] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 2673.905931][ T5854] kernel profiling enabled (shift: 63)
[ 2673.911719][ T5854] profiling shift: 63 too large
[ 2674.038772][T29236] usb 6-1: 0:2 : does not exist
[ 2674.061089][T29236] usb 6-1: USB disconnect, device number 4
[ 2674.069605][ T4867] udevd[4867]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2674.138097][T29241] usb 8-1: Using ep0 maxpacket: 16
[ 2674.218092][ T5218] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 2674.260005][ T5860] binder: 5859:5860 ioctl 400c620e 200000000500 returned -22
[ 2674.298180][T29241] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2674.378192][T29241] usb 8-1: config 13 has an invalid interface number: 50 but max is 0
[ 2674.386689][T29241] usb 8-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[ 2674.397658][T29241] usb 8-1: config 13 has no interface number 0
[ 2674.403970][T29241] usb 8-1: config 13 interface 50 altsetting 167 endpoint 0x8 has invalid wMaxPacketSize 0
[ 2674.414016][T29241] usb 8-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 0
[ 2674.424667][T29241] usb 8-1: config 13 interface 50 altsetting 167 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2674.438637][T29241] usb 8-1: config 13 interface 50 has no altsetting 0
[ 2674.468271][ T5218] usb 9-1: Using ep0 maxpacket: 32
[ 2674.862910][T29236] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 2674.958403][T29241] usb 8-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[ 2675.005748][T29241] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2675.076245][T29241] usb 8-1: Product: syz
[ 2675.098082][T29241] usb 8-1: Manufacturer: syz
[ 2675.118120][T29236] usb 7-1: Using ep0 maxpacket: 16
[ 2675.126421][T29241] usb 8-1: SerialNumber: syz
[ 2675.606908][T29236] usb 7-1: config 0 has an invalid interface number: 41 but max is 0
[ 2675.626121][T29236] usb 7-1: config 0 has no interface number 0
[ 2675.634447][T29236] usb 7-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 2675.645335][T29236] usb 7-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 2675.655671][T29236] usb 7-1: config 0 interface 41 has no altsetting 0
[ 2675.692471][   T24] audit: type=1400 audit(3447.485:29446): avc:  denied  { write } for  pid=5877 comm="syz.0.12195" name="event2" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 2675.808153][ T5218] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 2675.842520][ T5890] EXT4-fs (loop0): Ignoring removed oldalloc option
[ 2675.851143][ T5890] EXT4-fs error (device loop0): ext4_clear_blocks:880: inode #13: comm syz.0.12200: attempt to clear invalid blocks 2 len 1
[ 2675.853792][T29236] usb 7-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 2675.865328][ T5890] EXT4-fs error (device loop0): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[ 2675.874686][T29236] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2675.889140][ T5890] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #13: comm syz.0.12200: invalid indirect mapped block 1819239214 (level 0)
[ 2675.897541][T29236] usb 7-1: Product: syz
[ 2675.911783][ T5218] usb 9-1: config 3 has an invalid interface number: 243 but max is 0
[ 2675.911795][ T5218] usb 9-1: config 3 has no interface number 0
[ 2675.911817][ T5218] usb 9-1: config 3 interface 243 altsetting 9 bulk endpoint 0x6 has invalid maxpacket 32
[ 2675.917403][T29236] usb 7-1: Manufacturer: syz
[ 2675.924601][ T5218] usb 9-1: config 3 interface 243 altsetting 9 has an invalid endpoint with address 0x72, skipping
[ 2675.930779][T29236] usb 7-1: SerialNumber: syz
[ 2675.940520][ T5218] usb 9-1: config 3 interface 243 has no altsetting 0
[ 2675.940971][ T5890] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #13: comm syz.0.12200: invalid indirect mapped block 1819239214 (level 1)
[ 2675.949476][T29236] usb 7-1: config 0 descriptor??
[ 2675.956544][ T5890] EXT4-fs (loop0): 1 truncate cleaned up
[ 2675.978285][ T5864] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2675.981768][ T5890] EXT4-fs (loop0): mounted filesystem without journal. Opts: oldalloc,,errors=continue
[ 2675.987150][ T5864] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2676.016602][T29241] usb 8-1: MIDIStreaming interface descriptor not found
[ 2676.027208][T29241] usb 8-1: USB disconnect, device number 7
[ 2676.158290][ T5218] usb 9-1: New USB device found, idVendor=305a, idProduct=1405, bcdDevice=a4.69
[ 2676.167917][ T5218] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2676.180121][ T5218] usb 9-1: Product: syz
[ 2676.184408][ T5218] usb 9-1: Manufacturer: syz
[ 2676.190708][ T5218] usb 9-1: SerialNumber: syz
[ 2676.229831][ T5218] usb 9-1: Interface #243 referenced by multiple IADs
[ 2676.258343][ T5858] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 2676.284070][ T5864] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2676.292712][ T5864] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2676.338104][T27579] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 2676.418603][ T5003] udevd[5003]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:13.50/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2676.579553][ T5218] usb 9-1: USB disconnect, device number 3
[ 2676.588262][T27579] usb 6-1: Using ep0 maxpacket: 8
[ 2676.708461][T27579] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[ 2676.716758][T27579] usb 6-1: config 0 has no interface number 0
[ 2676.765762][ T5920] netlink: 68 bytes leftover after parsing attributes in process `syz.0.12211'.
[ 2676.797854][ T5924] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2676.804796][ T5924] device syzkaller0 entered promiscuous mode
[ 2676.813339][ T5924] tipc: Resetting bearer <eth:syzkaller0>
[ 2676.819824][ T5923] tipc: Resetting bearer <eth:syzkaller0>
[ 2676.826129][ T5923] tipc: Disabling bearer <eth:syzkaller0>
[ 2676.858239][T26067] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 2676.888157][T27579] usb 6-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=be.68
[ 2676.898514][T27579] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2676.906488][T27579] usb 6-1: Product: syz
[ 2676.911311][T27579] usb 6-1: Manufacturer: syz
[ 2676.915897][T27579] usb 6-1: SerialNumber: syz
[ 2676.921116][T27579] usb 6-1: config 0 descriptor??
[ 2677.108160][T26067] usb 8-1: Using ep0 maxpacket: 8
[ 2677.164666][ T5218] usb 6-1: USB disconnect, device number 5
[ 2677.168256][T29236] CoreChips: probe of 7-1:0.41 failed with error -71
[ 2677.186490][T29236] usb 7-1: USB disconnect, device number 7
[ 2677.258108][T29241] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[ 2677.308114][T26067] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2677.568203][T26067] usb 8-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=82.fe
[ 2677.577547][T26067] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2677.585857][T26067] usb 8-1: Product: syz
[ 2677.590394][T26067] usb 8-1: Manufacturer: syz
[ 2677.595137][T26067] usb 8-1: SerialNumber: syz
[ 2677.618308][T29241] usb 1-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[ 2677.627699][T29241] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2677.636751][T29241] usb 1-1: config 0 descriptor??
[ 2677.778148][T29236] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 2677.908319][T26067] asix 8-1:7.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 2677.919122][T26067] asix: probe of 8-1:7.0 failed with error -71
[ 2677.943209][T26067] usb 8-1: USB disconnect, device number 8
[ 2678.038155][ T5218] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 2678.119279][T29241] dragonrise 0003:0079:0006.0001: unknown main item tag 0x0
[ 2678.126627][T29241] dragonrise 0003:0079:0006.0001: unknown main item tag 0x0
[ 2678.134191][T29241] dragonrise 0003:0079:0006.0001: unknown main item tag 0x0
[ 2678.141816][T29241] dragonrise 0003:0079:0006.0001: unknown main item tag 0x0
[ 2678.149535][T29241] dragonrise 0003:0079:0006.0001: unknown main item tag 0x0
[ 2678.157613][T29241] dragonrise 0003:0079:0006.0001: hidraw0: USB HID v0.05 Device [HID 0079:0006] on usb-dummy_hcd.0-1/input0
[ 2678.169186][T29241] dragonrise 0003:0079:0006.0001: no inputs found
[ 2678.175610][T29241] dragonrise 0003:0079:0006.0001: force feedback init failed
[ 2678.308182][T29236] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2678.318101][T29236] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 2678.327346][T26067] usb 1-1: USB disconnect, device number 8
[ 2678.328074][T29236] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2678.438116][ T5218] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.448342][ T5218] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2678.459343][ T5218] usb 7-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2678.514112][T29236] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 2678.573153][   T24] audit: type=1400 audit(3450.335:29447): avc:  denied  { getopt } for  pid=5981 comm="syz.7.12236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2678.718584][ T5218] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2678.728233][ T5218] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2678.736402][ T5218] usb 7-1: Product: syz
[ 2678.742256][ T5218] usb 7-1: Manufacturer: syz
[ 2678.747014][ T5218] usb 7-1: SerialNumber: syz
[ 2678.880176][ T5218] cdc_mbim 7-1:1.0: skipping garbage
[ 2679.464188][T29236] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2679.472490][T29236] usb 9-1: Product: syz
[ 2679.476929][T29236] usb 9-1: Manufacturer: syz
[ 2679.481883][T29236] usb 9-1: SerialNumber: syz
[ 2679.528827][T29236] hub 9-1:1.0: bad descriptor, ignoring hub
[ 2679.534951][T29236] hub: probe of 9-1:1.0 failed with error -5
[ 2679.558154][T26067] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 2679.708131][T26063] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[ 2679.749347][T29236] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 2679.768138][T29241] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 2679.838177][T26067] usb 1-1: too many configurations: 9, using maximum allowed: 8
[ 2679.918241][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2679.927209][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2679.938193][ T5218] cdc_mbim 7-1:1.0: bind() failure
[ 2679.944153][ T5218] cdc_ncm 7-1:1.1: bind() failure
[ 2679.949389][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2679.950662][   T24] audit: type=1400 audit(3451.745:29448): avc:  denied  { read write } for  pid=5963 comm="syz.8.12230" name="lp0" dev="devtmpfs" ino=1015 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 2679.957171][ T5218] usb 7-1: USB disconnect, device number 8
[ 2679.979768][   T24] audit: type=1400 audit(3451.745:29449): avc:  denied  { open } for  pid=5963 comm="syz.8.12230" path="/dev/usb/lp0" dev="devtmpfs" ino=1015 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 2680.038183][T29241] usb 8-1: Using ep0 maxpacket: 16
[ 2680.048220][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.057273][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.068561][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.158152][T29241] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2680.158955][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.177454][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.188421][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.268201][T26063] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 2680.277848][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.286772][T26063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2680.294946][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.306091][T26063] usb 6-1: Product: syz
[ 2680.310376][T26063] usb 6-1: Manufacturer: syz
[ 2680.314987][T26063] usb 6-1: SerialNumber: syz
[ 2680.319626][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.327159][T26063] usb 6-1: config 0 descriptor??
[ 2680.338236][T29241] usb 8-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[ 2680.347623][T29241] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2680.355773][T29241] usb 8-1: Product: syz
[ 2680.360012][T29241] usb 8-1: Manufacturer: syz
[ 2680.364632][T29241] usb 8-1: SerialNumber: syz
[ 2680.371423][T29241] usb 8-1: config 0 descriptor??
[ 2680.398245][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.407899][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.418950][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.429315][T29241] dm9601: probe of 8-1:0.0 failed with error -22
[ 2680.439003][T29241] sr9700: probe of 8-1:0.0 failed with error -22
[ 2680.498163][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.507066][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.518240][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.536845][ T6014] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2680.601043][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.610252][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.621366][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.631544][T29241] usb 8-1: USB disconnect, device number 9
[ 2680.698342][T26067] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2680.707600][T26067] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2680.718926][T26067] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2680.878149][T25929] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 2680.878250][T26067] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 2680.894889][T26067] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 2680.898629][T29236] usb 9-1: USB disconnect, device number 4
[ 2680.903241][T26067] usb 1-1: Product: syz
[ 2680.911771][T29236] usblp0: removed
[ 2680.913825][T26067] usb 1-1: Manufacturer: syz
[ 2680.921548][T26067] usb 1-1: SerialNumber: syz
[ 2680.926750][T26067] usb 1-1: config 0 descriptor??
[ 2681.138097][T25929] usb 7-1: Using ep0 maxpacket: 8
[ 2681.200346][T26067] usb 1-1: USB disconnect, device number 9
[ 2681.418187][T25929] usb 7-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 2681.427293][T25929] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2681.435308][T25929] usb 7-1: Product: syz
[ 2681.440049][T25929] usb 7-1: Manufacturer: syz
[ 2681.444698][T25929] usb 7-1: SerialNumber: syz
[ 2681.449940][T25929] usb 7-1: config 0 descriptor??
[ 2681.635230][T26063] usb 6-1: USB disconnect, device number 6
[ 2681.688457][T26067] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 2681.988222][T25929] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 2682.078156][T26067] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2682.089335][T26067] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2682.099297][T26067] usb 9-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 2682.108499][T26067] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2682.121726][T26067] usb 9-1: config 0 descriptor??
[ 2682.238095][T25929] usb 1-1: Using ep0 maxpacket: 32
[ 2682.358161][T25929] usb 1-1: config 0 has an invalid interface number: 230 but max is 0
[ 2682.366608][T25929] usb 1-1: config 0 has no interface number 0
[ 2682.372930][T25929] usb 1-1: config 0 interface 230 has no altsetting 0
[ 2682.538284][T25929] usb 1-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 2682.547576][T25929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2682.556017][T25929] usb 1-1: Product: syz
[ 2682.560761][T25929] usb 1-1: Manufacturer: syz
[ 2682.565529][T25929] usb 1-1: SerialNumber: syz
[ 2682.576504][T25929] usb 1-1: config 0 descriptor??
[ 2682.618741][T25929] ums-usbat 1-1:0.230: USB Mass Storage device detected
[ 2682.626775][T25929] ums-usbat 1-1:0.230: Quirks match for vid 0781 pid 0005: 1
[ 2682.978558][T26067] hid-led: probe of 0003:27B8:01ED.0002 failed with error -71
[ 2683.137281][T26067] usb 9-1: USB disconnect, device number 5
[ 2683.371738][ T5218] usb 7-1: USB disconnect, device number 9
[ 2683.667618][   T24] audit: type=1400 audit(3455.455:29450): avc:  denied  { read write } for  pid=6071 comm="syz.6.12267" name="uhid" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 2683.699616][ T2623] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[ 2683.711590][ T2623] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2683.748399][   T24] audit: type=1400 audit(3455.485:29451): avc:  denied  { open } for  pid=6071 comm="syz.6.12267" path="/dev/uhid" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 2683.878172][ T5217] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[ 2684.098153][ T5218] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 2684.298230][ T5217] usb 9-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2684.309707][ T5217] usb 9-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2684.321485][ T5217] usb 9-1: config 0 interface 0 has no altsetting 0
[ 2684.363628][ T5217] usb 9-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 2684.377295][ T5217] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2684.386270][ T5217] usb 9-1: config 0 descriptor??
[ 2684.408192][ T5218] usb 8-1: too many configurations: 13, using maximum allowed: 8
[ 2684.659194][ T5218] usb 8-1: config 0 has no interfaces?
[ 2684.778403][ T5218] usb 8-1: config 0 has no interfaces?
[ 2684.878242][ T5218] usb 8-1: config 0 has no interfaces?
[ 2684.924091][ T5217] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[ 2684.978377][ T5218] usb 8-1: config 0 has no interfaces?
[ 2685.004511][ T5217] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[ 2685.049520][ T5217] hid-steam 0003:28DE:1102.0004: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[ 2685.108373][ T5218] usb 8-1: config 0 has no interfaces?
[ 2685.142304][ T5217] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[ 2685.258257][ T5217] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[ 2685.268752][ T5218] usb 8-1: config 0 has no interfaces?
[ 2685.313159][ T5217] hid-steam 0003:28DE:1102.0005: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[ 2685.378378][ T5218] usb 8-1: config 0 has no interfaces?
[ 2685.393179][ T2623] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[ 2685.419115][ T2623] hid-generic 0000:0000:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2685.438204][ T5217] hid-steam 0003:28DE:1102.0004: Steam Controller 'XXXXXXXXXX' connected
[ 2685.468395][ T5218] usb 8-1: config 0 has no interfaces?
[ 2685.476028][ T5217] input: Steam Controller as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:28DE:1102.0004/input/input10
[ 2685.549318][ T6111] input: Steam Controller as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:28DE:1102.0004/input/input11
[ 2685.553671][ T5217] usb 9-1: USB disconnect, device number 6
[ 2685.561113][   T24] audit: type=1400 audit(3457.345:29452): avc:  denied  { read } for  pid=80 comm="acpid" name="event3" dev="devtmpfs" ino=1035 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2685.594358][   T24] audit: type=1400 audit(3457.345:29453): avc:  denied  { open } for  pid=80 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1035 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2685.604914][ T6116] fido_id[6116]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/9-1/report_descriptor': No such file or directory
[ 2685.618202][   T24] audit: type=1400 audit(3457.345:29454): avc:  denied  { ioctl } for  pid=80 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1035 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2685.714548][ T5217] hid-steam 0003:28DE:1102.0004: Steam Controller 'XXXXXXXXXX' disconnected
[ 2685.738448][ T5218] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2685.748003][ T5218] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2685.756374][ T5218] usb 8-1: Product: syz
[ 2685.760720][ T5218] usb 8-1: Manufacturer: syz
[ 2685.765420][ T5218] usb 8-1: SerialNumber: syz
[ 2685.836530][ T5218] usb 8-1: config 0 descriptor??
[ 2685.949325][ T6132] overlayfs: failed to resolve './bus': -2
[ 2686.078106][ T5217] usb 9-1: new low-speed USB device number 7 using dummy_hcd
[ 2686.107151][ T5218] usb 8-1: USB disconnect, device number 10
[ 2686.114689][T25929] ums-usbat: probe of 1-1:0.230 failed with error 4
[ 2686.122637][T25929] usb 1-1: USB disconnect, device number 10
[ 2686.248155][T29241] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 2686.488102][T25929] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 2686.495866][T29241] usb 6-1: Using ep0 maxpacket: 32
[ 2686.498119][ T5217] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2686.512493][ T5217] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2686.522320][ T5217] usb 9-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[ 2686.531426][ T5217] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2686.540239][ T5217] usb 9-1: config 0 descriptor??
[ 2686.641475][T29241] usb 6-1: config index 0 descriptor too short (expected 6683, got 27)
[ 2686.655235][T29241] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[ 2686.663475][T29241] usb 6-1: config 0 has no interface number 0
[ 2686.669884][T29241] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2686.681242][T29241] usb 6-1: config 0 interface 85 has no altsetting 0
[ 2686.768284][T25929] usb 1-1: Using ep0 maxpacket: 16
[ 2686.788208][T29236] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 2687.178216][T29241] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 2687.187453][T29241] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2687.195705][T29241] usb 6-1: Product: syz
[ 2687.200080][T29241] usb 6-1: Manufacturer: syz
[ 2687.204680][T29241] usb 6-1: SerialNumber: syz
[ 2687.210261][T29241] usb 6-1: config 0 descriptor??
[ 2687.218157][T25929] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[ 2687.226375][T25929] usb 1-1: config 1 has no interface number 0
[ 2687.232714][T25929] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 2687.242685][T25929] usb 1-1: config 1 interface 105 has no altsetting 0
[ 2687.268140][ T5217] usbhid 9-1:0.0: can't add hid device: -71
[ 2687.274403][ T5217] usbhid: probe of 9-1:0.0 failed with error -71
[ 2687.282476][ T5217] usb 9-1: USB disconnect, device number 7
[ 2687.288486][   T80] ==================================================================
[ 2687.296667][   T80] BUG: KASAN: use-after-free in mutex_lock+0x7f/0xe0
[ 2687.303406][   T80] Write of size 8 at addr ffff88811b04d840 by task acpid/80
[ 2687.310772][   T80] 
[ 2687.313105][   T80] CPU: 1 PID: 80 Comm: acpid Tainted: G        W         5.10.240-syzkaller-00225-g1154f779f3f3 #0
[ 2687.323834][   T80] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2687.334056][   T80] Call Trace:
[ 2687.337340][   T80]  __dump_stack+0x21/0x24
[ 2687.341757][   T80]  dump_stack_lvl+0x169/0x1d8
[ 2687.346427][   T80]  ? show_regs_print_info+0x18/0x18
[ 2687.351620][   T80]  ? thaw_kernel_threads+0x220/0x220
[ 2687.356897][   T80]  ? __kasan_kmalloc+0xec/0x110
[ 2687.361738][   T80]  ? __kasan_kmalloc+0xda/0x110
[ 2687.366587][   T80]  print_address_description+0x7f/0x2c0
[ 2687.372141][   T80]  ? mutex_lock+0x7f/0xe0
[ 2687.376458][   T80]  kasan_report+0xe2/0x130
[ 2687.381038][   T80]  ? mutex_lock+0x7f/0xe0
[ 2687.385363][   T80]  kasan_check_range+0x280/0x290
[ 2687.390292][   T80]  __kasan_check_write+0x14/0x20
[ 2687.395244][   T80]  mutex_lock+0x7f/0xe0
[ 2687.399397][   T80]  ? mutex_trylock+0xa0/0xa0
[ 2687.403998][   T80]  steam_input_open+0x91/0x160
[ 2687.408868][   T80]  ? steam_input_register+0xa70/0xa70
[ 2687.414253][   T80]  ? __kasan_check_write+0x14/0x20
[ 2687.419455][   T80]  ? mutex_lock_interruptible+0x8c/0xe0
[ 2687.425082][   T80]  input_open_device+0x14c/0x2a0
[ 2687.430011][   T80]  evdev_open+0x4d2/0x5e0
[ 2687.434333][   T80]  chrdev_open+0x597/0x670
[ 2687.438740][   T80]  ? cd_forget+0x170/0x170
[ 2687.443166][   T80]  ? cd_forget+0x170/0x170
[ 2687.447585][   T80]  do_dentry_open+0x793/0x1090
[ 2687.452346][   T80]  vfs_open+0x73/0x80
[ 2687.456318][   T80]  path_openat+0x27ad/0x3160
[ 2687.460923][   T80]  ? kfree+0xc0/0x270
[ 2687.464996][   T80]  ? __kasan_slab_alloc+0xcf/0xf0
[ 2687.470106][   T80]  ? kmem_cache_alloc+0x165/0x2e0
[ 2687.475117][   T80]  ? getname+0x19/0x20
[ 2687.479176][   T80]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2687.485321][   T80]  ? do_filp_open+0x3e0/0x3e0
[ 2687.489993][   T80]  do_filp_open+0x1b3/0x3e0
[ 2687.494487][   T80]  ? vfs_tmpfile+0x2c0/0x2c0
[ 2687.499076][   T80]  ? get_unused_fd_flags+0x92/0xa0
[ 2687.504176][   T80]  do_sys_openat2+0x14c/0x6d0
[ 2687.508841][   T80]  ? __kasan_check_read+0x11/0x20
[ 2687.513855][   T80]  ? do_sys_open+0xe0/0xe0
[ 2687.518282][   T80]  ? ksys_read+0x1da/0x240
[ 2687.522708][   T80]  ? vfs_write+0xd60/0xd60
[ 2687.527125][   T80]  ? fpu__clear_all+0x20/0x20
[ 2687.531803][   T80]  __x64_sys_openat+0x136/0x160
[ 2687.536659][   T80]  do_syscall_64+0x31/0x40
[ 2687.541073][   T80]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2687.546956][   T80] RIP: 0033:0x7f541d766407
[ 2687.551541][   T80] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 2687.571137][   T80] RSP: 002b:00007fff1fccafc0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 2687.579561][   T80] RAX: ffffffffffffffda RBX: 00007f541d6dc740 RCX: 00007f541d766407
[ 2687.587630][   T80] RDX: 0000000000080800 RSI: 00007fff1fccb1d0 RDI: ffffffffffffff9c
[ 2687.595784][   T80] RBP: 00007fff1fccb1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2687.603761][   T80] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000020
[ 2687.611763][   T80] R13: 00007fff1fccb2d0 R14: 0000562b9748e7fe R15: 00007fff1fccb2d0
[ 2687.620256][   T80] 
[ 2687.622581][   T80] Allocated by task 29241:
[ 2687.627001][   T80]  __kasan_kmalloc+0xda/0x110
[ 2687.631788][   T80]  __kmalloc+0x1a7/0x330
[ 2687.636032][   T80]  ___neigh_create+0x6f0/0x1a20
[ 2687.640873][   T80]  __neigh_create+0x31/0x40
[ 2687.645380][   T80]  ip6_finish_output2+0x8d1/0x1500
[ 2687.650486][   T80]  __ip6_finish_output+0x5ff/0x790
[ 2687.655589][   T80]  ip6_finish_output+0x33/0x1f0
[ 2687.660435][   T80]  ip6_output+0x1d1/0x3b0
[ 2687.664770][   T80]  ndisc_send_skb+0x6f5/0xb40
[ 2687.669435][   T80]  ndisc_send_rs+0x6e5/0x960
[ 2687.674015][   T80]  addrconf_dad_completed+0x97f/0xe80
[ 2687.679376][   T80]  addrconf_dad_work+0xc18/0x1410
[ 2687.684390][   T80]  process_one_work+0x6e1/0xba0
[ 2687.689232][   T80]  worker_thread+0xa6a/0x13b0
[ 2687.693900][   T80]  kthread+0x346/0x3d0
[ 2687.698105][   T80]  ret_from_fork+0x1f/0x30
[ 2687.702509][   T80] 
[ 2687.704834][   T80] Freed by task 5217:
[ 2687.708805][   T80]  kasan_set_track+0x4a/0x70
[ 2687.713391][   T80]  kasan_set_free_info+0x23/0x40
[ 2687.718318][   T80]  ____kasan_slab_free+0x125/0x160
[ 2687.723417][   T80]  __kasan_slab_free+0x11/0x20
[ 2687.728192][   T80]  slab_free_freelist_hook+0xc5/0x190
[ 2687.733552][   T80]  kfree+0xc0/0x270
[ 2687.737355][   T80]  release_nodes+0x753/0x7d0
[ 2687.741935][   T80]  devres_release_all+0x7c/0xa0
[ 2687.746888][   T80]  device_release_driver_internal+0x4cb/0x750
[ 2687.753123][   T80]  device_release_driver+0x19/0x20
[ 2687.758747][   T80]  bus_remove_device+0x2dd/0x340
[ 2687.763672][   T80]  device_del+0x696/0xed0
[ 2687.768172][   T80]  hid_destroy_device+0x6a/0x110
[ 2687.773234][   T80]  usbhid_disconnect+0x9f/0xc0
[ 2687.777990][   T80]  usb_unbind_interface+0x212/0x8c0
[ 2687.783187][   T80]  device_release_driver_internal+0x4bc/0x750
[ 2687.789436][   T80]  device_release_driver+0x19/0x20
[ 2687.794671][   T80]  bus_remove_device+0x2dd/0x340
[ 2687.799606][   T80]  device_del+0x696/0xed0
[ 2687.803965][   T80]  usb_disable_device+0x3a8/0x750
[ 2687.808982][   T80]  usb_disconnect+0x31e/0x850
[ 2687.813649][   T80]  hub_event+0x1912/0x4120
[ 2687.818052][   T80]  process_one_work+0x6e1/0xba0
[ 2687.822891][   T80]  worker_thread+0xd56/0x13b0
[ 2687.827556][   T80]  kthread+0x346/0x3d0
[ 2687.831613][   T80]  ret_from_fork+0x1f/0x30
[ 2687.836015][   T80] 
[ 2687.838359][   T80] Last potentially related work creation:
[ 2687.844073][   T80]  kasan_save_stack+0x3a/0x60
[ 2687.848743][   T80]  __kasan_record_aux_stack+0xd2/0x100
[ 2687.854283][   T80]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2687.860082][   T80]  kvfree_call_rcu+0x10c/0x620
[ 2687.864837][   T80]  neigh_destroy+0x445/0x570
[ 2687.869600][   T80]  neigh_cleanup_and_release+0x76/0x1a0
[ 2687.875143][   T80]  neigh_flush_dev+0x642/0x820
[ 2687.879897][   T80]  __neigh_ifdown+0x3f/0x380
[ 2687.884564][   T80]  neigh_ifdown+0x1f/0x30
[ 2687.888971][   T80]  rt6_disable_ip+0x616/0x6a0
[ 2687.893725][   T80]  addrconf_ifdown+0x144/0x1800
[ 2687.898563][   T80]  addrconf_notify+0x3bd/0xe90
[ 2687.903328][   T80]  raw_notifier_call_chain+0x90/0x100
[ 2687.909038][   T80]  __dev_notify_flags+0x28f/0x500
[ 2687.914051][   T80]  dev_change_flags+0xe8/0x1a0
[ 2687.918903][   T80]  do_setlink+0xbb4/0x3ab0
[ 2687.923328][   T80]  rtnl_newlink+0xd32/0x1640
[ 2687.927908][   T80]  rtnetlink_rcv_msg+0x9db/0xb90
[ 2687.932931][   T80]  netlink_rcv_skb+0x1e0/0x430
[ 2687.937684][   T80]  rtnetlink_rcv+0x1c/0x20
[ 2687.942093][   T80]  netlink_unicast+0x876/0xa40
[ 2687.946846][   T80]  netlink_sendmsg+0x88d/0xb30
[ 2687.951697][   T80]  ____sys_sendmsg+0x5a2/0x8c0
[ 2687.956458][   T80]  ___sys_sendmsg+0x1f0/0x260
[ 2687.961127][   T80]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 2687.966052][   T80]  do_syscall_64+0x31/0x40
[ 2687.970477][   T80]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2687.976445][   T80] 
[ 2687.978766][   T80] Second to last potentially related work creation:
[ 2687.985430][   T80]  kasan_save_stack+0x3a/0x60
[ 2687.990108][   T80]  __kasan_record_aux_stack+0xd2/0x100
[ 2687.995556][   T80]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2688.001438][   T80]  call_rcu+0x10e/0x1050
[ 2688.005673][   T80]  __ip6_del_rt+0xf5/0x150
[ 2688.010076][   T80]  ip6_del_rt+0xb0/0xf0
[ 2688.014318][   T80]  __ipv6_ifa_notify+0x81b/0xdb0
[ 2688.019331][   T80]  addrconf_ifdown+0xd5c/0x1800
[ 2688.024170][   T80]  addrconf_notify+0x3bd/0xe90
[ 2688.028929][   T80]  raw_notifier_call_chain+0x90/0x100
[ 2688.034285][   T80]  __dev_notify_flags+0x28f/0x500
[ 2688.039294][   T80]  dev_change_flags+0xe8/0x1a0
[ 2688.044049][   T80]  do_setlink+0xbb4/0x3ab0
[ 2688.048456][   T80]  rtnl_newlink+0xd32/0x1640
[ 2688.053037][   T80]  rtnetlink_rcv_msg+0x9db/0xb90
[ 2688.057963][   T80]  netlink_rcv_skb+0x1e0/0x430
[ 2688.062714][   T80]  rtnetlink_rcv+0x1c/0x20
[ 2688.067206][   T80]  netlink_unicast+0x876/0xa40
[ 2688.071962][   T80]  netlink_sendmsg+0x88d/0xb30
[ 2688.076815][   T80]  ____sys_sendmsg+0x5a2/0x8c0
[ 2688.081575][   T80]  ___sys_sendmsg+0x1f0/0x260
[ 2688.086344][   T80]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 2688.091366][   T80]  do_syscall_64+0x31/0x40
[ 2688.095776][   T80]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2688.101651][   T80] 
[ 2688.103973][   T80] The buggy address belongs to the object at ffff88811b04d800
[ 2688.103973][   T80]  which belongs to the cache kmalloc-512 of size 512
[ 2688.118024][   T80] The buggy address is located 64 bytes inside of
[ 2688.118024][   T80]  512-byte region [ffff88811b04d800, ffff88811b04da00)
[ 2688.131191][   T80] The buggy address belongs to the page:
[ 2688.136816][   T80] page:ffffea00046c1300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11b04c
[ 2688.147036][   T80] head:ffffea00046c1300 order:2 compound_mapcount:0 compound_pincount:0
[ 2688.155383][   T80] flags: 0x4000000000010200(slab|head)
[ 2688.160847][   T80] raw: 4000000000010200 ffffea000461b500 0000000500000005 ffff888100043080
[ 2688.169422][   T80] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 2688.178008][   T80] page dumped because: kasan: bad access detected
[ 2688.184603][   T80] page_owner tracks the page as allocated
[ 2688.190323][   T80] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 25335, ts 1756083638748, free_ts 1752089142619
[ 2688.211680][   T80]  prep_new_page+0x179/0x180
[ 2688.216274][   T80]  get_page_from_freelist+0x2235/0x23d0
[ 2688.221811][   T80]  __alloc_pages_nodemask+0x268/0x5f0
[ 2688.227170][   T80]  new_slab+0x84/0x3f0
[ 2688.231231][   T80]  ___slab_alloc+0x2a6/0x450
[ 2688.235822][   T80]  __slab_alloc+0x63/0xa0
[ 2688.240450][   T80]  __kmalloc_track_caller+0x1ef/0x320
[ 2688.245810][   T80]  __alloc_skb+0xdc/0x520
[ 2688.250217][   T80]  alloc_skb_with_frags+0xa2/0x560
[ 2688.255399][   T80]  sock_alloc_send_pskb+0x853/0x980
[ 2688.260591][   T80]  unix_dgram_sendmsg+0x5f4/0x17d0
[ 2688.265698][   T80]  ____sys_sendmsg+0x5a2/0x8c0
[ 2688.270447][   T80]  ___sys_sendmsg+0x1f0/0x260
[ 2688.275109][   T80]  __sys_sendmmsg+0x273/0x450
[ 2688.279794][   T80]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2688.284653][   T80]  do_syscall_64+0x31/0x40
[ 2688.289062][   T80] page last free stack trace:
[ 2688.293843][   T80]  __free_pages_ok+0x7fc/0x820
[ 2688.298691][   T80]  __free_pages+0xdd/0x380
[ 2688.303094][   T80]  __free_slab+0xcf/0x190
[ 2688.307425][   T80]  unfreeze_partials+0x15f/0x190
[ 2688.312440][   T80]  put_cpu_partial+0xc1/0x180
[ 2688.317118][   T80]  __slab_free+0x2c9/0x3a0
[ 2688.321617][   T80]  ___cache_free+0x111/0x130
[ 2688.326196][   T80]  qlink_free+0x50/0x90
[ 2688.330344][   T80]  qlist_free_all+0x5f/0xb0
[ 2688.334836][   T80]  kasan_quarantine_reduce+0x14a/0x160
[ 2688.340282][   T80]  __kasan_slab_alloc+0x2f/0xf0
[ 2688.345382][   T80]  slab_post_alloc_hook+0x5d/0x2f0
[ 2688.350485][   T80]  kmem_cache_alloc+0x165/0x2e0
[ 2688.355391][   T80]  sock_alloc_inode+0x1b/0xb0
[ 2688.360079][   T80]  new_inode_pseudo+0x62/0x210
[ 2688.364839][   T80]  __sock_create+0x12c/0x770
[ 2688.369413][   T80] 
[ 2688.371732][   T80] Memory state around the buggy address:
[ 2688.377376][   T80]  ffff88811b04d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2688.385522][   T80]  ffff88811b04d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2688.393594][   T80] >ffff88811b04d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2688.401641][   T80]                                            ^
[ 2688.407784][   T80]  ffff88811b04d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2688.415963][   T80]  ffff88811b04d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2688.424012][   T80] ==================================================================
[ 2688.432063][   T80] Disabling lock debugging due to kernel taint
[ 2688.439965][   T80] hid 0003:28DE:1102.0004: No HID_FEATURE_REPORT submitted -  nothing to read
[ 2688.464505][   T80] hid 0003:28DE:1102.0004: No HID_FEATURE_REPORT submitted -  nothing to read
[ 2688.474141][   T80] hid 0003:28DE:1102.0004: No HID_FEATURE_REPORT submitted -  nothing to read
[ 2688.487977][   T24] audit: type=1400 audit(3460.255:29455): avc:  denied  { read } for  pid=77 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 2688.490826][   T80] hid 0003:28DE:1102.0004: No HID_FEATURE_REPORT submitted -  nothing to read
[ 2688.510036][T29236] usb 8-1: Using ep0 maxpacket: 32
[ 2688.524519][   T80] hid 0003:28DE:1102.0004: No HID_FEATURE_REPORT submitted -  nothing to read
[ 2688.532575][   T24] audit: type=1400 audit(3460.255:29456): avc:  denied  { search } for  pid=77 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2688.554598][   T24] audit: type=1400 audit(3460.255:29457): avc:  denied  { append } for  pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2688.576632][   T24] audit: type=1400 audit(3460.255:29458): avc:  denied  { open } for  pid=77 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2688.599092][   T24] audit: type=1400 audit(3460.255:29459): avc:  denied  { getattr } for  pid=77 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2688.618152][T29236] usb 8-1: device descriptor read/all, error -71
[ 2688.628415][T25929] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 2688.637426][T25929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2688.645745][T25929] usb 1-1: Product: syz
[ 2688.650197][T25929] usb 1-1: Manufacturer: syz
[ 2688.654783][T25929] usb 1-1: SerialNumber: syz
[ 2688.678171][ T6126] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 2688.679128][T29241] usb 6-1: USB disconnect, device number 7
[ 2688.818198][T25929] aqc111: probe of 1-1:1.105 failed with error -22
[ 2688.834762][T25929] usb 1-1: USB disconnect, device number 11