last executing test programs:

45m36.452625195s ago: executing program 32 (id=28):
pipe(&(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100030000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
chdir(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r5, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001b40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x47, 0x0}}, 0x10)

41m25.122579661s ago: executing program 33 (id=701):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xd, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@noload}]}, 0x1, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x4, 0xffff67a9, 0xd4e3, 0x2, 0x7}, 0x8, 0x1, 0x3, 0x6, 0x6, 0x3, 0x11, 0xf, 0x3, 0xd, {0x83, 0x9, 0xfff, 0x232, 0x417, 0x5}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
close_range(r0, 0xffffffffffffffff, 0x300000000000000)

41m4.610444323s ago: executing program 34 (id=755):
pipe(&(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100030000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
chdir(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r5, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001b40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x47, 0x0}}, 0x10)

41m2.70451836s ago: executing program 35 (id=760):
pipe(&(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100030000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/14, @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
chdir(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r5, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001b40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x47, 0x0}}, 0x10)

35m27.396183221s ago: executing program 36 (id=1763):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
getpid()
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x246}, 0x0)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
getitimer(0x0, &(0x7f0000000440))
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

34m9.838616005s ago: executing program 37 (id=2051):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000580)={[{@inlinecrypt}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000018000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, 0x0, 0x0)
r7 = open(&(0x7f0000000080)='./file1\x00', 0x64042, 0x0)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)
sendmsg$nl_route(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x401, 0x0, 0xffffffff, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0x5}, @IFLA_IPTUN_PMTUDISC={0x5}]}}}]}, 0x44}}, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)

29m39.298184319s ago: executing program 38 (id=3482):
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

28m54.210266869s ago: executing program 39 (id=3737):
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000001a2ec2a63793546149159d0fa7f4d38e9c627b154e36a0959f7f4258c1f8904676326d55177073e9cf6bddbd527817acfb20acb001a88d3cec9347ec9be2662421f501f6c2f3aed5059f12db0e6a4fb5a6da292d44548aa2481a437e84d418e259af6c3c7dfce1822ea5c0309ad43fc91b4f8e6ba3a036575bbed588783d6c58444789fecce573a79a1bf939e6e39a18e642683e87bdc2aa9b49cb3254d26c23c023e7f87c4db3a2c2b915a7c43590f3fa9e6358b598cb182bddb551ca3a4c52afe4274f047f6b2d570d19d1632c75d804b2a3eee20e7675f261fbdc5cc54ac84158c47d14e478866a3726fe31cfb990f319feed7db422e6860abf55d58d8c6a45a5f2aca769c415d57a6f", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0x4000103, 0x4)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, &(0x7f00000001c0)=0x7)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x2000000000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
getpriority(0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000002000000"], 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = io_uring_setup(0x557e, &(0x7f0000000380)={0x0, 0xd559, 0x70ecb5653071ae6, 0x1, 0x226})
io_uring_setup(0x766, &(0x7f0000000400)={0x0, 0x26ec, 0x0, 0x10001, 0x22, 0x0, r1})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x8031, 0xffffffffffffffff, 0xc6ed4000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808b80200000000000000334d83239d1d2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a580900000000000000b4f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdfc6ea55887dfa18d0aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b2999600000000f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac23c3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa17bc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b447b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab84213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bc850f8035040ad9e562be58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808f109b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124ba263e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3010975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf3010100007e206a758a3f02816b4e097cfa3d46e45e7949c5b10691d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99940c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37df95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ef70c8a0121e7e8322cb8bc0f50ad33a17143a29c14ecadd1b6244e31b888d8f3fa03208d3e9a4826a98f31995509015ebdc89f2f3106e54d5898d3758b9bfc9e4924e9cedf7f8fd584e7185703cc5f23741ffb480b5a87cd7efcceb409d354bdab211ebd50ab12b13c1b8ce93093a59a0f952153c2efd10e72ec9ee5fa2a00f9637851ddb81d059f9a363c4ada68dd25f19ee9e4841acee7c1b35ad6f9d54cf4939ce78a55a04e655d7746a3989c6f33b02f8497aacb6bfca74"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000009500"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000340)='sched_switch\x00', r4}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r3, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fib_table_lookup\x00', r5}, 0x10)
r6 = socket(0x840000000002, 0x3, 0x100)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@filter={'filter\x00', 0xe, 0x4, 0x3c8, 0xffffffff, 0x200, 0x200, 0x200, 0xffffffff, 0xffffffff, 0x2f8, 0x2f8, 0x2f8, 0xffffffff, 0x4, &(0x7f0000000100), {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, [0xffffff00, 0x0, 0xffffffff, 0xffffffff], [0xff000000, 0xffffffff, 0x0, 0xff000000], 'batadv_slave_1\x00', 'bridge_slave_0\x00', {0xff}, {0xff}, 0x5e, 0x5, 0x3, 0x4}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'pimreg0\x00', {0xfff}}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0, [0xff, 0xffff00, 0xffffff00, 0xff], [0x0, 0xffffffff, 0xffffff00], 'batadv0\x00', 'ip6gretap0\x00', {}, {0xff}, 0x3a, 0x80, 0x2, 0x40}, 0x0, 0xd0, 0x110, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x81, 0x4, "e5d300937a0892c0cc3ddac6da67698eff9cd80014c5bb649535d984cfb2"}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)

28m30.24553003s ago: executing program 40 (id=3859):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="dc00000000010104000000000700000002000000240002801400018008000100e000000108000200e00000010c000280050001000000000008000480040003800800084000000000080008400000000734000f"], 0xdc}}, 0x0)

28m19.512267102s ago: executing program 41 (id=3909):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000000)={0xa, {0x6, 0x3, 0x6}}, 0xa)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000005d40)=[{{&(0x7f0000000180)=@can={0x1d, r5}, 0x80, 0x0}}, {{&(0x7f00000022c0)=@can={0x1d, r5}, 0x80, 0x0}}], 0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x12)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
bind$tipc(r8, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
close(0x3)
timer_settime(r7, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r11, 0x89f5, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@private=0xa010100, 0x1, 0x0, 0x10, 0x0, [{@loopback}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r10}, 0x18)
r12 = eventfd(0x0)
read$eventfd(r12, &(0x7f0000000240), 0x8)

27m6.37910438s ago: executing program 42 (id=4217):
mkdir(&(0x7f0000000400)='./file0\x00', 0x101)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f00000000c0), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, 0x0, 0x840)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)

26m57.575213696s ago: executing program 0 (id=4271):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000a806d0da18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r3}, 0x18)
close(r0)

26m56.951678304s ago: executing program 0 (id=4273):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x784, &(0x7f0000001900)="$eJzs3c1rHOUfAPDvbN7aNL9fIghaTwFBA6UbU2Or6KHiQQQLBT3bLpttqNlkS3dTmhDQIoIXQcWDoJeefak3r75c9V/w5EEsVdNixYNEZrPTbJvdNEmTbHU/H5js88zM5pnvPDPzPLvzMBtA1xpN/+QiDkbEe0nEcGN+EhF99VRvxPHV9W4uLxXTKYmVlVd+S+rr3FheKkbTe1IHGpmHI+LbtyMO5daXW11YnCmUy6Xzjfx4bfbceHWhPyIK06Xp0tzRicnJI8eeOnZ052L944fFoavvv/j4F8f/euuhK+9+l8TxGGosa45jp4zGaGOf9KW78DYv7HRhHZZ0egPYlvTU7Fk9y+NgDEdPPQUA/Je9ERErAECXSbT/ANBlsu8BbiwvFbOps99I7K1rz0fEvtX4s/ubq0t6G/fs9tXvgw7eSG67M5JExMgOlD8aEZ989dpn6ZTmf3y2u/Y/0DlvXoqI0yOj66//yboxC1v1xAbL+huvo3fM77b2Bzrp67T/83Sr/l/uVv8nWvR/Blqcu9tx1/N//w4UsoG0//dc09i2m03xN4z0NHL/q/f5+pIzZ8ul9Nr2/4gYi76BND+xQRlj1/++3m5Zc//v9w9e/zQtP31dWyP3S+/A7e+ZKtQK9xJzs2uXIh7pbRV/cqv+kzb935ObLOOlZ975uN2yNP403mxaH380RiftjpXLEY+1rP+1EW3J2vjExcNnZ+8YnzhePxzGs4OihS9/+miwXfnN9Z9OafnZZ4G9kNb/4MbxjyTN4zWrWy/j+8vD37Rbdvf4Wx///cmr9XTWj7hYqNXOT0T0Jy+vn39k7b1ZPls/jX/s0dbn/0bHf/qZ8HSrgFrUdO/VXz/ffvy7K41/akv1v/XElZszPe3K31z9T9ZTY405m7n+bXYD72XfAQAAAAAAAAAAAAAAAAAAAAAAAMBm5SJiKJJc/lY6l8vnV3/D+8EYzJUr1dqhM5X5uamo/1b2SPTlskddDjc9D3Wi8Tz8LH/kjvyTEfFARHw4sD/JnqM41eHYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzoM3v/6d+Huj01gEAu2ZfpzcAANhz2n8A6D7afwDoPtp/AOg+2n8A6D7afwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZyRMn0mnlz+WlYpqfurAwP1O5cHiqVJ3Jz84X88WhOJefrlSmy6V8sTJ7t/9XrlTOTcbc/MXxWqlaG68uLJ6arczP1U6dnS1Ml06V+vYkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmurC4kyhXC6dl9hGYuX+2IzOJ3oah9MuFJFEROcD3HAL74/N2OFEhy9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8S/wQAAP//iZYeGw==")
mknod(&(0x7f00000000c0)='./bus\x00', 0x8000, 0x77f8)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
r1 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, 0x0)

26m56.701236898s ago: executing program 0 (id=4278):
mount(0x0, 0x0, &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x400)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x804810, &(0x7f00000001c0)={[{@nombcache}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@sysvgroups}]}, 0x28, 0x77f, &(0x7f0000000a00)="$eJzs3M1rXOUaAPDnnGSafuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFt3VIJiHMSSZkJrUTC7auhdpsFARR1y5cuBVK/QMEF1JQcC+I1rhQoY6ckzQlaT6btFPS3w9Ozvu+5+N5nszhTQ7MOQG8sF7NfyQR/RFxKSLKK+NpRBwqWocjbizvt3T/+li+JNHpXP4lyQ+LpU559VzJyvpYFIfE/yPibini9LuPx222F+rVLKvNrfQHW9Ozg832wpmp6epkbbI2MzxyfujcyMi5oZFta/jfDms98cb5I7e/eX1x8bsvW7de6T2TxGhRd+7bwzs8yS4Vv5OeUoyuG595OuG6Jul2AgAA7Ej+f35PRPRGRCnK0VO0AAAAgIOk09dZq5QPAgAAAAdL4nYfAAAADriH3wN4+GxvvjzL7x/8/FpEDGwUv7d4hjjicJQi4uhSsubJhGT5MNiTGzcj4s7o+uvvs/wKu7HHcw+t7d5c2z20x7OzH+7k88/oRvNPujr/xAbzT+/Ddyfs0ebz36P4PZvMf5d2GOOrj18qbRr/ZsTLvRvFT1bjJ5vEfzNvfLF9/FuL793ebFvn04iTG/79SdbE2uL9EKMTU9mWrx+4+9epe1vVf7R468UG8ZOt65/dvvTC20u/1TebS/L4p45v/flvFD+/Jt5fySONiNsr67y/uC7G8envv96q/vGIzpN8/p/ssP4fP++7tsNdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJBGRH8kaWW1naaVSsSxiPhvHE2zRrN1eqIxPzOeb4sYiFI6MZXVhiKivNxP8v5w0X7UP7uuPxIR//nhyHLQqaxWGWtk490uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFXHIqI/krQSEWlE/F5O00oloncHx/Y9g/wAAACAfTLQ7QQAAACAp879PwAAABx8T3r/n+xzHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCBdunixXzpLN2/Ppb3x6+25+uNq2fGa816ZXp+rDLWmJutTDYak1mtMtaY3u58WaMxO3w+5q8NtmrN1mCzvXBlujE/07oyNV2drF2plZ5JVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxWf7EkaSUi0qKdppVKxL8iYiBKycRUVhuKiH9HxL1yqS/vD3c7aQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZds71Qr2ZZbe5FaDzodDrPQRrdasTfz0UaGvVq9k5EPL7pQafriT26WgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAE12wv1apbV5prdzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDuSn9KIiJfTpZP9K/feij5o1ysI+Ktjy5/cK3aas0N5+O/ro63PszH/2zNnd1d5GTfagAAAIAD78Judi7u38+urIefXlIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDB02wv1KtZVpvbW+NCtBc6ySb7dLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyfwTAAD//8zXxMg=")
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
sendfile(r1, r0, 0x0, 0x80008)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f0000000180)={[{@allow_utime={'allow_utime', 0x3d, 0xd85}}, {@errors_remount}, {@uid={'uid', 0x3d, 0xee00}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@namecase}, {@keep_last_dots}, {@gid={'gid', 0x3d, 0xee01}}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x13)
io_setup(0x200, &(0x7f0000000140)=<r4=>0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0xfe44, 0x0)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000000)=ANY=[], 0x57)
io_submit(r4, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, &(0x7f0000000000), 0x4030}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r6}, 0x38)

26m56.393672392s ago: executing program 0 (id=4283):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xb, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000800), 0x1, 0x0)
write$selinux_validatetrans(r1, &(0x7f0000000480)=ANY=[@ANYBLOB='system_u:object_r:setrans_var_run_t:s0 system_u:object_r:devpts_t:s0 000000000000000006 /u'], 0x6a)

26m56.248103284s ago: executing program 43 (id=4283):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xb, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000800), 0x1, 0x0)
write$selinux_validatetrans(r1, &(0x7f0000000480)=ANY=[@ANYBLOB='system_u:object_r:setrans_var_run_t:s0 system_u:object_r:devpts_t:s0 000000000000000006 /u'], 0x6a)

25m52.756779195s ago: executing program 9 (id=4603):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x18)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) (fail_nth: 2)

25m52.316581522s ago: executing program 9 (id=4605):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x2, 0xfffffffe, 0x3bd})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x201)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd})

25m52.077366445s ago: executing program 9 (id=4608):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x2, 0x3, 0x340, 0x0, 0xb8, 0x0, 0xb8, 0x0, 0x2a8, 0x2a8, 0x2a8, 0x2a8, 0x2a8, 0x3, 0x0, {[{{@ip={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'bond_slave_1\x00', 'veth1\x00'}, 0x0, 0x70, 0xb8, 0x0, {0x6020000}}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3f}}}, {{@ip={@local, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'nr0\x00'}, 0x0, 0x1c8, 0x1f0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'bridge_slave_1\x00'}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000300)={0x1}, 0x38)
sendto$inet(r2, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(r2)
eventfd2(0x0, 0x0)
r3 = syz_io_uring_setup(0xdb8, &(0x7f0000000400)={0x0, 0x110000, 0x200, 0xfffffe, 0x3fbfff9}, &(0x7f0000004000), 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x10, 0x1b, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd01802e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c1758585757144e5ee3f7f4dcecc98123f9ded3afdebe13d79a7a101ef8bc6e6fb853111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd7974a3a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb8a5869e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af962462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x18)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @broadcast}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x4a, {0x2, 0x0, @private=0xa010102}, 'veth0_to_team\x00'})
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0)

25m52.052761015s ago: executing program 9 (id=4610):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x1000803, &(0x7f0000002ac0)=ANY=[], 0x2, 0x1ed, &(0x7f0000000540)="$eJzsmb+LE0EUx78zu9mchxzYWNhYeOCJ3mZ3o3LNFSdYCsIpahnMGqKbRJIVkoBgsLHRzkKwtbG0sLCy8C+w1UIFwcKUdsLIzM7uDskmxF+5Iu8DmXxn5mXmvQf7LTYgCGJl+fL5x6fHF3aunAFwGJso6/VvVh7DjfiPz+6dfrp78fmrDy/etTfuv5k8jwEQYvH7HQBv9yzEYHayIgQ28v1NIwWtcRUcp7S+BgY3kT+FIpmEYLihY24bunNIiyh0b3ai+q1mFHpy8OUQyKFq5ieTGo8Y6gDWVHZCMGO/NxjeqUVR2J0UJZHeM7X1u4LP6Z/Kb49jF2n3hJDx1x89HMm57g088Kx/Pjh8ratg2Nd6B2W4rpu3xKj/mJ2fby1S/38RTxYNfqnEke1lJZY+I0vtxuqJ0j85h02uyAc6Wzk6Tj3QjPl64LX/uVDGBWBq6/16FF36i5OdgkZlIvcn6ewnDX+yYWf+UYlbdyu9wXC72ao1wkbYDoLqee+s550LKsqIknGO/60pf1o3zi/NiHWYg34tjrt+H4i7fjYPkjEvAPuvO9/Vb7jyP46tE2qqPFWVXS6+g+kPV99SbVnFkQ9m1kQQBEEQBEEQBEEQBEEQBFHMcTAk/4QJpl+IFhFcVm8ofwUAAP//Mr5mlg==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x0, 0x1, 0x20010, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000000)={0xb585, 0x6})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x29}]}, &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5")
setxattr$trusted_overlay_upper(&(0x7f00000003c0)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x60a03, 0xb0)
fchown(r5, 0x0, 0xee01)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f00000001c0)="8d3e23e3b48f3796e473f5cfe047bb91fff0684cee2749f4fbe8e55ba40253e70108f80d5265b556536c3ad685cf6925de67371cd401258dc822293daf7b2232f80d497cd73a98b4", 0x0, 0x48)
syz_clone(0x20a000, &(0x7f0000000300)="24392d564db614e4283df233756d0d75152bb0745861df883ad01d9f013ae4b9c835994e106613fbb7d4d3e708d41079517f6579dad218255a850ca555e6bcd7d06b412de76f46007d465a1c230f4b8dc17ee07b309afcbbe732c49b15a47c74bca1b7e1a909dffdb6bda0c67911354e25c78369984c6000a4b48024ef51006d3977f67b0430073775632fdd5be54ddfc960", 0x92, &(0x7f0000000100), &(0x7f0000000240), &(0x7f0000000400)="7ff7c8a171c55c841c55b124d386d64af81c34e3e9a07cb1c739fa6f48ca5c645fe3dd5420f6784b3ae39626154aae50d38b5aa16e44effb5c2b30424d6879e824eb38254cd40372b6a7cd5e3a6a13427e83451d64a40b6b53c61b6367501d12d1772d7890708ae2e196f3abfbc0fbc71b89838022d0304f8fdcfd98c1c89ba74ffd60e30d5200b5622639d590535b290eb2676e0c15290f8d59441606776f2390c813e3dcf0fda41b90070a2f340c01b13ec4c8064ae6a951b5d5cf169b55cac41981ba685b6e3169dc1ad05d9fe4690bf7d53b18f7dc8e067a4af97cb625519a7a1e5e83dcb9b032fab8f2da1ac02733")
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80, 0x0)

25m49.263665515s ago: executing program 9 (id=4615):
openat(0xffffffffffffffff, 0x0, 0x5e3040, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setrlimit(0xa, &(0x7f00000001c0)={0x3, 0x936})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xd, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x800}]}}]}, 0x38}}, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000140), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
pselect6(0x0, 0x0, &(0x7f0000000100)={0xffffffff, 0x8000000000000001, 0x7, 0x4, 0x7ff, 0x0, 0x5, 0x1912}, 0x0, &(0x7f0000000380), &(0x7f0000000400)={0x0})
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x40)

25m49.024001109s ago: executing program 9 (id=4620):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00), &(0x7f0000001c40)=r4}, 0x20)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='setgroups\x00')
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @broadcast}, 0x2, 0x1000000}}, 0x2e)
socket$pppl2tp(0x18, 0x1, 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)

25m48.94044425s ago: executing program 44 (id=4620):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00), &(0x7f0000001c40)=r4}, 0x20)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='setgroups\x00')
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @broadcast}, 0x2, 0x1000000}}, 0x2e)
socket$pppl2tp(0x18, 0x1, 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)

22m54.369344569s ago: executing program 4 (id=5435):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x2800, 0x0) (async)
unshare(0x22020600)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7, 0x6, 0x4d, 0x39cc191a, 0x5d, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0xb, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xe, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0xffffffff, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x3, 0x0, 0x7, 0x4, 0x2f, 0xe, 0x312, 0x7b, 0x0, 0x0, 0x8, 0x4, 0x8000, 0x9, 0x328, 0x401, 0xa, 0x4, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0xa, 0x9, 0x6, 0xb, 0x8000, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x9, 0xffffffff, 0x3, 0x1000003, 0x9, 0x48c93690, 0x42, 0x400002], [0x6, 0x6, 0x80000001, 0x5, 0xff, 0x100, 0x8ce, 0x9, 0x5, 0x7fff, 0x0, 0x1000006, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1ef, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x81, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x200, 0x80, 0x2, 0xcc52, 0x950bfaf, 0x1002, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0x400ac8, 0xbf, 0x10002, 0x3, 0x7ff, 0x3, 0x0, 0x1, 0x7ad, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x0, 0x3, 0x5, 0x1, 0x6, 0x6, 0x0, 0x3, 0x80ce7, 0x1ff, 0x4, 0x7, 0xc, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xb, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x7c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0}, 0x10) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000010000800000000060c9000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
fcntl$setstatus(r1, 0x4, 0x800)
r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x197642, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r4}, 0x18) (async)
ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 32)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) (async, rerun: 64)
fdatasync(r5) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400), 0x4) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r5, 0x81ff)
pread64(r0, &(0x7f00000001c0)=""/145, 0x91, 0x8) (async)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x37, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r6=>0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r7=>0x0, <r8=>0x0})
clock_gettime(0x0, &(0x7f0000000100)={<r9=>0x0, <r10=>0x0})
timer_settime(r6, 0x1, &(0x7f0000000140)={{r7, r8+10000000}, {r9, r10+60000000}}, &(0x7f0000000180))

22m54.189023961s ago: executing program 4 (id=5437):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x42, &(0x7f0000000040), 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000013c0)=ANY=[@ANYBLOB="1800000500000000009abf5f0347a67c776d4f328fc9c16d000012000800"/40], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001440)={{}, 0x0, &(0x7f0000001400)=r4}, 0xffc2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xc, &(0x7f0000001580)=ANY=[@ANYRESDEC=r0], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000280)={0xa, 0x6e26, 0x1, @mcast1, 0x8}, 0x1c)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f00000083c0)={{0x1}})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x25a5, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, 0x0)
read(r6, &(0x7f00000003c0)=""/4096, 0x1000)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x54a2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
ioperm(0x0, 0x2, 0x2)
setuid(0xee01)
epoll_create1(0x80000)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000001c0)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x1272, &(0x7f0000002880)="$eJzs3U1rY1UcB+B/2vR1bFJ1HJ0B8aAbRYjTLly5KTIDYkGpdkAF4Y5NNTRtShMKEXHqypXgxxB16U4Qv0A3blwLgkg3LmchXmmTcSZN2tFOm8rwPJt7OOf87jm3t1y44Rzu3itfrq+tNiurWStGCoUobo5F8XaKFCMxGh078cKNn395+q133n19YXHx2lJK1xfenns5pVR65of3Pvn22R9bF258V/p+InZn39/7Y/7X3Uu7l/f++iZqzVRrpo1GK2XpZqPRym7Wq2ml1lyrpPRmvZo1q2myO8bd9tV6Y3OznbKNlZnpza1qs5myjXZaq7ZTq5BaW+2UfZjVNlKlUkkz08GDWP76dp7nEXk+FuOR53k+FdNxIR6JmShFOWbj0XgsHo+L8URciifjqbh80Ou85w0AAAAAAAAAAAAAAAAAAAAPl/vs/y/07/+fOO8pAwAAAAAAAAAAAAAAAAAAwEPn8P7/YoTv/wMAAAAAAAAAAAAAAAAAAMCQ3ef7/4f2/79o/z8AAAAAAAAAAAAAAAAAAACchcnOYSmlyYj1z7eXt5c7x079wmrUoh7VuBrl+DMOdv93dMrXX1u8djUdmI2X1m9187e2l0d783Nj5ZgtDMzPdfKpNz8R0/fm56McFwePPz8wPxnPP7ef/6yTr0Q5fvogGlGPlYhC9+oP8p/OpfTqG4tTvfkr+/2ONHrGtwUAAABOUyX9o//9fafbaWB7p6n7fp66PQvH/D5w6P28GFeK53XV3NFsf7yW1evVrRMWxo8+z3hvzVS354nHKkRE1hMvTf+2tH/Kk07+1AqjQx107Pg+D3BPo/g/+GOeQuH3r+6pmYxuoRRDGX2k+4+e1fefn/8uFTt5fqYTGx/UNHFc6uhnRuGMn0kMz92bft4zAQAAAAAAAAAA4L8YuPpvKiL61gN+1FdzZ3l4b7z/zEeP/sUQrhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G924FgAAAAAQJi/dRodGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8FQAA//+6H8Xv")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)

22m50.990269357s ago: executing program 4 (id=5445):
dup(0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

22m50.938849547s ago: executing program 4 (id=5446):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000007380)={{{@in6=@empty, @in6=@remote}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000007480)=0xe8)
getgid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x10)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x18)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

22m50.883073318s ago: executing program 4 (id=5448):
r0 = syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000204f045db600000000000109022d00010000600209040010050300010009210000360122050009058103"], 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0))
syz_emit_ethernet(0x77, &(0x7f0000000380)={@local, @broadcast, @void, {@ipv4={0x800, @generic={{0xa, 0x4, 0x1, 0x1, 0x69, 0x66, 0x0, 0x2, 0x2a, 0x0, @dev={0xac, 0x14, 0x14, 0x35}, @multicast2, {[@timestamp={0x44, 0x10, 0x85, 0x0, 0x5, [0x8, 0xfffffffe, 0x200]}, @noop]}}, "b7e2b70dda77e88c80955c9db27350fbffffffdd44a09694ca061454e3f69257a0755d106f259f2f000052609dfb90c0e129cfc4c59123f266948778005c46914e"}}}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x840}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f0000000000)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x3})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0x5, {[@global=@item_012={0x2, 0x1, 0x8, "8387"}, @main=@item_012={0x1, 0x0, 0x1d, '('}]}}, 0x0}, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0xfffffffc]}})
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaa8903aa4ddeae168a74d1aaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e2200649078020000000100000004001000628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74882ed6741e7632daeaec0c95f2ad1cd68fb3d9fd3efe8e4ea8b5ec7448ddd6a3215990e1b896"], 0x0)
listen(r3, 0x9d4e)

22m50.652258982s ago: executing program 4 (id=5450):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xff}}, @typedef={0x0, 0x0, 0x0, 0x10, 0x4}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

22m50.335111166s ago: executing program 45 (id=5450):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xff}}, @typedef={0x0, 0x0, 0x0, 0x10, 0x4}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

21m46.495156732s ago: executing program 7 (id=5794):
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) (async, rerun: 64)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) (rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="1b00000000000000000000000080", @ANYRES32=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 64)
r3 = getpid() (rerun: 64)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000131000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@file={0x0, './file1\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) (async, rerun: 32)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async, rerun: 32)
munlockall()
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, 0x0) (async)
r7 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0) (async)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000540)=ANY=[@ANYBLOB='keep_last_dots,umask=00000000000000000000005,sys_tz,errors=continue,iocharset=maccenteuro,discard,iocharset=cp860,errors=remount-ro,gid=', @ANYRESHEX, @ANYBLOB="2c616c9d73d324f278966a24a048d8887f576c6f775f7574696d653d30070000000000000030303030303231333433363033372c0047b90930291197f04785266e30aacf00397726d74062ee55e51d371c52ac596e281f3c29f05dd9eef1c26cd24c7d4ea0500f27ce567ed8efb32267913241cb40ec7d4b13a96e276485e90074459f03981840c24552e32494"], 0x1, 0x1544, &(0x7f0000001cc0)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k0uiyTJJUkuSZIkSW4JSZMcSUgMuSUNSUguQ3IZQnKZmDTu9/slIUmaJAnJLVn/zxQ/OXX+55xfp5zPb57v57M/s55377X2s9/nfd+995p35pvOQ2o0qlm1ARHBH4K//EgEgFgAGAAA1wBAAABl48rGZa7PLjHxj+2E/Wc9lHKlM2BXEtc/a+P6Z21c/6yN65+1cf2zNq5/1sb1z9q4/oxlZZum5b+Wl6y7XMn5/+N/bI/sD+Pz//8hGSXHfLGm5PVdAGL+1S5c/6yN6/9/VvCvbMT1z9q4/llV7JVOgP0X4Pd/VpDtH67h+mdtXH/GsrIrPf/8d0suAPhL9wmR/7rn4K89fsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7C9w2l+iAOBi+0rnxRhjjDHGGGOMsf8cn+1KZ8AYY4wxxhhjjLE/H4IACQoCiIFsEAvZIQcIALgacsE1EIFrIQ6ug9xwPeSBvJAP8kM8FICCoMGABYIQCkFhiMINUARuhKJQDIpDCXBQEkrBTVAaboYycAuUhVuhHNwG5aECVIRKcDtUhjugCtwJVeEuqAbVoQbUhLuhFtwDteFeqAP3QV24H+rBA1AfHoQG8BA0hIehETwCjeFRaAJNoRk0hxb/q/4vQHd4EXpAT0iEXtAbXoI+0Bf6QX8YAC/DQHgFBsGrkASDYQi8BkPhdRgGb8BwGAEj4U0YBW/BaBgDY2EcJMN4mABvw0R4BybBZJgCUyEFpsF0eBdmwEyYBe/BbHgf5sBcmAfzIRU+gAWwENLgQ1gEH0E6LIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBdtgBH8NO+AR2wW7YA5/CXvjs3+x/6u/6d0FAQIECFSqMwRiMxVjMgTkwJ+bEXJgLIxjBOIzD3Jgb82AezIf5MB7jsSAWRIMGCQkLYSGMYhSLYBEsikWxOBZHhw5LYSksjTdjGSyDZbEslsNyWB4rYAWshJWwMlbGKlgFq2JVrIbVsAbWwLvxbuyFtbE21sE6WBfrXpyewgbYABtiQ2yEjbAxNsYm2ASbYTNsgS2wJbbEVtgK22AbbIttsR22wwRMwPbYHjtgB+yIHbETdsLO2Bm7YFfsmvFCNsAX8UXsidVEL+yNvbEPJmXrh/2xP76MA/EVfAVfxSQcjEPwNXwNX8dheBKH4wgciSOxsngLR+MYJDEOkzEZJ+AEnIgTcRJOxsk4FVNwGk7H6TgDZ+JMfA9n4/v4Ps7FuTgfUzEVF+BCTMM0XISnMB0X4xJcistwOS7DlbgKV+IaXItrcD2ux424ETfjZtyKW3E7bsePUQHgJ7gbd2MS7sW9uA/34X7cjwfwAGZgBh7Eg3gID+FhPIxH8AgexWN4HI/hCTyBJ/EUnsbTeBbP4jl8Lv6rhh8XW50EIpMSSsSIGBErYkUOkUPkFDlFLpFLRERExIk4kVvkFnlEHpFP5BPxIl4UFAWFEUaQCGMAQERFVBQRRURRUVQUF8WFE06UEqVEaVFalBFlRFlxqygnbhPlRQXR2lUSlURl0cZVEXeKqqKqqCaqixqipqgpaolaoraoLeqIOqKuqCvqiQdEfdEL++FDIrMyjcRgbCyGYBPRVMgLn2AtxTBsJVqLNuIJMQKHYzvR0iWIp0V7MRo7iL+JMfis6CTGYWfxvOgiuopu4gXRXbRyPURPMQl7id5iKvYRfUU/0V/MwOriPZydvYZ4VSSJwWKIeE3Mx9fFMPGGGC5GiJHiTTFKvCVGizFirBgnksV4MUG8LSaKd8QkMVlMEVNFipgmpot3xQwxU8wS74nZ4n0xR8wV88R8kSo+EAvEQpEmPhSLxEciXSwWS8RS731PsUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFDfCx2ik/ELrFb7BGfir3iM7FPfC72iy/EAfGlyBBfiYPia3FIfCMOi2/FEfGdOCqOiePie3FC/CBOilPitDgjzoofxTnxkzgvvACJUkgplQxkjMwmY2V2mUNeJXPK4MKze62Mk9fJ3PJ6mUfmlflkfhkvC8iCUksjrSQZykKysIzKG2QReaMsKovJ4rKEdLKkLCVvkqXlzbKMvEWWlbfKcvI2WV5WkBVlJXm7rCzvkBD5ZR/VZHVZQ9aUd8tEuEfWlvfKOvI+WVfeL+vJB2R9+aBsIB+SDeXDspF8RDaWj8omsqlsJpvLFvIx2VI+LlvJ1rKNfEK2lU/KdvIpmSCflu2lv/ASeVZ2ks/JzvJ52UV2ld3kT/K89LKH7CmhF8je8iXZR/aV/WR/OUC+LAfKV+Qg+apMkoPlEPmaHCpfl8PkG3K4HCFHyjflKPmWHC3HyLFynEyW4+UE+bacKN+Rk+RkOUVOlSlymux3YaRZUv7T/m//Tv9BP+99o9wkN8stcqvcJrfLHfJjuVPulLvkLrlH7pF75V65T+6T++V+eUAekBkyQx6UB+UheUgeloflEXlEHpXH5Bn5vTwhf5An5Sl5Sp6RZ+VZee7CcwAKlVBSKRWoGJVNxarsKoe6SuVUV6tc6hoVUdeqOHWdyq2uV3lUXpVP5VfxqoAqqLQyyipSoSqkCquougEvvGBUcVVCOVVSlVI3/Tv9VRF1oyqqil3W/2J+if8gvxaqhWqpWqpWqpVqo9qotqqtaqfaqQSVoNqr9qqD6qA6qo6qk+qkOqvOqovqorqpbqq76q56qB4qUSWq3uol1Uf1Vf1UfzVAvawGqoFqkBqkklSSGqKGqKFqqBqmhqnhargaqUaqUWqUGq1Gq7FqrEpWyWqCmqAmqolqkpqkpqgpKkWlqOlqupqhZqhZapaarWarOWqOmqfmqVSVqhaoBSpNpalFapFKV4vVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWuNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqQ2Wog+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nXvYFIhCBClQQE8QEsUFskCPIEeQMcga5glxBJIgEcUFckDu4PsgT5A3yBfmD+KBAUDDQgQlsIC4UPRrcEBQJbgyKBsWC4kGJwAUlg1LBTUHp4OagTHBLUDa4NSgX3BaUDyoEFYNKwe1B5eCOoEpwZ1A1uCuoFlQPagQ1g7uDWsE9Qe3g3qBOcF9QN7g/qBc8ENQPHgwaBA8FDYOHg0bBI0Hj4NGgSdA0aBY0D1r8R8f3/mTex10P3VMn6l66t35J99F9dT/dXw/QL+uB+hU9SL+qk/RgPUS/pofq1/Uw/YYerkfokfpNPUq/pUfrMXqsHqeT9Xg9Qb+tJ+p39CQ9WU/RU3WKnqan63f1DD1Tz9Lv6dn6fT1Hz9Xz9Hydqj/QC/RCnaY/1Iv0RzpdL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0x3qn/kTv0rv1Hv2p3qs/0/v053q//kIf0F/qDP2VPqi/1of0N/qw/lYf0d/po/qYPq6/1yf0D/qkPqVP6zP6rP5Rn9M/6fPaZ17cZ57ejTLKxJgYE2tiTQ6Tw+Q0OU0uk8tETMTEmTiT2+Q2eUwek8/kM/Em3hQ0BU0mMmQKmUImaqKmiCliipqiprgpbpxxppQpZUqb0qaMKWPKmrKmnClnypvypqKpaG43t5s7zB3mTnOnucvcZaqb6qamqWlqmVqmtqlt6pg6pq6pa+qZeqa+qW8amAamoWloGplGprFpbJqYJqaZaWZamBampWlpWplWpo1pY9qatqadaWcSTIJpb9qbDqaD6Wg6mk6mk+lsOpsupovpZrqZ7qa76WF6mESTaHqb3qaP6WP6mX5mgBlgBpqBZpAZZJJMkhlihpihZqgZZoaZ4WaEGZl5oWreMqPNGDPWjDPJJtlMMBPMRDPRTDKTzBQzxaSYFDPdTDczzAwzy8wys81sM8fMMfPMPJNqUs0Cs8CkmTSzyCwy6SbdLDFLzDKzzKwwK8wqs8qsMWvMOlhnNpgNZpPZZLaYLSbzLL3D7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTYTLMQXPQHDKHzGFz2GDiEXPUHDXHzXFzwpwwJ81Jc9qcNmdN3gvnS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5r0sNtbaoraYLW5LWGdL2lL2pt/E5W0FW9FWsrfbyvYOW+U3cS17j61t77V17H22pr37sriuvd/Ws4/Y+ogAtqltaJvbRvYR29g+apvYpraZbW7b2idtO/uUTbBP2/b2md/EC+xCu8qutmvsWrvL7ran7Rl7yH5jz9ofbQ/b0w6wL9uB9hU7yL5qk+zg38Qj7Zt2lH3LjrZj7Fg77jfxFDvVpthpdrp9186wM38Tp9oP7GybZufYuXaenf9znJlTmv3QLrIf2XQbwBK71C6zy+0Ku/J/cl1q19sNdqPdaT+xW+xWu81utzsuXgjb3XaP/dTutZ/Zg/Zru99+YQ/YwzbDfvVznHl8h+239oj9zh61x+xx+709YX9QF3tnHvv39id73noLhAQkSVFAMZSNYik75aCrKCddTbnoGorQtRRH11Fuup7yUF7KR/kpngpQQdJkyBJRSIWoMEXpBrqYXnEqQY5KUim6iUrTzVSGbqGydCuVo9uoPFWgilSJbqfKdAdVoTupKt1F1ag61aCadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMT1KTagpNaPm1IIeo5b0OLWi1tSGnqC29CS1o6cogZ6m9vQMdaC/UUd6ljrRc9SZnqcu1JW60QvUnV6kHtSTEqkX9aaXqA/1pX7UnwbQyzSQXqFB9Col0WAaQq/RUHqdhtEbNJxG0Eh6k0bRWzSaxtBYGkfJNJ4m0Ns0kd6hSTSZptBUSqFpNJ3epRk0k2bRezSb3qc5NJfm0XxKpQ9oAS2kNPqQFtFHlE6LaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtDHtJM+oV20m/bQp7SXPqN99Dntpy/oAH1JGfQVHaSv6RB9Q4fpW9+TvqOjdIyO0/d0gn6gk3SKTtMZOks/0jn6ic6TJwgxFKEMVRiEMWG2MDbMHuYIrwpzhleHucJrwkh4bRgXXhfmDq8P84R5w3xh/jA+LBAWDHVoQhtSGIaFwsJhNLwhLBLeGBYNi4XFwxKhC0uGpcKbwtLhzWGZ8JawbHhrWC68LSwfVggfua9SeHtYObwjrBLeGVYN7wqrhdXDGmHN8O6wVnhPWDu8N6wT3heWCe8P64UPhPXDB8MG4UNhw/DhsFH4SNg4fDRsEjYNm4XNwxbhY2HL8PGwVdg6bBM+EbYNnwzbhU+FCeHTYfvwmZ/X37/wH69PDHuFvcOXwpdC7++V86Lzo6nRD6ILogujadEPo4uiH0XTo4ujS6JLo8uiy6Mroiujq6Kro2uia6ProuujG6Ibo97XzAYOnXDSKRe4GJfNxbrsLoe7yuV0V7tc7hoXcde6OHedy+2ud3lcXpfP5XfxroAr6LQzzjpyoSvkCruou8EVcTe6oq6YK+5KOOdKulKuuWvhWriW7nHXyrV2bdwT7gn3pHvSPeWeck+79u4Z18H9zXV0z7pO7jn3nHvedXFdXTf3guvuxuf65T2Z6Hq73q6P6+P6uX5ugBvgBrqBbpAb5JJckhvihrihbqgb5oa54W64G+lGulFulBvtRruxbqxLdslugpvgJrqJbpKb5Ka4KS7Fpbjpbrqb4Wa4yjN/2cscN8fNc/Ncqkt1C1zmNWOaW+QWuXSX7pa4JW6ZW+ZWuBVulVvl1rg1bp1b5za4DW6T2+S2uC1um9vmdrgdbqfb6Xb5a34Z1O11+9w+t9/tdwfcly7DfeUOuq/dIfeNO+y+dUfcd+6oO+aOu+/dCfeDO+lOudPujDvrfnTn3E/uvPMuOTI+MiHydmRi5J3IpMjkyJTI1EhKZFpkeuTdyIzIzMisyHuR2ZH3I3MicyPzIvMjqZEPIgsiCyNpkQ8jiyIfRdIjiyNLIksjyyLLI94X2BL6Qr6wj/obfBF/oy/qi/nivoR3vqQv5W/ypf3Nvoy/xZf1t/py/jZf3lfwFf2jvolv6pv55r6Ff8y39I/7Vr61b+Of8G39k76df8on+Kd9e/+M7+D/5jv6Z30n/5zv7J/3XXxX382/4Lv7F30P39Mn+l6+t3/J9/F9fT/f3w/wL/uB/hU/yL/qk/xgP8S/5of61/0w/4Yf7kf4kTFv+lEXb5FhnE/24/0E/7af6N/xk/xkP8VP9Sl+mp/u3/Uz/Ew/y7/nZ/v3/Rw/18/z832q/8Av8At9mv/QL/If+XS/+OKksl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrvf4T/2O/0nfpff7ff4T/1e/5nf5z/3+/0X/oD/0mf4r/xB/7U/5L/xh/23/oj/zh/1x/xx/70/4X/wJ/0pf9qf8Wf9j/6c/8mf579ZY4wxxhj7l4y/1BSXr/llOr/X7/QRv9q4NwBcvTV/xq/XZ15RrsvzS7uviG8bAYCne3Z+6OJSrVpiYuKFbdMlBIXnAlz8TVCmGLgUL4Y28CQkQGso/bv59xVdz9I/GT96K0COX/WJhUvxpfE/B8DE3xn/sSdGLigXno77/4w/F6Bo4Ut9ssOleDG0+Xl+pTWU+Qf55235T/LP/kUyQKtf9ckJl+JL+ZeCx+EZSLhsS8YYY4wxxhhj7Bd9RcWOF+8/L37j8/fuz+N/NTuQDQDiL3xr4J/dnzPGGGOMMcYYY+zKe7Zrt6ceS0ho3fHfb1T5X/X6lxuN4c8a+U9oBPBfkcYfangP/3MUCgD+4IAAmQ35Vx7F5j9lZIDLH0m68Nb5+42XnfEB/HeU8t9sXPwO+GWrruSnEmOMMcYYY+zPcOk24PLH1ZVKiDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYy4L+in8wdqWPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/l8AAAD//2gQ/fc=") (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000ce0000000c0000000c00000003000000080000000000000c05000000003000"], &(0x7f0000000300), 0x27, 0x0, 0x0, 0x4, 0x10000, @value=r7}, 0x28) (async, rerun: 64)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async, rerun: 64)
setsockopt$packet_fanout_data(r8, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x9e9, 0x0, 0xa}, {0x6}]}, 0x10) (async, rerun: 64)
syz_emit_ethernet(0x159, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd63826e8701232101fe8000000000180000000000000000aa00"/48], 0x0)

21m46.440399263s ago: executing program 7 (id=5795):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1805000003000000000000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000500000085000000820000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000004000000ff0f000007", @ANYRES8=r1, @ANYRES64=r5], 0x48)
r7 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000380), 0x1, 0x0)
ioctl$AUTOFS_IOC_FAIL(r7, 0x9361, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsmount(r8, 0x0, 0x8)
fsconfig$FSCONFIG_SET_FD(r8, 0x5, &(0x7f0000000140)='&/(\\\xc7*^{@::@([(\x11&\xcb\x00', 0x0, r8)
r9 = getpgrp(0x0)
ptrace$getregset(0x4204, r9, 0x201, &(0x7f0000000200)={&(0x7f00000002c0)=""/155, 0x9b})
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r12}, 0x10)
r13 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r14=>0xffffffffffffffff})
getsockname$packet(r14, &(0x7f0000000100)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r13, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r15}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000080), &(0x7f0000000180)='%-010d \x00'}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

21m46.100651108s ago: executing program 7 (id=5797):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x7, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fremovexattr(r2, &(0x7f0000000040)=@known='system.posix_acl_default\x00')

21m45.698456533s ago: executing program 7 (id=5798):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x3, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xb31e33583c523bf1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000140)=ANY=[@ANYBLOB="19000000", @ANYRES16=r3, @ANYBLOB="010000000000fddbdf2507"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80000)
r6 = dup(r5)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000080)=0x10)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x1000, 0x1, &(0x7f0000000800))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

21m45.066080373s ago: executing program 7 (id=5801):
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x20, @none}, 0xe)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0xffffffffffffffff, &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x3, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x10, 0x4, 0x4, 0x20bf22, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000800400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000088000007b8af8ff00000000bfa200000000000007020000f8ffffffb703040008000000b71600000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r4, 0x4068aea3, &(0x7f0000001740))
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001000010000000000ecffffff00000000", @ANYRES32=r5, @ANYBLOB="0000000000000000300012800e0001006970366772657461700000001c00028006000f000000000006000e"], 0x50}}, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f00000004c0)=ANY=[@ANYRES16=r6], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="1802000000000000000800030000000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000740)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r8, r7, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0x18, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x9b, 0x0, 0x0, 0x0, 0x7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x57}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x1, 0x6, 0x7, 0x9, 0xffffffffffffffc0, 0x10}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x1}]}, &(0x7f00000001c0)='syzkaller\x00', 0x63f04d65, 0xe3, &(0x7f0000000280)=""/227, 0x40f00, 0x48, '\x00', r5, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0xf, 0x7, 0x7}, 0x10, r8, 0x0, 0x4, &(0x7f00000003c0)=[r2], &(0x7f0000000400)=[{0x3, 0x5, 0xb, 0x9}, {0x1, 0x5, 0x10, 0x8}, {0x5, 0x1, 0x10, 0xb}, {0xfffffb08, 0x4, 0xa, 0xa}], 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$inet6(0xa, 0x3, 0x3c)
r10 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r10, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
connect$inet6(r9, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @dev, 0x9}, 0x1c)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)
syz_emit_ethernet(0x2a, &(0x7f00000017c0)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb0800454200faff65000006119078ac1414bbac1414aafe12488c789a093dcfeec0b897dc44bfa1d0f05c60d4cdb1cdbbda1367ba7fda57d3a8"], 0x0)

21m44.903229615s ago: executing program 7 (id=5806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f00000004c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r7 = syz_open_dev$evdev(&(0x7f0000000300), 0x66, 0x2000)
ioctl$EVIOCGLED(r7, 0x80404519, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r8}, 0x10)
fcntl$dupfd(r9, 0x406, r9)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioctl$EVIOCGSND(r7, 0x8040451a, &(0x7f0000001500)=""/65)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x70, r6, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x8, @mcast1, 0x6}}, {0x20, 0x2, @in6={0xa, 0x0, 0x40000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x55}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000009642849b7d72462d00"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r12, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8441, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r13 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r13, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x400)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@ipmr_newroute={0x3c, 0x18, 0x404, 0x70bd29, 0x25dfdbff, {0x80, 0x0, 0x20, 0x9, 0x0, 0x2, 0xc8, 0x2, 0x3100}, [@RTA_NH_ID={0x8, 0x1e, 0x8}, @RTA_GATEWAY={0x8, 0x5, @local}, @RTA_NH_ID={0x8, 0x1e, 0x26}, @RTA_MARK={0x8, 0x10, 0x52b0}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc4810}, 0x0)
openat$cgroup_int(r10, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)

21m44.884995925s ago: executing program 46 (id=5806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f00000004c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r7 = syz_open_dev$evdev(&(0x7f0000000300), 0x66, 0x2000)
ioctl$EVIOCGLED(r7, 0x80404519, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r8}, 0x10)
fcntl$dupfd(r9, 0x406, r9)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioctl$EVIOCGSND(r7, 0x8040451a, &(0x7f0000001500)=""/65)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x70, r6, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x8, @mcast1, 0x6}}, {0x20, 0x2, @in6={0xa, 0x0, 0x40000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x55}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000009642849b7d72462d00"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r12, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8441, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r13 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r13, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x400)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@ipmr_newroute={0x3c, 0x18, 0x404, 0x70bd29, 0x25dfdbff, {0x80, 0x0, 0x20, 0x9, 0x0, 0x2, 0xc8, 0x2, 0x3100}, [@RTA_NH_ID={0x8, 0x1e, 0x8}, @RTA_GATEWAY={0x8, 0x5, @local}, @RTA_NH_ID={0x8, 0x1e, 0x26}, @RTA_MARK={0x8, 0x10, 0x52b0}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc4810}, 0x0)
openat$cgroup_int(r10, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)

19m47.945049796s ago: executing program 8 (id=6293):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, 0x0, 0x0)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @dev, 0x9}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)
syz_emit_ethernet(0x2a, &(0x7f00000017c0)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb0800454200faff65000006119078ac1414bbac1414aafe12488c789a093dcfeec0b897dc44bfa1d0f05c60d4cdb1cdbbda1367ba7fda57d3a8"], 0x0)

19m47.918618196s ago: executing program 8 (id=6295):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="10"], 0x10)
getresuid(&(0x7f0000000680), &(0x7f0000000640), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
open(&(0x7f00000001c0)='./file0/file0\x00', 0x1800, 0x0)

19m47.897093586s ago: executing program 8 (id=6296):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000002000000b705000008000000850000006900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x20800, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r3}, 0x18)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
write$binfmt_script(r0, &(0x7f0000000100), 0xfffffd9d)
r4 = syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000800)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000480)=""/167, 0xa7}], 0x3, 0x7, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$unix(r7, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r8], 0x18}, 0x0)
sendmsg$unix(r6, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r8], 0x18}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r8)
close(r9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r10 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sched_getattr(r10, &(0x7f0000000040)={0x38}, 0x38, 0x0)
connect$unix(r11, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYRES64=r5, @ANYRES64=r0], 0x48)

19m46.948531129s ago: executing program 8 (id=6309):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open(&(0x7f0000000340)='./file0\x00', 0x602481, 0x104)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x8, '\x00', 0x0, r1, 0x5, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202d437b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000008c0)='sys_enter\x00', r2}, 0x10)
getrlimit(0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000540)='./file1\x00', 0x0, &(0x7f0000000500)={[{@usrjquota}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0xde, 0x52e, &(0x7f0000000e00)="$eJzs3c9vI1cdAPDvTOwl201JChxKpf4QXbRbwdqbhrYRh7YIxK0SqNyXKPFG0TrrVey0m6hCWfEHICEElThx4oLEjQsS6p+AkCrROwIEQrCFAwdg0IzH26w7TozqHyX5fKRnv3nz4/vexB6/+ZGZAM6tZyLi1YhYiIjnImK5LE/LFEf9lE/3/v23NvOUF7/+1ySSsiyiyD5wqZxtsf9WqXtweGuj3W7tlcPN3u6dZvfg8NrO7sZ2a7t1e21t9cX1l9ZfWL8+kXbm7Xr5a3/84fd++vWXf/XFN393489Xv5NX+qvl+EG7JqdYe/Fe8VrP18UDtYjYm2ywuVko21Ofd0UAABhL3kv9VER8ruj/L8dC0ZsrDHfpFmdfOwAAAGASsleW4l9JRAYAAACcWa9ExFIkaaO8FmAp0rTR6F/D+5l4JG13ur0v3Ozs397Kx0WsRD29udNuXS+vqV2JepIPrxb5D4afHxpei4jHIuIHyxeL4cZmp70174MfAAAAcE5cGtr//8dyf/8fAAAAOGNW5l0BAAAAYOpG7f8nM64HAAAAMD3O/wMAAMCZ9o3XXstTNnj+9dYbB/u3Om9c22p1bzV29zcbm529O43tTme7uGff7knLqkdEu9O586WI/bvNXqvba3YPDm/sdvZv927seH4gAAAAzMtjT7/zXhIRR1++WKTchfxlYcQMrhWAMyMda6r+diH+MN26ALM16md+DBcmWQ9g9mrzrgAwP0fzrgAwbw/d6qOiU3D84p2Hjhn8enp1AgAAJuvKZ6vP/9fK6/mBs2u88//AWfQRzv8D/+ec/4fzq/4/9QDuTbEmwLyc9qiPkTfvqDr/X3llcJaduiwAAGCqlor0dNoozwUuRZo2GhGPFv/qX09u7rRb1yPikxHx2+X6J/Lh1WLOxOMBAQAAAAAAAAAAAAAAAAAAAAAAAGBMWZZEBgAAAJxpEemfkvL5X1eWLy8NHx+4kPxzOcpHer3549d/dHej19tbzcv/9qC893ZZ/vw8jmAAAADAeVQ7cexgP32wHw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAk/T+/bc2B2mWcf/ylYhYqYpfi8XifTHqEfHI35OoHZsviYiFCcQ/uhcRj1fFT/JqxUpZi+H4aURcnE38J7Msq4x/aQLx4Tx7J9/+vFr1/UvjmeK9+vtfK9NH9dD278Ivjo1JH2z/FkZs/x4dM8YT7/68OTL+vYgnatXbn0H8ZET8Z6sWWLFSvv2tw8MPFfYXHtlPIq5U/v4kD8Vq9nbvNLsHh9d2dje2W9ut22trqy+uv7T+wvr15s2ddqt8rWzj95/85X+Giv6d9RXtjxHxV05p/+U8Uz9WmA2HKYO9e/f+p/vZ+tAiivhXn63+/D1+Qvz8M/H58ncgH39lkD/q54976me/eaqyYmX8rRHtP+3vf3XUQoc8983v/n7MSQGAGegeHN7aaLdbe1PPvJ1l2axijZ+JdNyJi+7iTNfYbDOD3t3UQix+XFo648zlD49amOZ6nkBmEke2AACAj5sPOv3zrgkAAAAAAAAAAAAAAAAAAACcX92DSKd9O7HhmEfzaSoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIn+GwAA//8lHteP")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000003c0)='mm_page_alloc\x00', r4}, 0x18)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r6 = io_uring_setup(0x4c65, &(0x7f0000000040)={0x0, 0x8e22, 0x1, 0x0, 0x93})
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000300)={0xfff, 0x0, &(0x7f0000000280)=[{&(0x7f0000000400)=""/246, 0xf6}, {&(0x7f0000000200)=""/128, 0x80}], &(0x7f00000002c0)=[0x8, 0x1, 0x4, 0x8], 0x2}, 0x20)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
close(r0)

19m42.904610867s ago: executing program 8 (id=6324):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f00000001c0)=' ', 0x1, 0x20000840, &(0x7f00000002c0)={0x11, 0x88a8, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (fail_nth: 4)

19m42.71820782s ago: executing program 8 (id=6329):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

19m42.276778996s ago: executing program 47 (id=6329):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

9.45078722s ago: executing program 2 (id=10968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000180e27f00000000001a305add6abe95a838bd18c97359766e7a323a9c559fbb3453bedeeeea6120451433ad76546ca33e45a5027ed5b5f9bfdf8266d010504f2d9f5f5c6de79427148f2f83cf10eb7e74241a04e52e27aeb73a62a42676e4a6e8cb2f743a4822f28659721623d94834963f8611f6b410037391d697ce704781485d55c1ce32b44d39304934f658b790540dbf1d53def0244ea4fa573ce03e034b86a1eb5710b9da47b8aa9f1be85ee8ce77a0500166163e9d7fb120d4830f6b92c3ceb1a9dcd2b9d80387417c2e276643eaef6725d2e1ac23d268c48cbb97c7873c8b566761e379ea6397b5dbcb45b577d045098086e081b0dcdf5ca9d6a751c775cfef60191c4d2f87d8727dac1735dd2314ce264806a6b164f4d89a443418961636e4d3", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0xd0, 0xd0, 0x428, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x4a}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x2}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x10)
alarm(0x213)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

8.796326849s ago: executing program 2 (id=10972):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
bpf$MAP_CREATE(0x0, &(0x7f0000000f00)=ANY=[], 0x48)
fsopen(&(0x7f0000000080)='devtmpfs\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0x6, 0x2}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x3ff, "3cfdb7e06039549e56eb7e7a85b416c4"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x40800) (fail_nth: 1)

7.756471673s ago: executing program 6 (id=10975):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x509, 0x70bd2b, 0x0, {0x2, 0x18, 0xf, 0x0, r2}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

7.431810968s ago: executing program 6 (id=10977):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x20000005}, 0x12)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000280)='xprtrdma_inline_thresh\x00', r0}, 0x18)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000401904000600000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000003ba8bbd2000000007c03452805020600"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r5=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000010240)=r5, 0x5a)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40))
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r6, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

7.377805709s ago: executing program 5 (id=10978):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendto$inet6(r0, &(0x7f0000001640)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xffffffffffffff18, 0x840, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r4}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto, @fwd={0x2}]}}, &(0x7f0000000b80)=""/230, 0x32, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

7.370961649s ago: executing program 2 (id=10979):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r2, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r1}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
shutdown(r1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r6 = gettid()
open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff})
splice(r7, 0x0, 0xffffffffffffffff, 0x0, 0x10003, 0x0)
socket$unix(0x1, 0x1, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r8, 0x0)

7.039842503s ago: executing program 5 (id=10980):
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)}, 0xc0011122)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0x680, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
unshare(0x24020400)
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYRESOCT=r2, @ANYRESHEX=r3, @ANYRES64=r1, @ANYRES64=r1], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
pipe2$9p(0x0, 0x0)
r4 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0), 0x2, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r5 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x80000000)
process_mrelease(0xffffffffffffffff, 0x0)
openat(r4, 0x0, 0x0, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

5.453907045s ago: executing program 2 (id=10983):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})

5.413804976s ago: executing program 5 (id=10984):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000240), 0x3, 0x4f5, &(0x7f0000000680)="$eJzs3c9rG9kdAPDvyHbiJE7stD2kgaahTXFCG8mOm8T0kLpQ2lOgaXpPXVs2xpJlLDmJTSgO+QMKpb9oTz21h0LPpVDyJ5RCoL2XZdkl7CZZlj3srhbJo42jlW2Z2JZjfT7wPDNvRvN9T7Ke5s0bZgLoWucjYiIieiLiUkQMpvmZNMXaeqpt9/zZg6laSqJavf1eEkma19hXkk5PpC/rj4if/jjiF8kX45ZXVucnC4X8UrqcqxQXc+WV1ctzxcnZ/Gx+YWJs9Nr49fGr4yO7VtcbP3z7d7/6y49u/Os79/5/592Lv6wVayBdt7Ee7Vhrc7v1qvfV34uG3ohY2kmwA6wnrU9fpwsCAEBbasf4X4qIb0TEiz82r3VUBwAAAIdB9fsD8XESUa1Wq6caeQAAAMChkqlfA5tksum1AAORyWSz69fwfiWOZwqlcuXbM6Xlhen1a2WHoi8zM1fIj6TXCg9FX1JbHq3Pv1y+0rQ8FhGnI+I3g8fqy9mpUmG6w+c+AAAAoFucaOr/fzC43v8HAAAADpmhThcAAAAA2HP6/wAAAHD4bdr/T3r3tyAAAADAXvjJzZu1VG08/3r67sryfOnu5el8eT5bXJ7KTpWWFrOzpdJs/Z59xe32VyiVFr8bC8v3c5V8uZIrr6zeKZaWFyp35orOJQAAAECHnP764/8lEbH2vWP1VHMkXdfG0/8n9rZ0wF7K7GzzZK/KAey/nk4XAOgYg3LQvdro4wOHXKuO/aOXs79tWrXD0wYAAMBBMPzV1xr/Nx4IbzAdeehexv+hexn/h+7V1vj/qb0vB9AhR7ffpD+dVpu3/Xcb+3eWEAAADoSBekoy2XQscCAymWw24mT9sQB9ycxcIT+SngL472Df0dryaKcLDQAAAAAAAAAAAAAAAAAAAAAAAABvmGo1iSoAAABwqEVk3knSR3QND14YaD4/cCT5aLA+jYh7f7r9+/uTlcrSaC3//c/zK39I86904gwGAAAA0KzRT2/04wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgNz1/9mCqkfYz7tMfRMRQq/i90V+f9v9jMCKOv0iid8Prkojo2YX4aw8j4kyr+EmtWDH04XopmuNnIuLYfsSPzeOf2IX40M0e19qfiVbfv0ycr09bf/960/S6np7frP3LNNq/ejvXqv072WaMs0/+nts0/sOIs72t259G/OQ129+f/2x1dbN11T9HDLf8/UleiZWrFBdz5ZXVy3PFydn8bH5hbGz02vj18avjI7mZuUI+/dsyxq+/9s9Pt6r/8U3iD21T/wtt1v+TJ/effXmL+Be/2frzP7NF/Np7/630d6C2frgxv7Y+v9G5v/3nXFPWkY3xpzep/3af/8U263/p1qO32twUANgH5ZXV+clCIb9k5tDO9O5DrMb/U6dqWjse7fT7fFBm/rox51b6wex4P51rkwAAgL3x8qC/0yUBAAAAAAAAAAAAAAAAAACA7vXKTb96ImK370Z29NU7C/R3rqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFv6LAAA//8WrsS9") (async)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000) (async)
r0 = socket$inet6(0xa, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002180)={0x0, <r1=>0x0}, &(0x7f00000021c0)=0xc)
chown(&(0x7f0000002140)='./file0\x00', r1, 0xee01)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x5c, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000040), 0x4)

4.176144302s ago: executing program 5 (id=10987):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200), 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+ZDzKSFJmiQJySlZ/2vC327X/vbe3+7Lvvbcv+t6r1n3u557Pet57/ewnuedmW+7DK3ZuFa1hkQE/xa88CMJAGIBYCAAXAMAAQCUiysXl9WfU2LSv7cT9sd6KPVKz4BdSVz/7I3rn71x/bM3rn/2xvXP3rj+2RvXP3vj+jOWnW2aXvBavmXfG1//z8748/+/SGbpsV+uLX19V4CYfzaF65+9cf3/awX/zEZc/+yN659dxV7pCbD/APz6zw5y/N0ern/2xvVnLDv7c683y/+47xsg8uc+Bgqu/DH/6vgZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLE/wWl/mQKAS+0rPS/GGGOMMcYYY4z9cXyOKz0DxhhjjDHGGGOM/d9DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+b/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFj2EdrIcNsBE2wWbYAlthG2yHHfAJ7IRPYRfshj3wGeyFz//F/FN/k98VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNiXsyH+bAAFsB4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwapYFathNayO1bEm1sS78W7sjXWwDtbFulgP6126PIUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2Auri97YB/tgX0zO0R8H4AB8GQfhK/gKvorJOASH4mv4Gr6Ow/EkjsCROApHYRXxFo7BsUhiPKZgCk7EiTgJJ+FknIJTcBqm4nScgTNwJs7CWfgezsH38X2ch/NwAaZhGi7ERZiO6bgYT2EGLsGluAyX4wpcjqtwNa7CtfgxrsX1uB434kbcjJtxK27F7bgdP0EFgJ/ibtyNybgX9+I+3If7cT8ewAOYiZl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxt9UmJNMogsSigRI2JErIgVuUQukVvkFnlEHhEREREn4kRekVfkE/lEAVFAxIt4UVgUFkYYQSKMAQARFVFRTBQTxUVxUVKUFE44kSASRBlRRpQVZUU5casoL24TFURF0cZJUVlUEW1dVXGnqCaqieqihqgpaolaoraoLeqIOqKuqCvqiXqivnhANBC9sT8+JLIq01gMwSZiKDYVzYS8+A7WSgzH1qKNaCueECNxBLYXrVyieFp0EGOwo/iLGIvPis5iPHYRz4uuopvoLl4QPURr11P0EpOxt+gjpmFf0U/0FwPETKwh3sM5OWuKV0WyGCKGitfEAnxdDBdviBFipBgl3hSjxVtijBgrxonxIkVMEBPF22KSeEdMFlPEVDFNpIrpYoZ4V8wUs8Rs8Z6YI94Xc8U8MV8sEGniA7FQLBLp4kOxWHwkMsQSsVQsE8vFCrFSrBKrxRqxVnws1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BSfil1it9gjPhN7xedin/hC7BdfigPiK5EpvhYHxTfikPhWHBbfiSPie3FUHBPHxQ/ihPhRnBSnxGlxRpwVP4lz4mdxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFR/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75AQubCP6rKGrClrybtlEtwj68h7ZV15n6wn75f15QOygXxQNpQPyUbyYdlYPiKbyEdlU9lMNpctZEv5mGwlH5etZRvZVj4h28knZXv5lEyUT8sO0l98ijwrO8vnZBf5vOwqu8nu8md5XnrZU/aS0BtkH/mS7Cv7yf5ygBwoX5aD5CtysHxVJsshcqh8TQ6Tr8vh8g05Qo6Uo+SbcrR8S46RY+U4OV6myAlyonxbTpLvyMlyipwqp8lUOV32vzjSbCn/Yf7bv5M/+Je9b5Sb5Ga5RW6V2+R2uUN+InfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJTZsqD8qA8JA/Jw/KwPCKPyKPymDwjf5An5I/ypDwlT8kz8qw8K89dfAxAoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxSeMKqlKKadKqwR107+Sr4qpG1VxVeJX+Zfml/R35tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao7LWX+vVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nLfsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBtcH+QL8gcFgoJBfFAoKBzowAQ2EBeLHg1uCIoFNwbFgxJByaBU4ILSQUJwU1AmuDkoG9wSlAtuDcoHtwUVgopBpaBycHtQJbgjqBrcGVQL7gqqBzWCmkGt4O6gdnBPUCe4N6gb3BfUC+4P6gcPBA2CB4OGwUNBo+DhoHHwSNAkeDRoGjQLmgctgpZ/6Pjen8z/uOupe+kk3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1sh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WKnqAn6rf1JP2Onqyn6Kl6mk7V0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqDT9Ad6oV6k0/WHerH+SGfoJXqpXqaX6xV6pV6lV+s1eq3+WK/T6/UGvVFv0pv1Fr1Vb9Pb9Q79id6pP9W79G69R3+m9+rP9T79hd6vv9QH9Fc6U3+tD+pv9CH9rT6sv9NH9Pf6qD6mj+sf9An9oz6pT+nT+ow+q3/S5/TP+rz2WYv7rI93o4wyMSbGxJpYk8vkMrlNbpPH5DEREzFxJs7kNXlNPpPPFDAFTLyJN4VNYZOFDJkipoiJmqgpZoqZ4qa4KWlKGmecSTAJpowpY8qasqacKWfKm/KmgqlgKplK5nZzu7nD3GHuNHeau8xdpoapYWqZWqa2qW3qmDqmrqlr6pl6pr6pbxqYBqahaWgamUamsWlsmpgmpqlpapqb5qalaWlamVamtWlt2pq2pp1pZ9qb9ibRJJoOpoPpaDqaTqaT6Ww6my6mi+lqupruprvpYXqYnqanSTJJpo/pY/qavqa/6W8GmoFmkBlkBpvBJtkkm6FmqBlmhpnhZrgZYUaaUVkLVfOWGWPGmnFmvEkxKWaimWgmmUlmsplsppqpJtWkmhlmhplpZprZZraZY+aYuWaumW/mmzSTZhaahSbdpJvFZrHJMBlmqVlqlpvlZqVZaVab1WatWWvWwTqzwWwwm8wms8VsMdvMNrPD7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTaTLNQXPQHDKHzGFz2BwxR8xRc9QcN8fNCXPCnDQnzWlz2pw1+S9+XnoTa3PaXPYqm9tebfPYa+zfxgVsQRtvC9nCVtt8Nv+vYmOtLW5L2JK2lHW2tE2wN/0mrmAr2kq2sr3dVrF32Kq/iWvbe2wde6+ta++ztezdv4rr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/lNvNAusqvtGrvWfmx32d32tD1jD9lv7Vn7k+1pe9mB9mU7yL5iB9tXbbId8pt4lH3TjrZv2TF2rB1nx/8mnmqn2VQ73c6w79qZdtZv4jT7gZ1j0+1cO8/Otwt+ibPmlG4/tIvtRzbDBrDULrPL7Qq70q76/3NdZtfbDXaj3Wk/tVvsVrvNbrc7Li2E7W67x35m99rP7UH7jd1vv7QH7GGbab/+Jc46vsP2O3vEfm+P2mP2uP3BnrA/qkvZWcf+g/3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoEuTa8klSJHpSmBbqIydDOVpVuoHN1K5ek2qkAVqRJVptupCt1BVelOqkZ3UXWqQTWpFt1NtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlNqRs2pBbWkx6gVPU6tqQ21pSeoHT1J7ekpSqSnqQM9Qx3pL9SJnqXO9Bx1oeepK3Wj7vQC9aAXqSf1oiTqTX3oJepL/ag/DaCB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDJNoak0jVJpOs2gd2kmzaLZ9B7NofdpLs2j+bSA0ugDWkiLKJ0+pMX0EWXQElpKy2g5raCVtIpW0xpaSx/TOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vRd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzzhNWEkvDaMC68L84bXh/nC/GGBsGAYHxYKC4c6NKENKQzDImHRMBreEBYLbwyLhyXCkmGp0IWlw4TwprBMeHNYNrwlLBfeGpYPbwsrhBXDR+6rHN4eVgnvCKuGd4bVwrvC6mGNsGZYK7w7rB3eE9YJ7w3rhveFZcP7w/rhA2GD8MGwYfhQ2Ch8OGwcPhI2CR8Nm4bNwuZhi7Bl+FjYKnw8bB22CduGT4TtwifD9uFTYWL4dNghfOaX/vsX/f3+pLB32Cd8KXwp9P5eOT+6IJoW/SC6MLoomh79MLo4+lE0I7okujS6LLo8uiK6Mroqujq6Jro2+nF0XXR9dEN0Y9T7WjnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx13jIu5aF+euc3nd9S6fy+8KuIIu3hVyhZ12xllHLnRFXFEXdTe4Yu5GV9yVcCVdKedcaZfgWriWrqVr5R53rV0b19Y94Z5wT7on3VPuKfe06+CecR3dX1wn96zr7J5zz7nnXVfXzXV3L7gebkKeC6/JJNfH9XF9XV/X3/V3A91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfVTXWpLtXNcDPcTDfTVZl1YS9z3Vw33813aS7NLXRZa8Z0t9gtdhkuwy11S91yt9ytdCvdarfarXVr3Tq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3y11wY1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5MiUyNTItEhqZHpkRuTdyMzIrMjsyHuROZH3I3Mj8yLzIwsiaZEPIgsjiyLpkQ8jiyMfRTIiSyJLI8siyyMrIt4X2hL6Ir6oj/obfDF/oy/uS/iSvpR3vrRP8Df5Mv5mX9bf4sv5W315f5uv4Cv6Sv5R39Q38819C9/SP+Zb+cd9a9/Gt/VP+Hb+Sd/eP+UT/dO+g3/Gd/R/8Z38s76zf8538c/7rr6b7+5f8D38i76n7+WTfG/fx7/k+/p+vr8f4Af6l/0g/4of7F/1yX6IH+pf88P86364f8OP8CP9qJg3/ehLp8gw3qf4CX6if9tP8u/4yX6Kn+qn+VQ/3c/w7/qZfpaf7d/zc/z7fq6f5+f7BT7Nf+AX+kU+3X/oF/uPfIZfcumisl/pV/nVfo1f6z/26/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/id/pP/S6/2+/xn/m9/nO/z3/h9/sv/QH/lc/0X/uD/ht/yH/rD/vv/BH/vT/qj/nj/gd/wv/oT/pT/rQ/48/6n/w5/7M/z3+zxhhjjDH2T5lwuSl+3XPhcn7v38kRf7VxHwC4emvBzL/uz1pRrst3od1PxLeLAMDTvbo8dOlWvXpSUtLFbTMkBEXnAVz6JihLDFyOl0BbeBISoQ2U+d359xPdztI/GD96K0Cuv8qJhcvx5fG/AMCk3xn/sSdGLSwfno77H8afB1C86OWcnHA5XgJtf7m+0gbK/p3552/1D+af88sUgNZ/lZMbLseX558Aj8MzkPirLRljjDHGGGOMsQv6iUqdLp1/XvqNz987P49Xl3NywOX4H52fM8YYY4wxxhhj7Mp7tlv3px5LTGzT6V9vVP1fZf3TjSbwfzUyN3634T3ApXsUAPybAwJkNeSfeRSb/5R9JV986fxt1/IzPoD/jFL+EY0r/MbEGGOMMcYY+8NdXvT/+n51pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ3/GvxO70sfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9+qv+4")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000000)='.pending_reads\x00', 0x0, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x40046721, 0x0)

3.755009868s ago: executing program 5 (id=10991):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x1, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000012c0)=[{{&(0x7f0000000500)=@nl=@proc, 0x80, &(0x7f0000000200)=[{&(0x7f0000000680)=""/96, 0x60}], 0x1, &(0x7f0000000800)=""/84, 0x54}, 0x3}, {{&(0x7f0000000b00)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000b80)=""/234, 0xea}, {&(0x7f0000001380)=""/125, 0x7d}, {&(0x7f0000000d00)=""/119, 0x77}, {&(0x7f0000000d80)=""/211, 0xd3}], 0x4, &(0x7f0000000e80)=""/230, 0xe6}, 0x7f}, {{&(0x7f0000000f80)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000001180)=[{&(0x7f0000001000)=""/113, 0x71}, {&(0x7f0000001080)=""/226, 0xe2}, {&(0x7f0000000580)=""/48, 0x30}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000700)=""/21, 0x15}, {&(0x7f0000000880)=""/38, 0x26}], 0x6, &(0x7f0000001200)=""/163, 0xa3}, 0xf8f}], 0x3, 0x10222, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0xfffffffffffffffe)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x18)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000ffffffff000000000000000018020000", @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085000000bb000000b700000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.580439521s ago: executing program 5 (id=10994):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
fgetxattr(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='tru'], 0x0, 0x0) (fail_nth: 1)

3.427314333s ago: executing program 48 (id=10994):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
fgetxattr(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='tru'], 0x0, 0x0) (fail_nth: 1)

3.415500273s ago: executing program 6 (id=10996):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.303240945s ago: executing program 6 (id=10998):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x101880a, &(0x7f00000005c0)=ANY=[], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x30)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000a40)={0x2020}, 0x2020)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002d40), 0x4)
getuid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000400)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000280)=0xc)
setresgid(0xffffffffffffffff, r1, r1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)

2.705500483s ago: executing program 3 (id=10999):
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000240)=r0}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000380)={'ip6tnl0\x00', <r4=>0x0, 0x4, 0x9, 0xfe, 0x2, 0x4, @dev={0xfe, 0x80, '\x00', 0x42}, @dev={0xfe, 0x80, '\x00', 0xb}, 0x46, 0x8000, 0x0, 0x7}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0x20, &(0x7f0000000780)={&(0x7f0000000680)=""/61, 0x3d, <r5=>0x0, &(0x7f00000006c0)=""/185, 0xb9}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x11, &(0x7f0000000480)=@raw=[@map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @alu={0x7, 0x1, 0xd, 0x6, 0x7, 0x80, 0xffffffffffffffff}, @alu={0x7, 0x1, 0xc, 0x4, 0x0, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x4, 0x1, 0xb, 0x6, 0x1, 0xfffffffffffffffe}], &(0x7f00000002c0)='syzkaller\x00', 0x81, 0xff, &(0x7f0000000540)=""/255, 0x41100, 0x40, '\x00', r4, @fallback=0x2a, r0, 0x8, &(0x7f0000000640)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, r5, r0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x64, r2, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x64}}, 0x20000014)
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x20, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000001}, 0x4000800)

2.520664835s ago: executing program 3 (id=11000):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00e5001e000100000000000000ffe007000000", @ANYRES32=0x0, @ANYBLOB="00000200"], 0x1c}}, 0x0)

2.300343048s ago: executing program 3 (id=11002):
memfd_create(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0xa063002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x81)
getdents(r5, 0x0, 0x18)
syz_fuse_handle_req(r2, &(0x7f00000083c0)="377f85492cfa30821d802e8d3ff98bf0ef5bab1f3b795fe9868efc0922591ed3311efcc8a6c3b0a193e2e59faf2c945ae8ecfc6e9fdda7f32cc2b778fd907ac95620aae3e371f7643f81d3a4df3abfcc92b15f455d435e1ff262e85f4a29bca3db8e7b803ef34e967e285e4830454de045e5a8ea16551112b9ae09a283f60818195ae523043664ac9ba937edc7a14662f4e7c0a148e6f691ac35c1830b2920fb906257f25deb260f878138b5043d16e5f04c917a63d77fbcfb8cc1e1e44967edb38dd2af64133d8aeaa46e1e5aea5746a71420d03dc5ce334a0ef7d96c7ef7290f74399cedb4edac40b625e52782c8e4d3f466fde42e3c1bfcddc746c42c3e9793fd597e64306a172948e5f97b4e726a3aa8709ca1093af26fcae600a240b244da00a02a6bb729966eb4b1c41dab3f82775a9ef0fe0d0887c914b9c212784b2bd39165013c962d8037aca46433d13e7e46d174cb426dda6d47bd2fe0f6b15d238214adc62c0279ef01d72fbf967ef1ad4ee85eac8f8b1046f425c97b976de45faf06dc48f2bc797ab3d6ea7859dbb635122a8d5f0e5e821a5b62a5b5cb61872c71dac977c36bda79622245019377c0ac5c55ec3be0da9718875cb3464611848cb6a639ef2d5a039a90f1f4a103fc82f9c104e13ada959fe10083fb69321e0ac401d2e01c70ba5d9169bb7f7bd77a1dc5741a1d48c0fbe7bc6af6c4d9599c1a6f030749942f3417c7c84e6b3b48e8b2540e61a629fb12ab2243304d8daac8aad985c07eb98b53ce655c21031e10079505e50c3865c4c824fccec3ac9fa4da1dc9701cd32a917b435330592ebc4e76355ad98c6cff9869c009581f106168eb7175fecc1aa1c673f0f7ed754b6eda81a24d7e2d34e8408cebff7efee05118b45122cb4bb105703f2ca329dac479a72cc7cc4bac747b259ab0a63d6b4fe809d3a50c56bd0d70d005c3c29b2f0785ef8a2e1addd01f26bb218bcddc4a81902a4f1b9c3ad7d62b2e2f711640e6a4e38b93f2c9715e904f453f6cbd48999378970b149c54a628e5713e413b8a3771c30a7880feacc1732802674c0ac72b3e8aa5f776ae27cc0c7a34e70a6e3ea3acc81770810abb9482ac6caef01254892f5085afd565e2e0100a3d399c95c6b14fa877020e52eda690bc7f5a86187454fb6f9c0731a5791ea8261ab17564b2f4a9d3216dbff0bed619b859ce974031f7a0f3e88d0dc958320ad0300280e9513d198bafdb56ab1e6e68bbaa00655fc2d475eeaf8dc57d4d1f579f9f6a235ab430c2fefc5837c97c6a3baf1278c6f6b7e39dd6f1f3579a5eb1aeb112521be753e1d082b94752ebddca8850ddab730a80cb10fd374dadb02f8a974c2934118ca40b09180e1bfd6984988465b63f76663b0a613c5070f2a2cf4ea7830cbfb920943311ed544e4026c6e1063644f3599d9d30ed3c2492a5f2d875383794dde1ae2c0c2cd10266a3d3041407ed55cbff92cbf1e9f2da9bfc38b1f583af076f488104492b324c07a9976ac41beba0dc1a9d19c21a81c681c70f24cec20177ddecf0d3f3cfd2eabacda6bf96676922016edf5b77cd03703cdcc2f8076b48ec70965f8e9c33e9dc9ae11b2afe5b06e2db24c31a9fcac4545ab4db6c9d28f40f7865c281c6f286f54592aa8986841c68c366f21d60cf67d81922a7e55095cd2b55ccf650e69feb4c274e3027cab1461ad25c73076443396e2bbd50b8f86b4ec4cea36080cb3aeb7fd99b2cde6373d7d915348f8a845c22cd603dc9b5369df4a4e3e29f41ff830968173d3e4e44cacc1ebc65f68ce31b1ac1f95a96e4d451d73c08b6f5cda4b5ddc752ac82c3f89cf4581faabdf9ad9d57211d02ddabda3f361cc6e1407870d57585cc646e974244c9ee742d911a98c2c33e60a3fd3e93aa8c29e217a5d58a8525fa477f73d198f7c468c3e7b41c127d75c96168f472cc109b502d70ac830740e573f24798567ab4d7f7dd83ebe9beecb899b100c4fb3b0998407f71eb75694741c662aca282fc59a84f9691d9177c358f8e26ea0bc932ad9ecedd2719e6c634f1d4970ae07eff08ee9cc295fdeef1da87785af0a663329be1489bbbadb120f0f214c4d6dcbf21b4164f2a2d6634f6b9e9784556e94b36021241fd6fe9bf4d83587b042aba34f0e6b06d6ad99a82ded675fdc0b29beffcf5dc1f3aa4b9d85d66d56213e537616c252f83af1336c0dda2ec2b7403db0d5a44c6296aac4ec803c5ac721e8786762f40f575922d1d4adaad25e5786e34bc3ec65088a894c1c52c8516117e876ade45caef808280b5d5c2c6aab89f3a58e90acf8ba24a7213c149e380db6d346c0879ba656750bf3b9e6df91a806f2af88dda2abb47405e873414f139bf42496a881726a9755a1d8aae8fea0dc28e72d07144fdd0853c8765cde74f20495bccaaa1319bcfa03dbd8390b4caa52db15a03e7e948f55f3321249a21dab6225a751ba5be387ebd6d5ed64c7ce4444dc9a0437ae815c38fb4edaf2c277dae2f0af0e06fcf536ad5a7ef8d4a8fb55b729dab0f0bc9be11063a60298122ca239c4cf1da66a04210ae7badab1d1c96d5001f649e2fccbbe9fd27109401fbc822c6c6a0e13e80321edc5ef937d32425930cb0e83cbd1423e4d958326e1ccee4163d22b6bc78860be50dee9f20a5e14746106b156b3e301c06f736774d5a8aa08dfd6422fd5185fe28ab4c076bc15ea0059ddd4bdf4748afd62c499138ac73e27fe6e5dec23bd2a3182f74d17920f6d73099634087fe32a34f8b8d00f21434b5e45542014468680966946cf0a3774a5c1881b2503f76b2cdecfc10ea408ad09a3d977449b07d9bc13fd3e21e0ae387d97368221f7156ae5779fd2e59d43f93bdaaa7f96c223fd390655a208e042b62b60bd51915ba121d6e2147fdc0d6547f808af37d7d2a0f13b85ad39b374f1a5baa437d8cf2540c01828bab6a295ecb0d0faa9ad7fc24bfe3e20a142b8d458abbe541671cafec174193741b4c47b984567da097366b1c2da3c5914fb2f2b54df343e1d6f0bea6b96e632b1fb1a7787d0cb6a95af5a376d76460a0b60b6c382bfd77cb0200402f58964c2792579bcf6e870a12232464c20f873e25695a66db135999c8f755199b0102232cc1c43696a6a50de8ae21ce1fccc82123d20c42d5b5dbde6d848f9bea4e38f3abb00680b1ec5bcb3785b61f59b93018353cbc4c88ad84ea1badc26dd78ba8570880316a531fd5c099b6b18da7887d57ccd31ab908632aa1803919cadd673da416a1e1855ceb7b820067a2c4b7ebadec0e5f0581518b1e24ae3b4d8065145709178df4c0d270f512cc9ef3a79713457f40f90a4075daaf525c743b1a760dd5a771bf01dbb96c086a144b57fd1fbc6aac691b0bd991483ab2f03e434676e6ebb5cbcbb0dc73d71816df2ec8ca2447fb7e11a6cc5cc59414e1b6c9be94d243934d5ec7c69f6e33f41f3d92a3e17fb08ab428858b8e6ef3941a17c30c6121d6336c177d9cc983aaf770d6ebae1292220ce7301a60e4dc78edec1e53c48c0d50e9ce195949599d605569dcd2a68dec704c609ef8b77241108c606815d19666a16907447ecdf5f8fc9003d1008b85a9a92fc1877c51ab8b4af6055afdf7398bda2bcde35ad40cce3c190ff7c33a5d334570a439839285fda7479304b2b8e13a6ab999e81f49450b21255bbc2385fdfe00d597dcfaabffa4594a697aefbd64fe466abe7d6e53de8009985af956e05d5a4a9e3a01924e05061b2313402e61110f3c2b8cf366dce12d10c9c4a56dbb6d568a9e45886703fff6cf815b946b201cd626c9872a7cd02b27d3a3be7c8ec5e353b6259d628a540c292a1835865a428ff9c143fecf74cc4413c57135b14e2e288ec59cc4bbc96f511676edd946c6a954cb00853706e1c2d862e82e974614f63a6471b0898424c681859ad7216cdc13d6e582bc74f2f69387e1c91a9f838d7993a5eedf8e719fe5a908529558fb271a2786abcd5b824bb3e8513057deb47bcb160653fb4f9ff09ca9c1aa1b8793875e25ac6c381c554003437258727f19bad1119a6b82eed6a56bd2f3900c40097e905d89a658dd170e65fe1e7a19e3202c7c65ed7b9e379298285b42aaab19931221bdc597efb4dce318aaf0829d247be2f219fdbc2839ebf9e72d6d4c347700f2ee2081ae93b6d37d27d56fece14efa8713b8301ba6098034bc4606d7250033b7a83cf0285d975d63650d7931942c81dd57614c646dac1ada4d5e8d4d776173f495a40e797a678f6ba6e3292e8dcc070e90ce9bc77e97ded33d876d76cae56105a8c97ef7bf0f504bc335b57ab915b30fbe92866f36e4fa7d85027b75e3326290ee9b69d85af60b0e68685300c26c44a939ac499292fd76e3308f603e1d75327907d867ef2215a8e8493a0a1713f75939144a96f8ccd7140db24554ffb8da94ea5038b20473c76da39a64ce8393dd4194033907b867df5a69b9f048158074e11766083f1848829266a4f6975bb9a3ddce705502353c28376e6815513715a1d633c42d83b7561159353ef34f92a8f19a85f0ec21564670b17e7dcc2eba555c3db7ec12fe9ad92378d4133d4f9f311e56131503868f635f2aab686c289c45d45be2ef669e77f06113f6bc7b6e56121ccf2f62eb2eadbf03ce926b9db3ab8a2138282b67f5654ea913aeff655b1035477426e9fb80a395219aa557ed5fcdaf3f70f59fb754ca6e0659c6c299c7ecab958091b87c61069d15c07b607edf41da0932edfe04accfca99de38bc92788fd6638929b46b491779a7396f6acfd4e23880d36c0ff9cd536dbecea894930e6f9e3c670e7ef5269192e566524da3b664dc8f055bbb8ae4d413ea2a0d510b21a0f435efac2e6c5c3b68e7722f1066a1b2e24d2a3cf41cc13b5291683bb2da6ec3b72f5ca8445f9905a52cb6c40732835bd3b1702be3799379345d7e167d9b47489d7589ba1dd98d9dd26bbba12f56e7fbb9c53178d1da9b75434042425659eec6c0c1b74dfced23c7b1dc5afb242ac8a3ce120ebd50e399c2649281f668da8995f984a94ce15b839b6fcfded0f4063d811169fe1d62d924dd3bf284ffb2d01ff4fa311dc757ec1bc17788e1a6254fe63f4e1e8a1535c7f6dc6d2c81665f89ad6c0ee218c3bc9acc2b66a86c1cc029094275376931f332630827caf3fca420498df7ec9091ff96690338673c53aa0f09f1a101cc56a9e8ce80889df3cebaa1a479d020393e08051c77d189ce5a9db24a3e1626aef784955c7f5010d0bb691a7eb5a93c863f878a158d13669e1b8006d9269e4b1aace1f7630dcc13d05128d6b5173914467465ea31fb598ec73807c6b0c7bd7e8defc35cf2d61f64d26098c6b2a19e9793a2cdd410d79d7baeab58a891046897f47b7b7fa47ad80a1199ef73bc70946898feaa7139df321511fec29695def2373c965ee0f65cbee8a3f10d44a56ea0677c1420e968883d659eed6cdb6d64c955140d2ef5630c228b7f9d2293a6f95b1d4eec006475b5df3bbfec031334388e460b432bb1ff1ad57a576b821c3a3f89e95e522d73d6f82ac16f4bea03edf9cd68e130495360d709912effec72fcb587219285d20aee6b964919544d9ae27f82030e3743b5d4e710b0c28aed154120a2a0506262ceadd5268a803b8b3dfdb6357da9963854dd834ce10e32af8e757863065998a20789f5f232661df4df3a92a63e7002fe4abe45e6839c19442967a4fcac2bbb5c1f985abe9193e2c7397994eec9d387bf8e0f626806b66186c66b4834c54039db14854aa68fce18cb73cf8f2104947b783deb6e3db12c8f9a09df32547bf1596fec7dc9c87989d248f5405f34d2e04deebb5eacc880a8f5465aa22e2680a310fa52bc14e87c87a4c7ea37740b6adb9ecf9a26d948603127c78da82dbc3893ed9fae4c6feab34a4c71bf9d4ca88806c02c525111ebaec1211b09f8e82aeb2f381c6515d85feb38534fd3b14ad41137c84dc9e65b9817af78ddfa06f0629bc7cbd10fe13b8f7dcc83b4f757b7570cd24395c6d7d49f1a87245bd5cbf5a3c50ea92ca25815ea8835b842b880167a2f5c038071881193e60121be98590bb2e07d79071ac18fceb4dd39cb8e687dcbaaa3b050b89ee96b8f4dfdfd45ee22d174085a12d51c23c90721366760ec0a934e7121313e21525d77e0f7ef818a08a46779fa65a93944fc04ea34564bd19cb1e16bb4b662c29c2e9ada2299fa96dff6c774ad21ff92fc27772c009dd75f0bc61bfc1e8f9ecc951ef9167617845bccdda3698610097958ef5a5ff4be5c6c9a65f9cef2cd950b0b578ea55791172e3db3259c26aa95da8e778a9c2dfd896ec13d3ef85e2d7f713763df895ae7f5cc0c6822fd382cc37fc6965704b38b123395376ddff27cd12ab6b5e7e84f9fef37e1a0b65fffb66bbf01960e65712849ce985d84f558fc8c7962a71887212a3e6e07380cb52f0e6edc1f5bac3a4ebba118dc0fc117c02edc02d240913fcb4e0daf0b1e1c0d067efe8ec573ebcad83afafc249f7a0b41aef0586805d739d0c5ddd85010ece71429ba331484c394d5d72a133146156a774424ee1fc8981e2e5dbdf0cd49dc9cc7d44fbc802dc27da15b128f84a8c94f343c3161fb02ded8b2c6091f93d00654d73214e87324ed12e1e9e6147cd1721fe1c3fc77b70a1ce9f9fe9d8fc01656523dde4a5fd485e161ed4cd177620f94738be20842a30f1f7fe2879fb79442e14ff3b1ea935ab4ea8351451e6ad87744c0ccd2529dc827c87ecc413440f0cdcb5a7ea1c9401569ff335a0e3c3bdf6aa7778b52077caab05730807a2032f9848dbd11bd1164d94ddf6cd6f5dc88421870d503f8f5c975370a251849c1917a77d68ce9d00f17914f0d15f3c2a6c40717f05fa2cd56d22edffa1026ad05ef9fe9ae2337e3070642f13a907c8945f4527f6cf06885b2ccc7fa85e4536e3036c611c38e719206b4bdd3a6d2e9bdc63bbc78ec8ded80733828107abf7ae64a3560f9b024620959552a0223144012b313b3e242288515546646ea05e4016374eeb9e44a6c858bfd4174bcf4503f44d03a41a1810b099fa0e68d6e5f03fae7e3b06d2a8441958a74046a1b3b1f1cbae7ab7daf3effde927d7fb153ca609ad5a0ea477ce0cad1d64cab8c2286bd3d28adcea5e99bbd2714acd497a30e57c4723d7aef0507cd21212d96f4354c842d0ae8e270387debeb902f49c8b8d63954ccc2e8f16415a801c678bb60cc3bbeb12a7c56c9e756c809bbfbc6cc79385cb4e3f98865bd76f0160d8c57693d456c38707c9e4c24df0720c45c69ad5b785cbbbaf74c2c5f359cfed762d1277435d39ff4860d45882984bc4d94d8f44f127120f76cd159d886f30beb0e39ac13db53f974e36ed5db04f1d35261c15a023cf3d91eeb0323a0ca5652404968eb0a7fdbbc2c77a535ce4ec1b1a9791c090cda23aefd349d831e3e49e0585c21144fec015f0d766758377ab87ec6ec6f0648f4ede525d97a7b84041632f37bf1a49e66ac4a81ea1dbcba9bc18ecd4d04b6a80c7fbcdab76de5fc3cd99b727380597904fca496ea9f89837892af2963d0a513b42f0ccdc27c245187709cd52489fdb23b277f72369a5f3525e27b546340e2294b07ffe56a6c249442d56ad2fb102fcbac936bf11fd9f20c3402421e8a3708c06dc6e659a27622d9e1f0c5322936b68cc84f51974339659d353894f3a1d70832994d1d618600841b151354cc65262801640634c7bc73e8493828c062be3c19a7240200ff63825884ff3cd5da58a4b29493b87c1f123e83909032dc040c116371efd249ed623db7f95cc053b75d37efafdfc4e07438f01670ab2cc9539184328e0e66e7a943d661095cdcc2d71b17722a5c350098388d5cbdad892c865ac1dba983670fbe70a3010626204d8b0ec1c0aaf94cc48c15f80f660845793c5901efb97cffe3874658ca0dc50d1d242dcdebe132d0e9f378402c635066021a54d6ddc713d6fd1f5d7e174000f6b8c800ef6269e68830adb40f55bf516ae916a793b33e237105a86b0edff9da55246fb57e6c54459bd0cf3b13aea0c5cc81f57bf1ee8cc61c1b1480349d7a4636fe0dae01a444f04b7799b850e8dbe41ece4f92319f605e19e92e4f21315f3a4e364cba28795e135c727d9eb0a6378c1f00314306ff2bf04e72736b3e9eb82c8e093ed6338598458fc7cffaa7c6e07d190ee89051860121ffbc4d4592c99c64b718d88d3d980de108dbcb1819b266fb2f2f23997619ae1d3653ec9c5c2d2614ffca75ef46cb5a843f948664a67250c7d7c9c7a717ce9bcea849f92999164eb0e89ed55e6d50dbbadc0c59ef9f8f44c644d40a943415e0cf18f6c36df4c43079835a7d0bf97443735d58e73c1938b2028ec406ccb6986fe9a263e81b990c9298eddd5d97010cb73ac708f048f592578c8a7e88405b9220845169924c5f64361061a1a57e79a42ab4468f51afe06ac25dc18b624d912bef4bf030e205dce52ab04ef1c960c2fd4cf3c90a0808412e65627c6dc184c2e8e724fab615f3c189882751522967f993c87a42e6b6acd0dcd3f1c181aa16de651ee562f04ed07fc2dbf3d2e6730eb853eb0855c778c12edc01c52519d715a6e5bc0fe2073f4e709db1a2d00988c74b0aac669a55652a1fedbd59f004d68752b8bb2dce2cf6c41b9fce101b8f27fe96c7ad5fae1c82ea400ac27a793c2f5a90fc5f42a285503051a9eb21881bf021065e7215cfb12f50cab172baa509b43fe7a3f8ab831cc98b3e205fd34f19d3c88d6192bbad2f78e12b0014d81229365e87ba89b61e4f4f4813035865a9aeac552c3cc5f16d45e1d278c2b49c127cf67b5b40b700b165ecd0c6206ab9168a8b52b0fa11787c9ee5f15b9c37959a65985c130020bef9727617e73b08ba86ec2240f0172d83f4caf128a2614f54a946cd1b56865ae4965666eb4a4b2209efce30acba22566a5cfca89eb85aa7f9c22278a4ad19b104f183169af28e1650fb71d3ff8f04f8198260a6eff4a72ad0a2024c8fc776fbfbd90ec1a4c8d7194c632fda0a0ceafd4af49e279e8afc1ce81f031f788598e8ad1cfc6215b3dc6e799352c96df39dde671e6d9d69e2b7a51b51acb4663bb57ca968bb4d8b7ef1c672841bf8fb0b4127383f09806ffd8ee7369d16c1eb96282f3a05a75812f879b0fc76e888a3af637565c3773feed757c99c3ab443e16b0c0bdee831b3d597a93c37f69088eff09fb4155899a206087922f87e1c5742ea1fe3b4db64b97ffeee342472f7fc9a69cb3be8c6e9ba6ba93fc792390e2c7dd2119b7fec8716518dd971b1f64fc546bf803ba073e70647550da9e395511cc1d7aa6e479a3e018583e30af5ea8b823aa2f90d7a0ffa8b58c857f093bdbcf695e77629f3cf985467797ccf7b22cc6a46228ff13ee290bb92809bc8dbce0d46b96f2bcf603a426ea66165f0eece9211d8cc71a03d7494bd91f1b5a193926a677052b0adc06f5dbb0e0793597524d9730071e81c16ffcde66d793c4bb7765aa24ab3c66ef66536cd9c0ecc9f03c5c41558b24488de578891991cbaf42a38a642189f0ea517ea13a89098c37952b72bd54a40de21da8f17817d870963e141abcf6f92e94a38312224e027674c711251e4e4a37ddb91e35445e47f12c6474ea8568355f28159381531cd6f02a57141e66458b9980308c4ce5a8f144175842dedcb21877681ec0660b8cc67c0c6bf6e20a3ccbce923eae580305d21ba78a55b83e8953bc2b707ec85117393d112777fdffde6ac15f91dbdc1c1f6c8c8d178c2f0e7c0cd7c738795497b05dea2a5b8aafeba01dbc6952c5ce3e12600085fb2104737bff27d7592c18b2faf1f08059d056669f7744bca2f21154db0b53164fc7871683b776ce3f625c171ae459288aee65164ae35b01063948cd557982bb4bf06e53d9af09af2a4dab99d45758a33877d021436b67d76c385887d8b473ddfcafe6c9210ffbc888996dda3ff6f4e7ce7fd3aa6dab0ba218941b291216f0e9eea88d33c7b0dd2b7e0383c673d5e300e3d2fd64c06e6ca5845d177040925399edf2584c7d065c476eb3977a4f13850796c14b5ddbbc03c8cda86a867c14589b844dbc5638eeca09eff4e9fff2e4c56dfeb9d571e526077ab7ef1a7f1bbb25b634b86ac5dcff84895e6a5d4124ecf3a7ac7c88737a641081de76f9b90d11287863b0ac6c092ab490e306b5e69650a0bfe493e9382d9b9fff7858d4de4f8060f9bc25afbfb516e9e3e99c7757dc72d84ac87c8e2b88bcb68aac686e053f14a0e6e56bc2d0ad4d904114ba5023236bd881a835118be090c91d86739974a8ffb171dc6f2e57267e7633ee6214196841ea1b303a4726c03f91cd387567c4a1c3bbb05f2419f855aa01fb186c00f4ea0ee0f1264af9d2beec096b00e68cad683f7535a47e472efec158ce2435979089ccd9f8b560bfacf08ae869f0503bbf52bfb9c32bb18e42470a40a74befcaa898e2992fbcb96c0aa060cc732825493847f41129d2d94f4db7345e2d1e393237560bd57cca431ea051667fc5059b4ff64279045bea7b493a8be1dc2f523472767f791d946f45cae937d7bcf34f4b09cbc8a2083b059cd2628be9c7007e40b9ec078c918871ba257e2a86668bbfc5a886c4590fffd6f78afa385083ff0400f01e53294f0c61854762ee59b6e306d2e8729333f1c3b2bcb88d7b086822499f26946699700b5232c5bdce7b2b19360fc6ef24cb5839e2b750dade370dc12f849c82b90afc469eb44a64dba0bb18245139567e7cba3ce194aed381c88b23b8bc805104b0d2bdbd74af8a8a5698c5068cbd60450daac6a89c29d0bcfc5370f36e3a7bb657977832ff5bfbed52bc694b6708dccf89dc77d839fd23cb8d8c4a86bbfbbd0e2af4f50cc03e0fac23e9d28a25a972d9b9a5c37f229f9ba6adbdde88ad158f09c780ab2d35d924e69fba99c7bccafe8ad814a1e22babf3d801d1ace8293b0ca08e0ff6e4db1ec79893547eff88cfc5a72d32d640dc8ff27dbf0fc4e61d06dd73c800ac7c5f6af56e48e25265fdb9fd2f8b91a2cd1de1508da2fa99f9bcb97ec333e3d6679be4e6290b07e07b1e7d7614d7933c30f1e28ac4a85f14b5ad5793520d1620b660e2d98784c1ba398d99cba769e1d1a25184e7b27be1cfc284846cc246fe526203108f744ae611a742212940b632bf1cdbcbc609009a87271a9625b23f18eb00ffc2fa004eb98bf66b32ec3f7207e6ac5ce7b195ff4dc4d55c5bf2dba08af2c2c21cac0fc4e89d31036953ec8360997343ef2cc0f4f20e0811c6234fa3b25b242edf80169f07be3eb46c784ec38aac5cbb78102f3736f679826553d123f7d15b4e364c54947509c2216172f0c1b7e2c02428d5fbe6c062a821c025d18caa0d196f7ce168fd741550260349467823eb17b589f6e73a683496e87439763d2000f8880729284a9649d4f3787220cb7ef9734a0e70cfe01b7631250a74f2a66014f656701d013b241eda5e341bfc51fcfd28416b1b3a1b83c5bb29abece4e6764366f9c47341696ef892baf71790b40ab10f2a809b87dc6d3fb0cde697c2c0c184f1d2899a412419d086ee09caf10a78fb9251ca91210e1", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={0xb0, 0x0, 0x7, [{{0x1, 0x0, 0x4, 0x2d6, 0x4, 0x5, {0x2, 0x7de, 0x11bb, 0xe86d, 0x7fffffff, 0x6, 0x7, 0x0, 0xdc9, 0xa000, 0x9, r4, 0x0, 0x101, 0x8}}, {0x2, 0x8, 0x2, 0x9, '{!'}}]}, 0x0, 0x0, 0x0})
write(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000001500)={@local, @random="d692b83f05fc", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast2, @broadcast, @loopback}}}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setrlimit(0x9, &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000eeff9f000040"])
io_setup(0x2004, 0x0)

2.23375889s ago: executing program 2 (id=11003):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x400, &(0x7f0000000100), 0x3, 0x45e, &(0x7f0000000440)="$eJzs281vVFUbAPDn3mkLvMDbivjBh1pEY+NHS0GRRBdoNHGBiYkudNm0hSCFGloTIUTBBa6MMXFvXPovuNKNMa5M3OrekBDDBtDNNbdzbzsznRnaYcoA8/sltz1nzrlzzjP3nplz75kJoG+N5n+SiG0R8UdEDFez9RVGq/9uXLswffPahekksuzdv5OletevXZguq5b7bS0yY2lEmiSxp0m7C+fOn5qam5s9W+QnFk9/NLFw7vwLJ09PnZg9MXvm4JEjLx6afPnwwZe6Emfep+u7P53fu+utD75++9iXdfE3xNElo+0Kn86yLjfXW9tr0snAquLNd7QzrFklIvLDNbg0/oejEisHbzje/LynnQM2VJZl2dbWxRcz4D6WRH3ekId+UX7Q59e/5dY4CTi6cdOPnrv6WvUCKI/7RrFVSwYiLeoMNlzfdtNoRLx/8Z9v8y025j4EAECdH/P5z/PN5n9pPFxT7//F2tBIRDwQETsi4sGI2BkRD0Us1X0kIh5dZ/uNiySr5z/plY4CW6N8/vdqsbZVP/8rZ38xUily25fiH0yOn5ybPVC8JmMxuCnPT7Zp46c3fv+qVVnt/C/f8vbLuWDRjysDm+r3mZlanLqdmGtd/TfLsoFm8SfLKwFJROyKiN0dtnHy2e/3tiq7dfxtrF5nWrfsu4hnqsf/YjTEX0rar09ObI652QMT5Vmx2q+/XX6nVfu3FX8XXL0U8b+m5/9y/CNJ7XrtwvrbuPznFy2vaTo9/4eS95bSQ8Vjn0wtLp6djBhKjlU7Xfv4wZV9y3xZP49/bH/z8b8jVl6JPRGRn8SPRcTjEfFE0fd9EfFkROxvE/8vrz/1Yefxb6w8/pl1Hf+VxFA0PtI8UTn18w91jY6siv9mq/hfqdltrPi/lve/tfSrs7MZAAAA7j1pRGyLJB1fTqfp+Hj1+/I7I9K5+YXF547Pf3xmpvobgZEYTMs7XcM190Mni8v6av5SRFS/WlCWHyruG39T2bKUH5+en5vpdfDQ57a2GP+5vyq97h2w4bqwjgbco4x/6F/GP/Qv4x/6V5Pxv6UX/QDuvGaf/5/1oB/Andcw/i37QR9x/Q/9y/iH/mX8Q19a2BK3/pF820T5TB3uft8mYrDrz7zvaOVwz+NaPu7pXdGN209klYi7oBt3W6K370sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8l8AAAD//yZb4PM=")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x4800}, 0x10)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.2030261s ago: executing program 1 (id=11004):
syz_usb_connect(0x0, 0x24, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000861a1820830447370200010203010902120001000000000904"], 0x0) (async)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file1\x00', 0x482, &(0x7f0000000800)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7"], 0x1, 0x258, &(0x7f0000001140)="$eJzs3E9rI3UYB/DHtm7/LLvpQQQF8Yde9DJs6wuQILsgFpS6EfUgzNqpho5JyYRKRNy9efV1LB71JLi+gV68effWi+BlD2KkabpN1oIgG6c2nw8k84RfvuQZZhKeCSRH73/z2d5ule3m/VhYSbEQcS8eRqwfV2NPjbcLo/pKTLoXr179/ZcX3v3gw7eaW1s3t1O61bz92mZK6fqLP37+5bcv/dS/+t53139YjsP1j45+2/z18NnD547+vP1pu0rtKnW6/ZSnO91uP79TFmmnXe1lKb1TFnlVpHanKnpT67tld39/kPLOzrW1/V5RVSnvDNJeMUj9bur3Bin/JG93UpZl6dpa8E9a97e382bdXTAzS8d3vV4zX4yI1b8tt+7X0RQAUK+LPf8fTy3m/9kx/8+D4/l/bfz+nWb+BwAAAAAAAAAAAACA/4OHw2FjOBw2Trent+WIWImI08d198lsOP7zbeKHeysR5dcHrYPWyfZkvbkb7SijiBvRiD9G58PYSX3rza2bN9LIejwo747zdw9ai9P5jWjE+vn5jZN8igffL57ln461yfxmNOKZ8/Obj/KTr38lXnl5Ip9FI37+OLpRxs7ovD7Lf7WR0htvbz2WXx09DwAAAC6DLD1y7vV7lk2vL49z/+L7gceur5fi+aX69hsAAADmSTX4Yi8vy6KnuITF6xFxAdpQTBYrT/qgrMYsWq37kwkAAHjSzob+ujsBAAAAAAAAAAAAAAAAAACA+fVf/OFZ3fsIAAAAAAAAAAAAAAAAAAAAAAAAF8VfAQAA//+gfid7") (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x2}, 0x4)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0) (async)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x80047210, &(0x7f0000000080)={@id={0x2, 0x0, @b}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000880)={0x44, &(0x7f0000000640)={0x0, 0x12, 0x4, 'x./v'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.028605072s ago: executing program 1 (id=11005):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e0f30fa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x2, 0x3}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000880)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4001)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.727058886s ago: executing program 2 (id=11006):
r0 = syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x800, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect$uac1(0x1, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0x3, 0xa0, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x549, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x9, 0x1, 0x7, 0x7, "917069", "c645"}, @as_header={0x7, 0x24, 0x1, 0x0, 0x7, 0x1}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x0, 0x2, 0xb, 0x80, "6b95ca88e63161"}]}, {{0x9, 0x5, 0x1, 0x9, 0xc42da201d5f3daed, 0x1, 0x9, 0x7, {0x7, 0x25, 0x1, 0x82, 0x20, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x9, 0x2, 0x3, 0xa, "3180b1b867cd"}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x0, 0x2, 0x7, 0xfa, "792e99c37c9be0"}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x80, 0x2, 0xfd, "5ba0c25cc9b0e3c714"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x7, 0x8, 0x8, '\"'}]}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x7f, 0x1, 0x2, {0x7, 0x25, 0x1, 0x3, 0xd, 0x8}}}}}}}]}}, &(0x7f00000005c0)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x6, 0xd3, 0x3, 0x40, 0x4}, 0xd0, &(0x7f00000001c0)={0x5, 0xf, 0xd0, 0x6, [@generic={0x8f, 0x10, 0xb, "8866130abd4fa5f53e76002aec4122433182952e746eb3607a73d9c8f4ee8d9459c415b8f214f0190ecbd0e591dce0c9a0068d4c9f4662bd17ebdc84b66bae41acae67e61b5b06ea1e567d7ac0a0d613c7c5c60c9c546a13f734b98bf3b507175c19782b939f891354c791f3102aaebb9faf8ca87aab9a5592208e045b70ebf3f44a31a994775cf688e48c1f"}, @ssp_cap={0x18, 0x10, 0xa, 0x7, 0x3, 0xaf8, 0xf0f, 0x1, [0x3f00, 0xc000, 0x30]}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x0, 0x7, 0x800}, @wireless={0xb, 0x10, 0x1, 0x4, 0x20, 0xd, 0x4, 0x2b, 0xd}, @wireless={0xb, 0x10, 0x1, 0xc, 0x20, 0x1, 0x0, 0xffff, 0x71}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x3, 0xf, 0xa}]}, 0x5, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x458}}, {0x6a, &(0x7f0000000300)=@string={0x6a, 0x3, "c1c6903e7cb6be2c7e5c9c98069d68d3b64257d8b5a732fd120f2520be3ded48be897a66a1c1f8c3310137f2a301c482fb6cd3280c4ba59f23f714e8b6a61efaaf14fcb636e85a6a8e5c1cf44e8e729adf6a02955969f50f369826db6ed7bb22b009ed24d0115cf7"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x801}}, {0xc0, &(0x7f0000000400)=@string={0xc0, 0x3, "4561a140379e3b0261f1b1a9843ed8cfc41d255e3479457a51b18e2604a51c1e9752b596cb0e5315ff6ed78c558880c2ccd87e745bcb926d366f735670d17cc3af7d3d49b64f126c191c7de4e32a45d95db7351810ad2460997d04d7b93e39ecb42ee84be7fa14983591efe1d3803fcb2a5967cdeaa429c9f6ea4f17062da9f3970b9716f64a9527a50004d528a5993a597ebe535741f69c4f01f6cb0e8bcc84e0e371f4342ca849deba49cfeb68e4b7c58b1621a5d7db0414ae5397b25e"}}, {0xdc, &(0x7f00000004c0)=@string={0xdc, 0x3, "d0c493169214d36da1cb10480b1a8bca62917ca8ad8097f853cc62963057bd2006b0e7081dbccb61553760eb0756ff6c6029c8c18cdbe28534d49adc9c8cade366238813cedaca142eadfc5ee28ddfb63461c6a297724de4a6f4b5e86c462113ad42c099ab073ae38f5dabebb51dcf7b1ed3f6a6d8dcd97953c85ad7c28ad6c02008239223e411ada80d99ae110a9f4e41f6bfba050e8d990611bc737c1f7a5e3d10f74d5cbf26bf2d58f74a174f21575b90b41e7eab1c6854988457af57a7f43105b8183b739c77597f16ff4e44b7615963fb8857e7f789734f"}}]})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20004000)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x22, 0x6, {0x6, 0xa, "a73d9d9c"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

1.666872347s ago: executing program 1 (id=11007):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.566504478s ago: executing program 6 (id=11008):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff07bbbf7f00931c07b2fd"], 0x1c}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r1, r3, 0x3, 0x0, @val=@iter={0x0}}, 0x20)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r6 = getpgrp(0xffffffffffffffff)
ioprio_set$pid(0x2, r6, 0x2004)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x34000, 0x0)

1.46083384s ago: executing program 1 (id=11009):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x2000, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@fallback=r1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2}, [@printk={@lx}, @call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r2}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x80000}]}}}]}, 0x3c}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x0, 0x1}, 0x10)
poll(&(0x7f0000000540)=[{r6, 0x1}], 0x1, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r9, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

1.391390171s ago: executing program 3 (id=11010):
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000240)=r0}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000380)={'ip6tnl0\x00', <r4=>0x0, 0x4, 0x9, 0xfe, 0x2, 0x4, @dev={0xfe, 0x80, '\x00', 0x42}, @dev={0xfe, 0x80, '\x00', 0xb}, 0x46, 0x8000, 0x0, 0x7}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0x20, &(0x7f0000000780)={&(0x7f0000000680)=""/61, 0x3d, <r5=>0x0, &(0x7f00000006c0)=""/185, 0xb9}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x11, &(0x7f0000000480)=@raw=[@map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @alu={0x7, 0x1, 0xd, 0x6, 0x7, 0x80, 0xffffffffffffffff}, @alu={0x7, 0x1, 0xc, 0x4, 0x0, 0xfffffffffffffff4, 0xfffffffffffffffc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x4, 0x1, 0xb, 0x6, 0x1, 0xfffffffffffffffe}], &(0x7f00000002c0)='syzkaller\x00', 0x81, 0xff, &(0x7f0000000540)=""/255, 0x41100, 0x40, '\x00', r4, @fallback=0x2a, r0, 0x8, &(0x7f0000000640)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, r5, r0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x64, r2, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x64}}, 0x20000014)
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x20, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000001}, 0x4000800)

1.273485673s ago: executing program 3 (id=11011):
r0 = eventfd2(0xfffffffc, 0x80000)
io_setup(0x81, &(0x7f0000000400)=<r1=>0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x1500}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000900)={[{@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@utf8no}, {@fat=@nfs}, {@fat=@check_strict}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@numtail}, {@utf8no}, {@utf8}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@numtail}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@uni_xlate}]}, 0x26, 0x33f, &(0x7f00000005c0)="$eJzs3T1oJOUfB/Df3iTZXOD+SfGHU6vVThC5RCy0SjhOOEyhkcW3xuDlfMmuB1lciEX20iiWio2gld0VWl4tFiJ2FnbiCXIqNndd4A5HdmeyO7uzMTlxc758PkXyy/M833memQzJJCTPvrQcmxem4+LNm9djdrYSU8tnl2OvEgtxIpLIXA4A4N9kL03jRpo5fPT7c/vVzITXBQBMUCWNG6+cGnxcvZuLAQCOwxF//n9qbOuliS0LAJig0vf/B4a6R37NP9X/mwAA4J/rmedfeHJlNWKtVpuNaL7Trrfr8figf+VivBaN2IgzMR+3I7IHhexpofv2ifOr587Uun5aiHo30a5HNDvtevaksJL08tVYjPlYyPNpP59084u9fC0iLnd680ez0q5Px1w+//dzsRFLMR//L+Ujzq+eW6rlB6g39/OdiN2Yzc9ha+276V7xzctxKRpxIbrZwfp3Fmu1s+nqUL59pdobBwAAAAAAAAAAAAAAAAAAAAAAk/BwrW+hv/9N2uy0314bHbAwtD9OPevO9wfazfYHSqv7u/O8m4zuDzS8P0+7PhUn7uqZAwAAAAAAAAAAAAAAAAAAwN9Ha3sm1huNja3W9lubxaJTaHnjq0+/OBmjY15PBi0xlR1uaEzeFoVUEv142o+nydCYvEgiBoOvXM0ONbOX9t7nY6r9syjFu0W11FXJ17TeaJy6/8ePxqV+G7QkUbosw0Uln7/Q1fxfFFf4h/FSsXTImGtpmh4U3/mwnIpKxFTpE/dXFF9ef/XeR1qnH+21fJ5v+vDgQ/PPXvvgk1821xuRX5pGY2ardTv903Mlhfunkl/n/at+eHx30LK71dpeT7799bn73vt6ZHAy/v5Jiy1vHjzXZ6MtM1nRXeZRznR6zM0/vnjxVv/uvfOLefrj5fWrOz/8fMTUPYUvEjbqAAAAAAAAAAAAAAAAAACAY1H4X/E78NjTk1sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy/wev/F4rdUstRiludKHdVN7ZaB05+8lhPFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7DfAwAA//+cp3b6")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
io_submit(r1, 0x1, &(0x7f0000000880)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, r0, 0x0, 0x0, 0x9, 0x0, 0x1, r0}])
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES64=r2, @ANYRES8=r0, @ANYRES16=r2], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r5, @ANYBLOB="0500e0475984f83c4bbccf1f217960092f230766ad88dc7ac79c8bb9933a03b33f567ebf9614a385d41b34dab2", @ANYRES32=r5, @ANYBLOB], 0x44}}, 0x0)

640.434341ms ago: executing program 0 (id=10995):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
fgetxattr(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='tru'], 0x0, 0x0)

627.465332ms ago: executing program 6 (id=11012):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = gettid()
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x16, 0xfe, 0x0, 0x7ffc9ffe}]})
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
timer_delete(r5)
r6 = dup(r1)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r6}})

567.950373ms ago: executing program 0 (id=11013):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})

499.353473ms ago: executing program 1 (id=11014):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (fail_nth: 1)

545.81µs ago: executing program 3 (id=11015):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000011c0)=ANY=[@ANYBLOB="20040000f303000027bd7000fbdbdf251000000000000000080000000f000000f9ffffff0500000001000000fd0d0000519600000c00000047f5ffff060000000800000004000000001000000900000004000000ffffffffffffffff070000000800000009000000987300000008000002000000040000000180000006000000010000000900000010020000710a0000ca00000009000000050000003e0700000001000003000000000200001c7ec22608000000c600000002000000090000000b000000ff000000080000004000000004000000020000002f000000080000000a0000000300000006000000f9fffffff3ffffff09000000265100001000000000080000479cd32d0800000009000000ff000000060000000300000007000000980b000006000000ffffffffffff00009000000000040000bffeffff0000000008000000e30000000700000008000000010000000100008004000000030000000010000009000000ffffff7f0300000002000000930100000080000001010000edfc00000300000002000000060000000b000000030000008100000000100000010400000080000066220000230e000000008100050000004a04000006000000010000000000000006000000ff030000050000000800000000000000feffffff0800000002000000070000000e00000009000000ff0100000800000001040000000000009740000008000000008000009affffff060000000900000085ebffff00000000070000000300000002000000090000005d000000010000000800000008000000eb0e000003000000080000002e5d000004000000090000000700000009000000faffffff400000000500000008000000f208000004000000050000000500000000000080fd0f00000300000000000000050000000600000005000000020000000100000002000000020000000180000005000000070000000600000000000000ffff00000600000000020000080000000900000001000080070000000800000000100000490000000700000002000000b80d000000040000060500000000000004000000030000000002000000000000020000000800000001000080ffff000003000000030000000800000008000000000400000100000007004859fdb4000003000000ffffffff000000800400000007000000be000000510f0000450f00000000010001000000090000000800000057f4ffff0300000007000000090000000200000003000000040000008000000002000000e00b0000ffffff7f0800000001000000ff0100000100000009000000d3000000f7ffffff0700000000000000000000008100000000000900ce070000080000000500000007000000ffffffff04000000010000800500000008000000ff00000000c00000050000008dd67096a7e9026b040000000500000004000000010000000008000075000000"], 0x420}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x80040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r4, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r5, @ANYBLOB="00000000100000001c001a80"], 0x44}}, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000000c0)={[0x79, 0xfffffffffffffffd, 0x2bf9, 0x1, 0x2, 0x0, 0x2, 0x5, 0x0, 0x6, 0x2, 0x0, 0x2, 0x6], 0x2000, 0x2c0242})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0xd, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x800)

0s ago: executing program 1 (id=11016):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

kernel console output (not intermixed with test programs):

x220
[ 2598.717787][ T2148]  kvm_mmu_topup_memory_cache+0x20/0x30
[ 2598.723368][ T2148]  kvm_mmu_load+0x9c/0x25a0
[ 2598.727899][ T2148]  ? kvm_hv_setup_tsc_page+0x5ea/0xa70
[ 2598.733385][ T2148]  ? queue_delayed_work_on+0x101/0x150
[ 2598.738869][ T2148]  ? kvm_apic_has_interrupt+0x78f/0x7a0
[ 2598.744457][ T2148]  vcpu_enter_guest+0x4955/0x6b40
[ 2598.749526][ T2148]  ? avc_compute_av+0x4fd/0x830
[ 2598.754414][ T2148]  ? pvclock_gtod_update_fn+0x270/0x270
[ 2598.759984][ T2148]  ? native_send_call_func_single_ipi+0x6f/0x80
[ 2598.766253][ T2148]  ? send_call_function_single_ipi+0x15b/0x280
[ 2598.772427][ T2148]  ? __cfi_send_call_function_single_ipi+0x10/0x10
[ 2598.778947][ T2148]  ? unwind_get_return_address+0x4d/0x90
[ 2598.784598][ T2148]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2598.790780][ T2148]  ? generic_exec_single+0x237/0x3a0
[ 2598.796081][ T2148]  ? smp_call_function_single+0x470/0x470
[ 2598.801818][ T2148]  ? stack_trace_save+0x98/0xe0
[ 2598.806696][ T2148]  ? vmx_vcpu_pi_load+0x12d/0x810
[ 2598.811746][ T2148]  ? __cfi___loaded_vmcs_clear+0x10/0x10
[ 2598.817439][ T2148]  ? __cfi_smp_call_function_single+0x10/0x10
[ 2598.823611][ T2148]  ? __cfi_vmx_vcpu_pi_load+0x10/0x10
[ 2598.829005][ T2148]  ? kasan_record_aux_stack_noalloc+0xb/0x10
[ 2598.835001][ T2148]  ? call_rcu+0xd4/0xf90
[ 2598.839255][ T2148]  ? __fput+0x66a/0x8f0
[ 2598.843441][ T2148]  ? ____fput+0x15/0x20
[ 2598.847694][ T2148]  ? exit_to_user_mode_loop+0x9b/0xb0
[ 2598.853173][ T2148]  ? exit_to_user_mode_prepare+0x5a/0xa0
[ 2598.858822][ T2148]  ? syscall_exit_to_user_mode+0x1a/0x30
[ 2598.864467][ T2148]  ? _parse_integer_limit+0x18a/0x1d0
[ 2598.869859][ T2148]  ? __kasan_check_write+0x14/0x20
[ 2598.874995][ T2148]  ? __this_cpu_preempt_check+0x13/0x20
[ 2598.880564][ T2148]  ? xfd_validate_state+0x70/0x150
[ 2598.885708][ T2148]  ? __local_bh_enable_ip+0x58/0x80
[ 2598.890930][ T2148]  ? fpu_swap_kvm_fpstate+0x4ef/0x5d0
[ 2598.896339][ T2148]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[ 2598.901731][ T2148]  kvm_arch_vcpu_ioctl_run+0xec4/0x1fa0
[ 2598.907316][ T2148]  kvm_vcpu_ioctl+0x882/0xb70
[ 2598.912038][ T2148]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2598.917261][ T2148]  ? selinux_file_ioctl+0x377/0x480
[ 2598.922476][ T2148]  ? __cfi_selinux_file_ioctl+0x10/0x10
[ 2598.928034][ T2148]  ? mutex_unlock+0x89/0x220
[ 2598.932643][ T2148]  ? __cfi_mutex_unlock+0x10/0x10
[ 2598.937711][ T2148]  ? __fget_files+0x2d5/0x330
[ 2598.942427][ T2148]  ? security_file_ioctl+0x95/0xc0
[ 2598.947732][ T2148]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2598.952968][ T2148]  __se_sys_ioctl+0x12f/0x1b0
[ 2598.957672][ T2148]  __x64_sys_ioctl+0x7b/0x90
[ 2598.962285][ T2148]  x64_sys_call+0x58b/0x9a0
[ 2598.966816][ T2148]  do_syscall_64+0x4c/0xa0
[ 2598.971338][ T2148]  ? clear_bhb_loop+0x15/0x70
[ 2598.976021][ T2148]  ? clear_bhb_loop+0x15/0x70
[ 2598.980718][ T2148]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2598.986637][ T2148] RIP: 0033:0x7f1db9d8e969
[ 2598.991062][ T2148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2599.010768][ T2148] RSP: 002b:00007f1dbacd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2599.019201][ T2148] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2599.027188][ T2148] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2599.035177][ T2148] RBP: 00007f1dbacd0090 R08: 0000000000000000 R09: 0000000000000000
[ 2599.043179][ T2148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2599.051146][ T2148] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2599.059128][ T2148]  </TASK>
[ 2599.118785][ T2154] 9pnet_fd: Insufficient options for proto=fd
[ 2599.187104][ T2156] input: syz0 as /devices/virtual/input/input96
[ 2599.240277][ T2158] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10172'.
[ 2599.295010][ T2161] input: syz0 as /devices/virtual/input/input97
[ 2599.305151][ T2161] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10174'.
[ 2599.889938][   T28] kauditd_printk_skb: 726 callbacks suppressed
[ 2599.889970][   T28] audit: type=1400 audit(2000001478.191:108433): avc:  denied  { bpf } for  pid=2168 comm="syz.6.10177" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2599.920340][   T28] audit: type=1400 audit(2000001478.201:108434): avc:  denied  { map_create } for  pid=2168 comm="syz.6.10177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2599.941781][   T28] audit: type=1400 audit(2000001478.201:108435): avc:  denied  { bpf } for  pid=2168 comm="syz.6.10177" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2599.964034][   T28] audit: type=1400 audit(2000001478.201:108436): avc:  denied  { map_read map_write } for  pid=2168 comm="syz.6.10177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2599.985342][   T28] audit: type=1400 audit(2000001478.201:108437): avc:  denied  { bpf } for  pid=2167 comm="syz.1.10175" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2600.007171][   T28] audit: type=1400 audit(2000001478.201:108438): avc:  denied  { map_create } for  pid=2167 comm="syz.1.10175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2600.061528][   T28] audit: type=1400 audit(2000001478.201:108439): avc:  denied  { map_read map_write } for  pid=2167 comm="syz.1.10175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2600.083391][   T28] audit: type=1400 audit(2000001478.201:108440): avc:  denied  { bpf } for  pid=2167 comm="syz.1.10175" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2600.113971][   T28] audit: type=1400 audit(2000001478.211:108441): avc:  denied  { bpf } for  pid=2167 comm="syz.1.10175" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2600.148670][ T2180] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2600.858188][ T2190] tc_dump_action: action bad kind
[ 2601.142680][ T1106] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 2601.227721][ T2195] 9pnet_fd: Insufficient options for proto=fd
[ 2601.265819][ T2200] /dev/loop0: Can't open blockdev
[ 2601.366538][ T1106] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2601.391031][ T1106] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2601.411413][ T1106] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2601.443356][ T1106] usb 2-1: Product: syz
[ 2601.458711][ T1106] usb 2-1: Manufacturer: syz
[ 2601.466725][ T1106] usb 2-1: SerialNumber: syz
[ 2602.108997][ T2225] binder_alloc: 2224: binder_alloc_buf, no vma
[ 2602.235031][ T2231] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10197'.
[ 2602.249970][ T2190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2602.259221][ T2190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2602.476288][ T2190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2602.500110][ T2190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2602.532271][ T2190] fuse: Unknown parameter 'obj_role'
[ 2602.613616][ T2236] 9pnet_fd: Insufficient options for proto=fd
[ 2604.975982][   T28] kauditd_printk_skb: 679 callbacks suppressed
[ 2604.976000][   T28] audit: type=1400 audit(2000001483.281:109104): avc:  denied  { bpf } for  pid=2243 comm="syz.3.10201" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2605.106815][ T1106] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[ 2605.113438][ T1106] cdc_ncm 2-1:1.0: bind() failure
[ 2605.120432][ T1106] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 2605.127314][ T1106] cdc_ncm 2-1:1.1: bind() failure
[ 2605.138304][ T2251] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2605.142992][ T1106] usb 2-1: USB disconnect, device number 81
[ 2605.155027][   T28] audit: type=1400 audit(2000001483.311:109105): avc:  denied  { map_create } for  pid=2243 comm="syz.3.10201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2605.192661][   T28] audit: type=1400 audit(2000001483.311:109106): avc:  denied  { bpf } for  pid=2243 comm="syz.3.10201" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2605.194360][ T2251] audit: audit_lost=1665 audit_rate_limit=0 audit_backlog_limit=64
[ 2605.215376][ T2254] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2605.226284][ T2255] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2605.236615][ T2254] audit: audit_lost=1666 audit_rate_limit=0 audit_backlog_limit=64
[ 2605.237032][ T2250] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2605.251439][ T2250] audit: audit_lost=1667 audit_rate_limit=0 audit_backlog_limit=64
[ 2605.286412][ T2261] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 2605.363887][ T2259] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 2609.814862][ T2287] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10214'.
[ 2609.983314][   T28] kauditd_printk_skb: 435 callbacks suppressed
[ 2609.983330][   T28] audit: type=1400 audit(2000001488.291:109531): avc:  denied  { perfmon } for  pid=2291 comm="syz.1.10217" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2610.046816][   T28] audit: type=1400 audit(2000001488.321:109532): avc:  denied  { perfmon } for  pid=2291 comm="syz.1.10217" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2610.104577][   T28] audit: type=1400 audit(2000001488.321:109533): avc:  denied  { perfmon } for  pid=2291 comm="syz.1.10217" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2610.146127][   T28] audit: type=1400 audit(2000001488.321:109534): avc:  denied  { perfmon } for  pid=2291 comm="syz.1.10217" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2610.167797][   T28] audit: type=1400 audit(2000001488.331:109535): avc:  denied  { bpf } for  pid=2291 comm="syz.1.10217" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2610.189786][   T28] audit: type=1400 audit(2000001488.331:109536): avc:  denied  { read } for  pid=2288 comm="syz.6.10215" dev="nsfs" ino=4026532523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2610.293257][   T28] audit: type=1400 audit(2000001488.331:109537): avc:  denied  { read open } for  pid=2288 comm="syz.6.10215" path="net:[4026532523]" dev="nsfs" ino=4026532523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2610.328175][T30363] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2610.336028][T30363] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2610.339262][ T2304] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2610.346784][ T2306] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2610.348999][ T2304] audit: audit_lost=1671 audit_rate_limit=0 audit_backlog_limit=64
[ 2610.441152][ T2304] netlink: 'syz.3.10219': attribute type 13 has an invalid length.
[ 2610.495209][ T2304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2610.502378][ T2304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2610.728754][ T2304] binder_alloc: 2298: binder_alloc_buf, no vma
[ 2610.850117][ T2316] kvm: pic: non byte read
[ 2610.883485][T17771] Bluetooth: hci1: Frame reassembly failed (-84)
[ 2610.913985][ T2318] FAULT_INJECTION: forcing a failure.
[ 2610.913985][ T2318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2610.937391][ T2318] CPU: 0 PID: 2318 Comm: syz.3.10223 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2610.948833][ T2318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2610.959008][ T2318] Call Trace:
[ 2610.962313][ T2318]  <TASK>
[ 2610.965266][ T2318]  __dump_stack+0x21/0x24
[ 2610.969640][ T2318]  dump_stack_lvl+0xee/0x150
[ 2610.974261][ T2318]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2610.979339][ T2318]  ? vfs_write+0x9d6/0xca0
[ 2610.983790][ T2318]  dump_stack+0x15/0x24
[ 2610.988010][ T2318]  should_fail_ex+0x3d4/0x520
[ 2610.992716][ T2318]  should_fail+0xb/0x10
[ 2610.996892][ T2318]  should_fail_usercopy+0x1a/0x20
[ 2611.001936][ T2318]  _copy_from_user+0x1e/0xc0
[ 2611.006564][ T2318]  __sys_bind+0x1d1/0x420
[ 2611.010918][ T2318]  ? __cfi___sys_bind+0x10/0x10
[ 2611.015792][ T2318]  ? __kasan_check_write+0x14/0x20
[ 2611.020934][ T2318]  ? debug_smp_processor_id+0x17/0x20
[ 2611.026329][ T2318]  __x64_sys_bind+0x7a/0x90
[ 2611.030854][ T2318]  x64_sys_call+0x70c/0x9a0
[ 2611.035377][ T2318]  do_syscall_64+0x4c/0xa0
[ 2611.039829][ T2318]  ? clear_bhb_loop+0x15/0x70
[ 2611.044519][ T2318]  ? clear_bhb_loop+0x15/0x70
[ 2611.049215][ T2318]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2611.055135][ T2318] RIP: 0033:0x7f1db9d8e969
[ 2611.059655][ T2318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2611.079624][ T2318] RSP: 002b:00007f1dbacd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 2611.088047][ T2318] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2611.096032][ T2318] RDX: 0000000000000006 RSI: 0000200000000140 RDI: 0000000000000005
[ 2611.104004][ T2318] RBP: 00007f1dbacd0090 R08: 0000000000000000 R09: 0000000000000000
[ 2611.111980][ T2318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2611.119973][ T2318] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2611.127949][ T2318]  </TASK>
[ 2611.711004][ T2329] FAULT_INJECTION: forcing a failure.
[ 2611.711004][ T2329] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2611.724473][ T2329] CPU: 1 PID: 2329 Comm: syz.1.10228 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2611.735878][ T2329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2611.745937][ T2329] Call Trace:
[ 2611.749336][ T2329]  <TASK>
[ 2611.752263][ T2329]  __dump_stack+0x21/0x24
[ 2611.756602][ T2329]  dump_stack_lvl+0xee/0x150
[ 2611.761209][ T2329]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2611.766240][ T2329]  ? kernel_text_address+0xa0/0xd0
[ 2611.771362][ T2329]  ? unwind_get_return_address+0x4d/0x90
[ 2611.776996][ T2329]  dump_stack+0x15/0x24
[ 2611.781169][ T2329]  should_fail_ex+0x3d4/0x520
[ 2611.785877][ T2329]  should_fail_alloc_page+0x61/0x90
[ 2611.791079][ T2329]  prepare_alloc_pages+0x148/0x5f0
[ 2611.796191][ T2329]  ? __alloc_pages_bulk+0x9c0/0x9c0
[ 2611.801404][ T2329]  ? _parse_integer_limit+0x18a/0x1d0
[ 2611.806779][ T2329]  __alloc_pages+0x115/0x3a0
[ 2611.811423][ T2329]  ? __cfi___alloc_pages+0x10/0x10
[ 2611.816545][ T2329]  ? mas_next_slot+0xa45/0xa80
[ 2611.821455][ T2329]  __get_free_pages+0xe/0x30
[ 2611.826060][ T2329]  __genradix_ptr_alloc+0xdb/0x380
[ 2611.831272][ T2329]  proc_map_files_readdir+0x4f0/0x960
[ 2611.836653][ T2329]  ? __cfi_proc_map_files_readdir+0x10/0x10
[ 2611.842585][ T2329]  ? downgrade_write+0x350/0x350
[ 2611.847739][ T2329]  ? avc_policy_seqno+0x1b/0x70
[ 2611.852593][ T2329]  ? down_read_killable+0xb6/0x100
[ 2611.857818][ T2329]  ? __cfi_down_read_killable+0x10/0x10
[ 2611.863362][ T2329]  ? fsnotify_perm+0x269/0x5b0
[ 2611.868415][ T2329]  ? security_file_permission+0x94/0xb0
[ 2611.874029][ T2329]  iterate_dir+0x271/0x610
[ 2611.878460][ T2329]  ? __cfi_proc_map_files_readdir+0x10/0x10
[ 2611.884350][ T2329]  __se_sys_getdents+0xe5/0x240
[ 2611.889219][ T2329]  ? fput+0x154/0x1a0
[ 2611.893224][ T2329]  ? __x64_sys_getdents+0x90/0x90
[ 2611.898348][ T2329]  ? ksys_write+0x1eb/0x240
[ 2611.902857][ T2329]  ? __cfi_filldir+0x10/0x10
[ 2611.907453][ T2329]  ? __cfi_ksys_write+0x10/0x10
[ 2611.912312][ T2329]  ? debug_smp_processor_id+0x17/0x20
[ 2611.917687][ T2329]  __x64_sys_getdents+0x7b/0x90
[ 2611.922562][ T2329]  x64_sys_call+0x212/0x9a0
[ 2611.927073][ T2329]  do_syscall_64+0x4c/0xa0
[ 2611.931728][ T2329]  ? clear_bhb_loop+0x15/0x70
[ 2611.936752][ T2329]  ? clear_bhb_loop+0x15/0x70
[ 2611.941441][ T2329]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2611.947346][ T2329] RIP: 0033:0x7ff58dd8e969
[ 2611.951761][ T2329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2611.971454][ T2329] RSP: 002b:00007ff58eb64038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 2611.979877][ T2329] RAX: ffffffffffffffda RBX: 00007ff58dfb5fa0 RCX: 00007ff58dd8e969
[ 2611.987849][ T2329] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000008
[ 2611.995817][ T2329] RBP: 00007ff58eb64090 R08: 0000000000000000 R09: 0000000000000000
[ 2612.003872][ T2329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2612.011844][ T2329] R13: 0000000000000000 R14: 00007ff58dfb5fa0 R15: 00007ffd915fd1b8
[ 2612.019817][ T2329]  </TASK>
[ 2612.284011][ T2343] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10234'.
[ 2612.352689][T21973] Bluetooth: hci0: command 0x1003 tx timeout
[ 2612.358999][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2612.912699][  T868] Bluetooth: hci1: command 0x1003 tx timeout
[ 2612.918793][T29255] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 2613.183611][ T2355] FAULT_INJECTION: forcing a failure.
[ 2613.183611][ T2355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2613.229262][ T2355] CPU: 1 PID: 2355 Comm: syz.3.10237 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2613.240683][ T2355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2613.250763][ T2355] Call Trace:
[ 2613.254057][ T2355]  <TASK>
[ 2613.257000][ T2355]  __dump_stack+0x21/0x24
[ 2613.261351][ T2355]  dump_stack_lvl+0xee/0x150
[ 2613.265959][ T2355]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2613.271007][ T2355]  ? __schedule+0xb8f/0x14e0
[ 2613.275633][ T2355]  dump_stack+0x15/0x24
[ 2613.279813][ T2355]  should_fail_ex+0x3d4/0x520
[ 2613.284507][ T2355]  should_fail+0xb/0x10
[ 2613.288687][ T2355]  should_fail_usercopy+0x1a/0x20
[ 2613.293730][ T2355]  _copy_from_user+0x1e/0xc0
[ 2613.298346][ T2355]  ___sys_sendmsg+0x155/0x290
[ 2613.303054][ T2355]  ? __sys_sendmsg+0x270/0x270
[ 2613.307863][ T2355]  ? __fdget+0x19c/0x220
[ 2613.308343][ T2359] syz.6.10236[2359] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2613.312149][ T2355]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2613.319802][ T2359] syz.6.10236[2359] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2613.323541][ T2355]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2613.323588][ T2355]  ? __kasan_check_write+0x14/0x20
[ 2613.350535][ T2355]  x64_sys_call+0x171/0x9a0
[ 2613.355076][ T2355]  do_syscall_64+0x4c/0xa0
[ 2613.359522][ T2355]  ? clear_bhb_loop+0x15/0x70
[ 2613.364283][ T2355]  ? clear_bhb_loop+0x15/0x70
[ 2613.368980][ T2355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2613.374902][ T2355] RIP: 0033:0x7f1db9d8e969
[ 2613.379332][ T2355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2613.398955][ T2355] RSP: 002b:00007f1dbacaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2613.407383][ T2355] RAX: ffffffffffffffda RBX: 00007f1db9fb6080 RCX: 00007f1db9d8e969
[ 2613.415454][ T2355] RDX: 000000000000c0b0 RSI: 0000200000000280 RDI: 0000000000000003
[ 2613.423430][ T2355] RBP: 00007f1dbacaf090 R08: 0000000000000000 R09: 0000000000000000
[ 2613.431408][ T2355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2613.439375][ T2355] R13: 0000000000000000 R14: 00007f1db9fb6080 R15: 00007ffc0f223f08
[ 2613.447352][ T2355]  </TASK>
[ 2614.298342][ T2383] FAULT_INJECTION: forcing a failure.
[ 2614.298342][ T2383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2614.325485][ T2383] CPU: 0 PID: 2383 Comm: syz.2.10245 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2614.336914][ T2383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2614.346985][ T2383] Call Trace:
[ 2614.350279][ T2383]  <TASK>
[ 2614.353293][ T2383]  __dump_stack+0x21/0x24
[ 2614.357654][ T2383]  dump_stack_lvl+0xee/0x150
[ 2614.362263][ T2383]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2614.367410][ T2383]  dump_stack+0x15/0x24
[ 2614.371756][ T2383]  should_fail_ex+0x3d4/0x520
[ 2614.376452][ T2383]  should_fail+0xb/0x10
[ 2614.380619][ T2383]  should_fail_usercopy+0x1a/0x20
[ 2614.385657][ T2383]  _copy_from_user+0x1e/0xc0
[ 2614.390265][ T2383]  copy_clone_args_from_user+0x1c3/0x630
[ 2614.395929][ T2383]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2614.401278][ T2383]  ? __cfi_proc_fail_nth_write+0x10/0x10
[ 2614.407112][ T2383]  ? security_file_permission+0x8a/0xb0
[ 2614.412682][ T2383]  ? __delayed_free_task+0x20/0x20
[ 2614.417839][ T2383]  __x64_sys_clone3+0x10d/0x2e0
[ 2614.422720][ T2383]  ? __cfi___x64_sys_clone3+0x10/0x10
[ 2614.428119][ T2383]  ? mutex_unlock+0x89/0x220
[ 2614.432742][ T2383]  ? fput+0x154/0x1a0
[ 2614.436762][ T2383]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2614.442854][ T2383]  x64_sys_call+0x4ce/0x9a0
[ 2614.447387][ T2383]  do_syscall_64+0x4c/0xa0
[ 2614.451826][ T2383]  ? clear_bhb_loop+0x15/0x70
[ 2614.456513][ T2383]  ? clear_bhb_loop+0x15/0x70
[ 2614.461211][ T2383]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2614.467136][ T2383] RIP: 0033:0x7f15ded8e969
[ 2614.471559][ T2383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2614.491181][ T2383] RSP: 002b:00007f15dfb9bf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 2614.499621][ T2383] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f15ded8e969
[ 2614.507616][ T2383] RDX: 00007f15dfb9bf20 RSI: 0000000000000058 RDI: 00007f15dfb9bf20
[ 2614.515602][ T2383] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000058
[ 2614.523583][ T2383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2614.531566][ T2383] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2614.539587][ T2383]  </TASK>
[ 2615.072218][ T2389] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10247'.
[ 2615.113619][   T28] kauditd_printk_skb: 749 callbacks suppressed
[ 2615.113663][   T28] audit: type=1400 audit(2000001493.151:110205): avc:  denied  { bpf } for  pid=2384 comm="syz.2.10246" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2615.216742][   T28] audit: type=1400 audit(2000001493.161:110206): avc:  denied  { bpf } for  pid=2384 comm="syz.2.10246" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2615.324526][   T28] audit: type=1400 audit(2000001493.181:110207): avc:  denied  { bpf } for  pid=2384 comm="syz.2.10246" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2615.408587][   T28] audit: type=1400 audit(2000001493.201:110208): avc:  denied  { bpf } for  pid=2384 comm="syz.2.10246" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2615.437797][   T28] audit: type=1400 audit(2000001493.221:110209): avc:  denied  { bpf } for  pid=2384 comm="syz.2.10246" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2615.554667][ T2394] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2615.561207][ T2394] audit: audit_lost=1700 audit_rate_limit=0 audit_backlog_limit=64
[ 2615.569222][ T2394] audit: backlog limit exceeded
[ 2615.582564][ T2394] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2615.589220][ T2394] audit: audit_lost=1701 audit_rate_limit=0 audit_backlog_limit=64
[ 2616.003428][ T2396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2616.012054][ T2396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2616.262644][  T339] usb 3-1: new low-speed USB device number 98 using dummy_hcd
[ 2616.313469][T21732] usb 7-1: new high-speed USB device number 67 using dummy_hcd
[ 2616.364594][ T2412] overlayfs: missing 'lowerdir'
[ 2616.432782][  T339] usb 3-1: device descriptor read/64, error -71
[ 2617.842657][T21732] usb 7-1: Using ep0 maxpacket: 16
[ 2618.423133][  T339] usb 3-1: device descriptor read/64, error -71
[ 2618.505456][T17771] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2619.126388][T21732] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 2619.152681][T21732] usb 7-1: can't read configurations, error -71
[ 2620.113988][ T2440] syz.3.10261[2440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2620.114092][ T2440] syz.3.10261[2440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2620.147000][   T28] kauditd_printk_skb: 379 callbacks suppressed
[ 2620.227227][   T28] audit: type=1400 audit(2000001497.711:110576): avc:  denied  { bpf } for  pid=2426 comm="syz.1.10260" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2620.341287][   T28] audit: type=1400 audit(2000001497.721:110577): avc:  denied  { map_create } for  pid=2426 comm="syz.1.10260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2620.375147][   T28] audit: type=1400 audit(2000001497.731:110578): avc:  denied  { bpf } for  pid=2426 comm="syz.1.10260" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2620.410749][ T2444] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2620.412303][ T2442] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2620.427085][ T2444] audit: audit_lost=1706 audit_rate_limit=0 audit_backlog_limit=64
[ 2620.453629][ T2445] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2620.461994][ T2446] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2620.473732][ T2444] audit: backlog limit exceeded
[ 2620.479157][ T2447] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2620.512679][  T868] Bluetooth: hci0: command 0x1003 tx timeout
[ 2620.518776][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2620.894576][ T2453] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 2620.929769][ T2452] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 2622.977148][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2622.977182][ T4091] Bluetooth: hci0: command 0x1003 tx timeout
[ 2623.002716][  T868] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 2623.272979][ T2475] netlink: 'syz.3.10273': attribute type 1 has an invalid length.
[ 2623.656920][ T2476] FAULT_INJECTION: forcing a failure.
[ 2623.656920][ T2476] name failslab, interval 1, probability 0, space 0, times 0
[ 2623.669873][ T2476] CPU: 1 PID: 2476 Comm: syz.2.10274 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2623.681264][ T2476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2623.691336][ T2476] Call Trace:
[ 2623.694627][ T2476]  <TASK>
[ 2623.697577][ T2476]  __dump_stack+0x21/0x24
[ 2623.701928][ T2476]  dump_stack_lvl+0xee/0x150
[ 2623.706541][ T2476]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2623.711606][ T2476]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2623.717798][ T2476]  dump_stack+0x15/0x24
[ 2623.721973][ T2476]  should_fail_ex+0x3d4/0x520
[ 2623.726651][ T2476]  __should_failslab+0xac/0xf0
[ 2623.731412][ T2476]  ? kvmalloc_node+0x294/0x480
[ 2623.736181][ T2476]  should_failslab+0x9/0x20
[ 2623.740691][ T2476]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2623.746064][ T2476]  ? kvmalloc_node+0x294/0x480
[ 2623.750834][ T2476]  __kmalloc_node+0xa1/0x1e0
[ 2623.755427][ T2476]  ? timer_update_keys+0xb0/0xb0
[ 2623.760367][ T2476]  kvmalloc_node+0x294/0x480
[ 2623.764963][ T2476]  ? __kasan_check_write+0x14/0x20
[ 2623.770077][ T2476]  ? __cfi_kvmalloc_node+0x10/0x10
[ 2623.775192][ T2476]  ? __kasan_check_write+0x14/0x20
[ 2623.780305][ T2476]  ? enqueue_timer+0x1b6/0x480
[ 2623.785072][ T2476]  __kvm_mmu_topup_memory_cache+0x35e/0x500
[ 2623.790970][ T2476]  ? __kasan_check_write+0x14/0x20
[ 2623.796090][ T2476]  ? mutex_unlock+0x89/0x220
[ 2623.800719][ T2476]  kvm_mmu_topup_memory_cache+0x20/0x30
[ 2623.806273][ T2476]  kvm_mmu_load+0x9c/0x25a0
[ 2623.810777][ T2476]  ? kvm_hv_setup_tsc_page+0x5ea/0xa70
[ 2623.816246][ T2476]  ? queue_delayed_work_on+0x101/0x150
[ 2623.821716][ T2476]  ? kvm_apic_has_interrupt+0x78f/0x7a0
[ 2623.827272][ T2476]  vcpu_enter_guest+0x4955/0x6b40
[ 2623.832304][ T2476]  ? avc_compute_av+0x4fd/0x830
[ 2623.837158][ T2476]  ? pvclock_gtod_update_fn+0x270/0x270
[ 2623.842707][ T2476]  ? 0xffffffffa0003df0
[ 2623.846911][ T2476]  ? is_bpf_text_address+0x177/0x190
[ 2623.852200][ T2476]  ? kernel_text_address+0xa0/0xd0
[ 2623.857314][ T2476]  ? __kernel_text_address+0xd/0x30
[ 2623.862689][ T2476]  ? unwind_get_return_address+0x4d/0x90
[ 2623.868323][ T2476]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2623.874477][ T2476]  ? arch_stack_walk+0xfc/0x150
[ 2623.879335][ T2476]  ? vmx_vcpu_pi_load+0x12d/0x810
[ 2623.884358][ T2476]  ? stack_trace_save+0x98/0xe0
[ 2623.889248][ T2476]  ? __cfi_vmx_vcpu_pi_load+0x10/0x10
[ 2623.894719][ T2476]  ? __stack_depot_save+0x36/0x480
[ 2623.899840][ T2476]  ? _parse_integer_limit+0x18a/0x1d0
[ 2623.905215][ T2476]  ? do_vfs_ioctl+0xc36/0x1c80
[ 2623.909987][ T2476]  ? __this_cpu_preempt_check+0x13/0x20
[ 2623.915540][ T2476]  ? xfd_validate_state+0x70/0x150
[ 2623.920658][ T2476]  ? __local_bh_enable_ip+0x58/0x80
[ 2623.925855][ T2476]  ? fpu_swap_kvm_fpstate+0x4ef/0x5d0
[ 2623.931227][ T2476]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[ 2623.936514][ T2476]  kvm_arch_vcpu_ioctl_run+0xec4/0x1fa0
[ 2623.942081][ T2476]  kvm_vcpu_ioctl+0x882/0xb70
[ 2623.946767][ T2476]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2623.951982][ T2476]  ? selinux_file_ioctl+0x377/0x480
[ 2623.957176][ T2476]  ? __cfi_selinux_file_ioctl+0x10/0x10
[ 2623.962729][ T2476]  ? mutex_unlock+0x89/0x220
[ 2623.967343][ T2476]  ? __cfi_mutex_unlock+0x10/0x10
[ 2623.972372][ T2476]  ? __fget_files+0x2d5/0x330
[ 2623.977088][ T2476]  ? security_file_ioctl+0x95/0xc0
[ 2623.982199][ T2476]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2623.987403][ T2476]  __se_sys_ioctl+0x12f/0x1b0
[ 2623.992086][ T2476]  __x64_sys_ioctl+0x7b/0x90
[ 2623.996682][ T2476]  x64_sys_call+0x58b/0x9a0
[ 2624.001188][ T2476]  do_syscall_64+0x4c/0xa0
[ 2624.005721][ T2476]  ? clear_bhb_loop+0x15/0x70
[ 2624.010522][ T2476]  ? clear_bhb_loop+0x15/0x70
[ 2624.015213][ T2476]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2624.021117][ T2476] RIP: 0033:0x7f15ded8e969
[ 2624.025531][ T2476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2624.045136][ T2476] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2624.053565][ T2476] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2624.061557][ T2476] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2624.069527][ T2476] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2624.077584][ T2476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2624.085557][ T2476] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2624.093543][ T2476]  </TASK>
[ 2624.182254][ T2491] syz.6.10278[2491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2624.182351][ T2491] syz.6.10278[2491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2625.027769][ T2495] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10280'.
[ 2625.300390][   T28] kauditd_printk_skb: 584 callbacks suppressed
[ 2625.300411][   T28] audit: type=1400 audit(2000001503.511:111020): avc:  denied  { execmem } for  pid=2498 comm="syz.3.10281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 2625.376655][ T2502] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10282'.
[ 2626.028893][   T28] audit: type=1400 audit(2000001503.661:111021): avc:  denied  { bpf } for  pid=2500 comm="syz.2.10282" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2626.405371][   T28] audit: type=1400 audit(2000001503.661:111022): avc:  denied  { map_create } for  pid=2500 comm="syz.2.10282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2626.425003][   T28] audit: type=1400 audit(2000001503.661:111023): avc:  denied  { map_read map_write } for  pid=2500 comm="syz.2.10282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2626.456027][   T28] audit: type=1400 audit(2000001503.661:111024): avc:  denied  { bpf } for  pid=2500 comm="syz.2.10282" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2626.477879][   T28] audit: type=1400 audit(2000001503.661:111025): avc:  denied  { prog_load } for  pid=2500 comm="syz.2.10282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2626.499076][   T28] audit: type=1400 audit(2000001503.661:111026): avc:  denied  { bpf } for  pid=2500 comm="syz.2.10282" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2626.560671][   T28] audit: type=1400 audit(2000001503.661:111027): avc:  denied  { prog_load } for  pid=2500 comm="syz.2.10282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2626.582261][   T28] audit: type=1400 audit(2000001503.661:111028): avc:  denied  { bpf } for  pid=2500 comm="syz.2.10282" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2626.662668][   T28] audit: type=1400 audit(2000001503.661:111029): avc:  denied  { bpf } for  pid=2500 comm="syz.2.10282" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2627.095499][T17771] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2627.382235][ T2532] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[ 2629.739691][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2630.068724][T32613] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[ 2630.167256][T30363] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2630.891858][   T28] kauditd_printk_skb: 301 callbacks suppressed
[ 2630.892075][   T28] audit: type=1400 audit(2000001508.701:111331): avc:  denied  { bpf } for  pid=2552 comm="syz.2.10293" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2632.192716][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2632.193146][  T868] Bluetooth: hci0: command 0x1003 tx timeout
[ 2632.295930][   T28] audit: type=1400 audit(2000001508.701:111332): avc:  denied  { prog_load } for  pid=2552 comm="syz.2.10293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2632.304718][ T2565] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10297'.
[ 2632.442676][   T28] audit: type=1400 audit(2000001508.701:111333): avc:  denied  { bpf } for  pid=2552 comm="syz.2.10293" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2632.471092][ T2567] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2632.477677][ T2567] audit: audit_lost=1756 audit_rate_limit=0 audit_backlog_limit=64
[ 2632.485683][ T2567] audit: backlog limit exceeded
[ 2632.493463][ T2567] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2632.500023][ T2567] audit: audit_lost=1757 audit_rate_limit=0 audit_backlog_limit=64
[ 2632.507972][ T2567] audit: backlog limit exceeded
[ 2632.513347][ T2567] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2633.263998][ T2588] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 2633.271444][ T2588] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2633.378631][ T2592] syz.2.10307[2592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2633.378712][ T2592] syz.2.10307[2592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2633.479402][ T2591] FAULT_INJECTION: forcing a failure.
[ 2633.479402][ T2591] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2633.553028][ T2591] CPU: 0 PID: 2591 Comm: syz.1.10306 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2633.564446][ T2591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2633.574781][ T2591] Call Trace:
[ 2633.578082][ T2591]  <TASK>
[ 2633.581019][ T2591]  __dump_stack+0x21/0x24
[ 2633.585371][ T2591]  dump_stack_lvl+0xee/0x150
[ 2633.589977][ T2591]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2633.595022][ T2591]  dump_stack+0x15/0x24
[ 2633.599209][ T2591]  should_fail_ex+0x3d4/0x520
[ 2633.604086][ T2591]  should_fail+0xb/0x10
[ 2633.608265][ T2591]  should_fail_usercopy+0x1a/0x20
[ 2633.613316][ T2591]  _copy_to_user+0x1e/0x90
[ 2633.617756][ T2591]  simple_read_from_buffer+0xe9/0x160
[ 2633.623169][ T2591]  proc_fail_nth_read+0x19a/0x210
[ 2633.628234][ T2591]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2633.633830][ T2591]  ? security_file_permission+0x94/0xb0
[ 2633.639406][ T2591]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2633.644995][ T2591]  vfs_read+0x26e/0x8c0
[ 2633.649181][ T2591]  ? __cfi_vfs_read+0x10/0x10
[ 2633.654212][ T2591]  ? __kasan_check_write+0x14/0x20
[ 2633.659321][ T2591]  ? mutex_lock+0x8d/0x1a0
[ 2633.663739][ T2591]  ? __cfi_mutex_lock+0x10/0x10
[ 2633.668595][ T2591]  ? __fdget_pos+0x2cd/0x380
[ 2633.673187][ T2591]  ? ksys_read+0x71/0x240
[ 2633.677549][ T2591]  ksys_read+0x140/0x240
[ 2633.681859][ T2591]  ? __cfi_ksys_read+0x10/0x10
[ 2633.686705][ T2591]  ? fput+0x154/0x1a0
[ 2633.690806][ T2591]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2633.696128][ T2591]  __x64_sys_read+0x7b/0x90
[ 2633.700661][ T2591]  x64_sys_call+0x2f/0x9a0
[ 2633.705113][ T2591]  do_syscall_64+0x4c/0xa0
[ 2633.709733][ T2591]  ? clear_bhb_loop+0x15/0x70
[ 2633.714615][ T2591]  ? clear_bhb_loop+0x15/0x70
[ 2633.719499][ T2591]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2633.725420][ T2591] RIP: 0033:0x7ff58dd8d37c
[ 2633.729853][ T2591] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2633.749565][ T2591] RSP: 002b:00007ff58eb64030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2633.758016][ T2591] RAX: ffffffffffffffda RBX: 00007ff58dfb5fa0 RCX: 00007ff58dd8d37c
[ 2633.766023][ T2591] RDX: 000000000000000f RSI: 00007ff58eb640a0 RDI: 0000000000000007
[ 2633.774129][ T2591] RBP: 00007ff58eb64090 R08: 0000000000000000 R09: 0000000000000000
[ 2633.782126][ T2591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2633.790216][ T2591] R13: 0000000000000000 R14: 00007ff58dfb5fa0 R15: 00007ffd915fd1b8
[ 2633.798215][ T2591]  </TASK>
[ 2634.432825][ T2605] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10307'.
[ 2634.446182][ T2605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10307'.
[ 2636.460384][   T28] kauditd_printk_skb: 335 callbacks suppressed
[ 2636.460402][   T28] audit: type=1400 audit(2000001512.261:111625): avc:  denied  { bpf } for  pid=2580 comm="syz.3.10303" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.583764][   T28] audit: type=1400 audit(2000001512.571:111626): avc:  denied  { bpf } for  pid=2590 comm="syz.2.10307" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.685621][   T28] audit: type=1400 audit(2000001512.571:111627): avc:  denied  { prog_load } for  pid=2590 comm="syz.2.10307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2636.750452][   T28] audit: type=1400 audit(2000001512.571:111628): avc:  denied  { bpf } for  pid=2590 comm="syz.2.10307" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.760310][ T2608] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10310'.
[ 2636.807175][   T28] audit: type=1400 audit(2000001512.571:111629): avc:  denied  { bpf } for  pid=2590 comm="syz.2.10307" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.857451][   T28] audit: type=1400 audit(2000001512.571:111630): avc:  denied  { perfmon } for  pid=2590 comm="syz.2.10307" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.899025][   T28] audit: type=1400 audit(2000001514.701:111631): avc:  denied  { bpf } for  pid=2598 comm="syz.5.10309" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2636.940331][   T28] audit: type=1400 audit(2000001514.701:111632): avc:  denied  { prog_load } for  pid=2598 comm="syz.5.10309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2636.992347][   T28] audit: type=1400 audit(2000001514.701:111633): avc:  denied  { bpf } for  pid=2598 comm="syz.5.10309" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2637.198987][ T2615] FAULT_INJECTION: forcing a failure.
[ 2637.198987][ T2615] name failslab, interval 1, probability 0, space 0, times 0
[ 2637.211742][ T2615] CPU: 1 PID: 2615 Comm: syz.2.10311 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2637.223132][ T2615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2637.233292][ T2615] Call Trace:
[ 2637.236584][ T2615]  <TASK>
[ 2637.239535][ T2615]  __dump_stack+0x21/0x24
[ 2637.243901][ T2615]  dump_stack_lvl+0xee/0x150
[ 2637.248504][ T2615]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2637.253631][ T2615]  dump_stack+0x15/0x24
[ 2637.257834][ T2615]  should_fail_ex+0x3d4/0x520
[ 2637.262525][ T2615]  ? getname_flags+0xb9/0x500
[ 2637.267231][ T2615]  __should_failslab+0xac/0xf0
[ 2637.272003][ T2615]  should_failslab+0x9/0x20
[ 2637.276611][ T2615]  kmem_cache_alloc+0x3b/0x330
[ 2637.281389][ T2615]  ? __cfi_push_rt_tasks+0x10/0x10
[ 2637.286510][ T2615]  getname_flags+0xb9/0x500
[ 2637.291034][ T2615]  getname+0x19/0x20
[ 2637.294944][ T2615]  do_sys_openat2+0xcb/0x7e0
[ 2637.299548][ T2615]  ? do_sys_open+0xe0/0xe0
[ 2637.303986][ T2615]  ? release_firmware_map_entry+0x194/0x194
[ 2637.309908][ T2615]  ? ksys_write+0x1eb/0x240
[ 2637.312678][   T28] audit: type=1400 audit(2000001514.701:111634): avc:  denied  { bpf } for  pid=2598 comm="syz.5.10309" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2637.314431][ T2615]  __x64_sys_open+0x11c/0x140
[ 2637.339954][ T2615]  x64_sys_call+0x97b/0x9a0
[ 2637.344478][ T2615]  do_syscall_64+0x4c/0xa0
[ 2637.348909][ T2615]  ? clear_bhb_loop+0x15/0x70
[ 2637.353594][ T2615]  ? clear_bhb_loop+0x15/0x70
[ 2637.358280][ T2615]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2637.364231][ T2615] RIP: 0033:0x7f15ded8e969
[ 2637.368658][ T2615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2637.388275][ T2615] RSP: 002b:00007f15dfb5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 2637.396697][ T2615] RAX: ffffffffffffffda RBX: 00007f15defb6160 RCX: 00007f15ded8e969
[ 2637.404671][ T2615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[ 2637.412670][ T2615] RBP: 00007f15dfb5a090 R08: 0000000000000000 R09: 0000000000000000
[ 2637.420652][ T2615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2637.428643][ T2615] R13: 0000000000000000 R14: 00007f15defb6160 R15: 00007ffc130b80e8
[ 2637.436623][ T2615]  </TASK>
[ 2638.512663][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2638.512748][  T868] Bluetooth: hci0: command 0x1003 tx timeout
[ 2638.738028][ T2639] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10320'.
[ 2638.845639][ T2642] syz.5.10319[2642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2638.845735][ T2642] syz.5.10319[2642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2640.457828][ T2665] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10327'.
[ 2641.463230][   T28] kauditd_printk_skb: 584 callbacks suppressed
[ 2641.463249][   T28] audit: type=1400 audit(2000001519.771:112219): avc:  denied  { bpf } for  pid=2676 comm="syz.2.10331" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2641.522283][ T2679] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10330'.
[ 2641.575417][   T28] audit: type=1400 audit(2000001519.771:112220): avc:  denied  { create } for  pid=2674 comm="syz.6.10330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 2641.625969][   T28] audit: type=1400 audit(2000001519.801:112221): avc:  denied  { bpf } for  pid=2674 comm="syz.6.10330" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2641.672210][   T28] audit: type=1400 audit(2000001519.801:112222): avc:  denied  { map_create } for  pid=2674 comm="syz.6.10330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2641.779804][   T28] audit: type=1400 audit(2000001519.801:112223): avc:  denied  { map_read map_write } for  pid=2674 comm="syz.6.10330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2641.815690][ T2677] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2641.822242][ T2677] audit: audit_lost=1773 audit_rate_limit=0 audit_backlog_limit=64
[ 2641.831226][ T2685] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2641.837960][ T2685] audit: audit_lost=1774 audit_rate_limit=0 audit_backlog_limit=64
[ 2641.845901][ T2685] audit: backlog limit exceeded
[ 2642.277301][ T2691] syz.3.10334[2691] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2642.277404][ T2691] syz.3.10334[2691] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2643.612134][ T2695] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10335'.
[ 2643.766868][ T2704] FAULT_INJECTION: forcing a failure.
[ 2643.766868][ T2704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2643.804958][ T2704] CPU: 0 PID: 2704 Comm: syz.2.10337 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2643.816380][ T2704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2643.826460][ T2704] Call Trace:
[ 2643.829757][ T2704]  <TASK>
[ 2643.832705][ T2704]  __dump_stack+0x21/0x24
[ 2643.837072][ T2704]  dump_stack_lvl+0xee/0x150
[ 2643.841709][ T2704]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2643.846759][ T2704]  ? vmx_read_guest_seg_ar+0x164/0x380
[ 2643.852248][ T2704]  dump_stack+0x15/0x24
[ 2643.856425][ T2704]  should_fail_ex+0x3d4/0x520
[ 2643.861201][ T2704]  should_fail+0xb/0x10
[ 2643.865381][ T2704]  should_fail_usercopy+0x1a/0x20
[ 2643.870439][ T2704]  __kvm_read_guest_page+0x14c/0x1d0
[ 2643.875752][ T2704]  kvm_vcpu_read_guest_page+0x318/0x3f0
[ 2643.881320][ T2704]  kvm_fetch_guest_virt+0x13f/0x180
[ 2643.886553][ T2704]  ? __cfi_kvm_fetch_guest_virt+0x10/0x10
[ 2643.892310][ T2704]  __do_insn_fetch_bytes+0x2b7/0x6c0
[ 2643.897627][ T2704]  ? x86_decode_insn+0x4cb0/0x4cb0
[ 2643.902764][ T2704]  ? kvm_tdp_mmu_map+0xc6c/0x1050
[ 2643.907817][ T2704]  x86_decode_insn+0x2dd/0x4cb0
[ 2643.912701][ T2704]  ? __cfi_kvm_tdp_mmu_map+0x10/0x10
[ 2643.918014][ T2704]  ? __stack_depot_save+0x36/0x480
[ 2643.923163][ T2704]  ? vmx_read_guest_seg_ar+0x1c1/0x380
[ 2643.928656][ T2704]  ? memset+0x35/0x40
[ 2643.932669][ T2704]  ? __cfi_x86_decode_insn+0x10/0x10
[ 2643.938074][ T2704]  x86_decode_emulated_instruction+0x62/0x180
[ 2643.944182][ T2704]  x86_emulate_instruction+0x203/0x1af0
[ 2643.949766][ T2704]  kvm_mmu_page_fault+0x68c/0x890
[ 2643.954829][ T2704]  ? __cfi_kvm_mmu_page_fault+0x10/0x10
[ 2643.960400][ T2704]  ? __kasan_check_read+0x11/0x20
[ 2643.965447][ T2704]  ? __kasan_check_write+0x14/0x20
[ 2643.970585][ T2704]  ? __kasan_check_write+0x14/0x20
[ 2643.975724][ T2704]  handle_ept_violation+0x217/0x4f0
[ 2643.980954][ T2704]  ? __cfi_handle_ept_violation+0x10/0x10
[ 2643.986697][ T2704]  vmx_handle_exit+0xc92/0x1b30
[ 2643.991572][ T2704]  ? __cfi_vmx_vcpu_run+0x10/0x10
[ 2643.996629][ T2704]  ? vmx_handle_exit_irqoff+0x25a/0x6a0
[ 2644.002208][ T2704]  vcpu_enter_guest+0x2efb/0x6b40
[ 2644.007258][ T2704]  ? avc_compute_av+0x4fd/0x830
[ 2644.012141][ T2704]  ? pvclock_gtod_update_fn+0x270/0x270
[ 2644.017717][ T2704]  ? 0xffffffffa0003e98
[ 2644.021889][ T2704]  ? is_bpf_text_address+0x177/0x190
[ 2644.027203][ T2704]  ? kernel_text_address+0xa0/0xd0
[ 2644.032339][ T2704]  ? __kernel_text_address+0xd/0x30
[ 2644.037577][ T2704]  ? unwind_get_return_address+0x4d/0x90
[ 2644.043495][ T2704]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2644.049667][ T2704]  ? arch_stack_walk+0xfc/0x150
[ 2644.054552][ T2704]  ? vmx_vcpu_pi_load+0x12d/0x810
[ 2644.059603][ T2704]  ? stack_trace_save+0x98/0xe0
[ 2644.064479][ T2704]  ? __cfi_vmx_vcpu_pi_load+0x10/0x10
[ 2644.069883][ T2704]  ? __stack_depot_save+0x36/0x480
[ 2644.075024][ T2704]  ? _parse_integer_limit+0x18a/0x1d0
[ 2644.080430][ T2704]  ? do_vfs_ioctl+0xc36/0x1c80
[ 2644.085221][ T2704]  ? __this_cpu_preempt_check+0x13/0x20
[ 2644.090797][ T2704]  ? xfd_validate_state+0x70/0x150
[ 2644.095940][ T2704]  ? __local_bh_enable_ip+0x58/0x80
[ 2644.101163][ T2704]  ? fpu_swap_kvm_fpstate+0x4ef/0x5d0
[ 2644.106561][ T2704]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[ 2644.111874][ T2704]  kvm_arch_vcpu_ioctl_run+0xec4/0x1fa0
[ 2644.117459][ T2704]  kvm_vcpu_ioctl+0x882/0xb70
[ 2644.122173][ T2704]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2644.127413][ T2704]  ? selinux_file_ioctl+0x377/0x480
[ 2644.132637][ T2704]  ? __cfi_selinux_file_ioctl+0x10/0x10
[ 2644.138381][ T2704]  ? mutex_unlock+0x89/0x220
[ 2644.143002][ T2704]  ? __cfi_mutex_unlock+0x10/0x10
[ 2644.148151][ T2704]  ? __fget_files+0x2d5/0x330
[ 2644.152944][ T2704]  ? security_file_ioctl+0x95/0xc0
[ 2644.158082][ T2704]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2644.163310][ T2704]  __se_sys_ioctl+0x12f/0x1b0
[ 2644.168023][ T2704]  __x64_sys_ioctl+0x7b/0x90
[ 2644.172649][ T2704]  x64_sys_call+0x58b/0x9a0
[ 2644.177174][ T2704]  do_syscall_64+0x4c/0xa0
[ 2644.181606][ T2704]  ? clear_bhb_loop+0x15/0x70
[ 2644.186301][ T2704]  ? clear_bhb_loop+0x15/0x70
[ 2644.190987][ T2704]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2644.196906][ T2704] RIP: 0033:0x7f15ded8e969
[ 2644.201338][ T2704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2644.221048][ T2704] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2644.229481][ T2704] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2644.237464][ T2704] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[ 2644.255086][ T2704] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2644.263075][ T2704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2644.271076][ T2704] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2644.279053][ T2704]  </TASK>
[ 2644.331336][ T2707] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10339'.
[ 2644.896585][ T2714] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10341'.
[ 2645.429634][ T2725] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10346'.
[ 2647.439666][   T28] kauditd_printk_skb: 558 callbacks suppressed
[ 2647.439682][   T28] audit: type=1400 audit(2000001525.321:112736): avc:  denied  { bpf } for  pid=2740 comm="syz.5.10351" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2647.747038][ T2732] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2647.757244][ T2746] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2647.777931][ T2752] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2647.784842][ T2732] audit: audit_lost=1790 audit_rate_limit=0 audit_backlog_limit=64
[ 2647.797847][ T2746] audit: audit_lost=1791 audit_rate_limit=0 audit_backlog_limit=64
[ 2647.808924][ T2752] audit: audit_lost=1792 audit_rate_limit=0 audit_backlog_limit=64
[ 2647.822119][ T2732] audit: backlog limit exceeded
[ 2647.829134][ T2746] audit: backlog limit exceeded
[ 2647.838204][ T2752] audit: backlog limit exceeded
[ 2648.140019][ T2758] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10354'.
[ 2648.903808][ T2775] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10360'.
[ 2649.029102][ T2780] FAULT_INJECTION: forcing a failure.
[ 2649.029102][ T2780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2649.062724][ T2780] CPU: 0 PID: 2780 Comm: syz.2.10362 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2649.074239][ T2780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2649.084407][ T2780] Call Trace:
[ 2649.087707][ T2780]  <TASK>
[ 2649.090653][ T2780]  __dump_stack+0x21/0x24
[ 2649.095019][ T2780]  dump_stack_lvl+0xee/0x150
[ 2649.099633][ T2780]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2649.104768][ T2780]  ? _parse_integer+0x2a/0x40
[ 2649.109482][ T2780]  dump_stack+0x15/0x24
[ 2649.113657][ T2780]  should_fail_ex+0x3d4/0x520
[ 2649.118356][ T2780]  should_fail+0xb/0x10
[ 2649.122635][ T2780]  should_fail_usercopy+0x1a/0x20
[ 2649.127733][ T2780]  _copy_from_user+0x1e/0xc0
[ 2649.132357][ T2780]  ___sys_sendmsg+0x155/0x290
[ 2649.137063][ T2780]  ? __sys_sendmsg+0x270/0x270
[ 2649.141869][ T2780]  ? __kasan_check_write+0x14/0x20
[ 2649.147020][ T2780]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2649.152337][ T2780]  ? vfs_write+0x9d6/0xca0
[ 2649.156777][ T2780]  ? __fdget+0x19c/0x220
[ 2649.161131][ T2780]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2649.166127][ T2780]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2649.171622][ T2780]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2649.177800][ T2780]  x64_sys_call+0x171/0x9a0
[ 2649.182330][ T2780]  do_syscall_64+0x4c/0xa0
[ 2649.186858][ T2780]  ? clear_bhb_loop+0x15/0x70
[ 2649.191554][ T2780]  ? clear_bhb_loop+0x15/0x70
[ 2649.196255][ T2780]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2649.202174][ T2780] RIP: 0033:0x7f15ded8e969
[ 2649.206604][ T2780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2649.226318][ T2780] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2649.234753][ T2780] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2649.242748][ T2780] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 2649.250733][ T2780] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2649.258884][ T2780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2649.266882][ T2780] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2649.274884][ T2780]  </TASK>
[ 2649.929107][ T2792] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10365'.
[ 2650.121323][ T2801] syz.5.10366[2801] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2650.121425][ T2801] syz.5.10366[2801] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2652.294876][ T2820] FAULT_INJECTION: forcing a failure.
[ 2652.294876][ T2820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2652.350606][ T2822] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10376'.
[ 2652.367337][ T2820] CPU: 1 PID: 2820 Comm: syz.1.10377 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2652.378762][ T2820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2652.388838][ T2820] Call Trace:
[ 2652.392129][ T2820]  <TASK>
[ 2652.395070][ T2820]  __dump_stack+0x21/0x24
[ 2652.399422][ T2820]  dump_stack_lvl+0xee/0x150
[ 2652.404032][ T2820]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2652.409085][ T2820]  dump_stack+0x15/0x24
[ 2652.413274][ T2820]  should_fail_ex+0x3d4/0x520
[ 2652.417991][ T2820]  should_fail+0xb/0x10
[ 2652.422173][ T2820]  should_fail_usercopy+0x1a/0x20
[ 2652.427231][ T2820]  _copy_from_user+0x1e/0xc0
[ 2652.431931][ T2820]  ___sys_recvmsg+0x12b/0x510
[ 2652.436639][ T2820]  ? __sys_recvmsg+0x270/0x270
[ 2652.441440][ T2820]  ? security_file_permission+0x94/0xb0
[ 2652.447095][ T2820]  ? __fget_files+0x2d5/0x330
[ 2652.451794][ T2820]  ? __fdget+0x19c/0x220
[ 2652.456062][ T2820]  __x64_sys_recvmsg+0x1ed/0x2c0
[ 2652.461029][ T2820]  ? __cfi___x64_sys_recvmsg+0x10/0x10
[ 2652.466532][ T2820]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2652.472633][ T2820]  x64_sys_call+0x75/0x9a0
[ 2652.477081][ T2820]  do_syscall_64+0x4c/0xa0
[ 2652.481516][ T2820]  ? clear_bhb_loop+0x15/0x70
[ 2652.486204][ T2820]  ? clear_bhb_loop+0x15/0x70
[ 2652.490898][ T2820]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2652.496824][ T2820] RIP: 0033:0x7ff58dd8e969
[ 2652.501352][ T2820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2652.520982][ T2820] RSP: 002b:00007ff58eb64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 2652.529421][ T2820] RAX: ffffffffffffffda RBX: 00007ff58dfb5fa0 RCX: 00007ff58dd8e969
[ 2652.537508][ T2820] RDX: 00000000000040fd RSI: 0000200000000b00 RDI: 0000000000000003
[ 2652.545516][ T2820] RBP: 00007ff58eb64090 R08: 0000000000000000 R09: 0000000000000000
[ 2652.553515][ T2820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2652.561505][ T2820] R13: 0000000000000000 R14: 00007ff58dfb5fa0 R15: 00007ffd915fd1b8
[ 2652.569506][ T2820]  </TASK>
[ 2652.585666][   T28] kauditd_printk_skb: 644 callbacks suppressed
[ 2652.585685][   T28] audit: type=1400 audit(2000001530.891:113345): avc:  denied  { bpf } for  pid=2813 comm="syz.2.10373" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2652.675951][   T28] audit: type=1400 audit(2000001530.891:113346): avc:  denied  { map_create } for  pid=2813 comm="syz.2.10373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2652.738148][   T28] audit: type=1400 audit(2000001530.891:113347): avc:  denied  { map_read map_write } for  pid=2813 comm="syz.2.10373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2652.779972][   T28] audit: type=1400 audit(2000001530.951:113348): avc:  denied  { bpf } for  pid=2813 comm="syz.2.10373" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2652.822339][   T28] audit: type=1400 audit(2000001530.951:113349): avc:  denied  { prog_load } for  pid=2813 comm="syz.2.10373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2652.877468][   T28] audit: type=1400 audit(2000001530.951:113350): avc:  denied  { bpf } for  pid=2813 comm="syz.2.10373" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2652.915811][   T28] audit: type=1400 audit(2000001530.951:113351): avc:  denied  { bpf } for  pid=2813 comm="syz.2.10373" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2652.940408][   T28] audit: type=1400 audit(2000001530.951:113352): avc:  denied  { perfmon } for  pid=2813 comm="syz.2.10373" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2652.965158][   T28] audit: type=1400 audit(2000001530.951:113353): avc:  denied  { bpf } for  pid=2813 comm="syz.2.10373" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2653.000331][ T2835] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2654.389822][ T2857] syz.3.10387[2857] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2654.389921][ T2857] syz.3.10387[2857] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2654.689064][ T2862] FAULT_INJECTION: forcing a failure.
[ 2654.689064][ T2862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2654.755363][ T2862] CPU: 0 PID: 2862 Comm: syz.5.10389 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2654.766785][ T2862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2654.776871][ T2862] Call Trace:
[ 2654.780165][ T2862]  <TASK>
[ 2654.783105][ T2862]  __dump_stack+0x21/0x24
[ 2654.787455][ T2862]  dump_stack_lvl+0xee/0x150
[ 2654.792074][ T2862]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2654.797218][ T2862]  dump_stack+0x15/0x24
[ 2654.801400][ T2862]  should_fail_ex+0x3d4/0x520
[ 2654.806112][ T2862]  should_fail+0xb/0x10
[ 2654.810295][ T2862]  should_fail_usercopy+0x1a/0x20
[ 2654.815336][ T2862]  _copy_to_user+0x1e/0x90
[ 2654.819767][ T2862]  simple_read_from_buffer+0xe9/0x160
[ 2654.825159][ T2862]  proc_fail_nth_read+0x19a/0x210
[ 2654.830208][ T2862]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2654.835779][ T2862]  ? security_file_permission+0x94/0xb0
[ 2654.841341][ T2862]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2654.846907][ T2862]  vfs_read+0x26e/0x8c0
[ 2654.851079][ T2862]  ? __cfi_vfs_read+0x10/0x10
[ 2654.855774][ T2862]  ? __kasan_check_write+0x14/0x20
[ 2654.860906][ T2862]  ? mutex_lock+0x8d/0x1a0
[ 2654.865350][ T2862]  ? __cfi_mutex_lock+0x10/0x10
[ 2654.870252][ T2862]  ? __fdget_pos+0x2cd/0x380
[ 2654.874868][ T2862]  ? ksys_read+0x71/0x240
[ 2654.879227][ T2862]  ksys_read+0x140/0x240
[ 2654.883492][ T2862]  ? __cfi_ksys_read+0x10/0x10
[ 2654.888294][ T2862]  ? debug_smp_processor_id+0x17/0x20
[ 2654.893686][ T2862]  __x64_sys_read+0x7b/0x90
[ 2654.898210][ T2862]  x64_sys_call+0x2f/0x9a0
[ 2654.902685][ T2862]  do_syscall_64+0x4c/0xa0
[ 2654.907128][ T2862]  ? clear_bhb_loop+0x15/0x70
[ 2654.911811][ T2862]  ? clear_bhb_loop+0x15/0x70
[ 2654.916500][ T2862]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2654.922518][ T2862] RIP: 0033:0x7f9ead38d37c
[ 2654.926945][ T2862] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2654.946575][ T2862] RSP: 002b:00007f9eae14f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2654.955024][ T2862] RAX: ffffffffffffffda RBX: 00007f9ead5b6080 RCX: 00007f9ead38d37c
[ 2654.963013][ T2862] RDX: 000000000000000f RSI: 00007f9eae14f0a0 RDI: 0000000000000003
[ 2654.971000][ T2862] RBP: 00007f9eae14f090 R08: 0000000000000000 R09: 0000000000000000
[ 2654.978989][ T2862] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 2654.986978][ T2862] R13: 0000000000000000 R14: 00007f9ead5b6080 R15: 00007ffc31a107f8
[ 2654.994975][ T2862]  </TASK>
[ 2657.639108][T30431] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2657.664836][   T28] kauditd_printk_skb: 390 callbacks suppressed
[ 2657.664853][   T28] audit: type=1400 audit(2000001535.971:113697): avc:  denied  { create } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2657.721851][   T28] audit: type=1400 audit(2000001535.971:113698): avc:  denied  { create } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2657.764901][   T28] audit: type=1400 audit(2000001535.971:113699): avc:  denied  { write } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2657.786117][   T28] audit: type=1400 audit(2000001535.971:113700): avc:  denied  { read } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2657.807555][   T28] audit: type=1400 audit(2000001535.971:113701): avc:  denied  { read } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2657.828316][   T28] audit: type=1400 audit(2000001535.971:113702): avc:  denied  { bpf } for  pid=2894 comm="syz.2.10398" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2657.849821][   T28] audit: type=1400 audit(2000001535.971:113703): avc:  denied  { prog_load } for  pid=2894 comm="syz.2.10398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2657.869722][   T28] audit: type=1400 audit(2000001535.971:113704): avc:  denied  { bpf } for  pid=2894 comm="syz.2.10398" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2657.890704][   T28] audit: type=1400 audit(2000001535.971:113705): avc:  denied  { bpf } for  pid=2894 comm="syz.2.10398" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2657.917331][   T28] audit: type=1400 audit(2000001535.971:113706): avc:  denied  { perfmon } for  pid=2894 comm="syz.2.10398" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2658.653865][ T2911] FAULT_INJECTION: forcing a failure.
[ 2658.653865][ T2911] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.666617][ T2911] CPU: 0 PID: 2911 Comm: syz.3.10403 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2658.678111][ T2911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2658.688181][ T2911] Call Trace:
[ 2658.691475][ T2911]  <TASK>
[ 2658.694503][ T2911]  __dump_stack+0x21/0x24
[ 2658.698862][ T2911]  dump_stack_lvl+0xee/0x150
[ 2658.703656][ T2911]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2658.708727][ T2911]  ? __stack_depot_save+0x36/0x480
[ 2658.713971][ T2911]  dump_stack+0x15/0x24
[ 2658.718167][ T2911]  should_fail_ex+0x3d4/0x520
[ 2658.722880][ T2911]  __should_failslab+0xac/0xf0
[ 2658.727732][ T2911]  ? kvmalloc_node+0x294/0x480
[ 2658.732535][ T2911]  should_failslab+0x9/0x20
[ 2658.737071][ T2911]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2658.742517][ T2911]  ? __kasan_check_write+0x14/0x20
[ 2658.747642][ T2911]  ? kvmalloc_node+0x294/0x480
[ 2658.752408][ T2911]  __kmalloc_node+0xa1/0x1e0
[ 2658.757006][ T2911]  kvmalloc_node+0x294/0x480
[ 2658.761605][ T2911]  ? __kasan_check_write+0x14/0x20
[ 2658.766732][ T2911]  ? __cfi_kvmalloc_node+0x10/0x10
[ 2658.772047][ T2911]  file_tty_write+0x2c5/0x890
[ 2658.776739][ T2911]  ? __cfi_n_tty_write+0x10/0x10
[ 2658.781692][ T2911]  tty_write+0x3c/0x50
[ 2658.785778][ T2911]  vfs_write+0x5db/0xca0
[ 2658.790043][ T2911]  ? slab_free_freelist_hook+0xc2/0x190
[ 2658.795598][ T2911]  ? __cfi_vfs_write+0x10/0x10
[ 2658.800461][ T2911]  ? __fget_files+0x2d5/0x330
[ 2658.805150][ T2911]  ? __fdget_pos+0x1f2/0x380
[ 2658.809761][ T2911]  ? ksys_write+0x71/0x240
[ 2658.814239][ T2911]  ksys_write+0x140/0x240
[ 2658.818589][ T2911]  ? __cfi_ksys_write+0x10/0x10
[ 2658.823546][ T2911]  ? debug_smp_processor_id+0x17/0x20
[ 2658.829054][ T2911]  __x64_sys_write+0x7b/0x90
[ 2658.833750][ T2911]  x64_sys_call+0x27b/0x9a0
[ 2658.838267][ T2911]  do_syscall_64+0x4c/0xa0
[ 2658.842774][ T2911]  ? clear_bhb_loop+0x15/0x70
[ 2658.847450][ T2911]  ? clear_bhb_loop+0x15/0x70
[ 2658.852128][ T2911]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2658.858048][ T2911] RIP: 0033:0x7f1db9d8e969
[ 2658.862469][ T2911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2658.882424][ T2911] RSP: 002b:00007f1dbacd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2658.890849][ T2911] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2658.898822][ T2911] RDX: 0000000000001006 RSI: 0000200000002080 RDI: 0000000000000003
[ 2658.906801][ T2911] RBP: 00007f1dbacd0090 R08: 0000000000000000 R09: 0000000000000000
[ 2658.914804][ T2911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2658.922773][ T2911] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2658.930749][ T2911]  </TASK>
[ 2660.412554][  T868] Bluetooth: hci0: command 0x1003 tx timeout
[ 2661.405491][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2661.493030][T30363] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2661.823947][ T2948] syz.2.10411[2948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2661.824053][ T2948] syz.2.10411[2948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2663.619334][T29255] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2664.222968][   T28] kauditd_printk_skb: 645 callbacks suppressed
[ 2664.222991][   T28] audit: type=1400 audit(2000001540.631:114352): avc:  denied  { bpf } for  pid=2950 comm="syz.5.10417" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2664.389177][   T28] audit: type=1400 audit(2000001540.641:114353): avc:  denied  { map_create } for  pid=2950 comm="syz.5.10417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2664.415731][ T2963] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2664.420556][ T2962] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2664.432498][ T2963] audit: audit_lost=1821 audit_rate_limit=0 audit_backlog_limit=64
[ 2664.439242][ T2962] audit: audit_lost=1822 audit_rate_limit=0 audit_backlog_limit=64
[ 2664.448462][   T28] audit: type=1400 audit(2000001540.641:114354): avc:  denied  { map_read map_write } for  pid=2950 comm="syz.5.10417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2664.449712][ T2964] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2664.473817][ T2962] audit: backlog limit exceeded
[ 2664.475795][ T2963] audit: backlog limit exceeded
[ 2667.156103][ T2979] syz.5.10424[2979] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2667.156203][ T2979] syz.5.10424[2979] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2667.274232][ T2981] SELinux: failed to load policy
[ 2667.442276][ T2986] SELinux: failed to load policy
[ 2667.458050][ T2989] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 2667.477972][ T2989] SELinux: failed to load policy
[ 2667.692640][T21732] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 2668.971885][  T681] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[ 2669.070575][ T3000] FAULT_INJECTION: forcing a failure.
[ 2669.070575][ T3000] name failslab, interval 1, probability 0, space 0, times 0
[ 2669.084365][ T3000] CPU: 0 PID: 3000 Comm: syz.5.10432 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2669.095870][ T3000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2669.105945][ T3000] Call Trace:
[ 2669.109239][ T3000]  <TASK>
[ 2669.112178][ T3000]  __dump_stack+0x21/0x24
[ 2669.116528][ T3000]  dump_stack_lvl+0xee/0x150
[ 2669.121133][ T3000]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2669.126288][ T3000]  ? mutex_unlock+0x89/0x220
[ 2669.130906][ T3000]  ? __cfi_mutex_unlock+0x10/0x10
[ 2669.135962][ T3000]  ? flush_workqueue_prep_pwqs+0x408/0x480
[ 2669.141795][ T3000]  dump_stack+0x15/0x24
[ 2669.142654][T21732] usb 4-1: Using ep0 maxpacket: 16
[ 2669.145970][ T3000]  should_fail_ex+0x3d4/0x520
[ 2669.155755][ T3000]  __should_failslab+0xac/0xf0
[ 2669.160541][ T3000]  ? kvm_uevent_notify_change+0xcb/0x3b0
[ 2669.166204][ T3000]  should_failslab+0x9/0x20
[ 2669.169627][T21732] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2669.170753][ T3000]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2669.186183][ T3000]  ? __kasan_check_read+0x11/0x20
[ 2669.191238][ T3000]  ? kvm_uevent_notify_change+0xcb/0x3b0
[ 2669.193005][T21732] usb 4-1: config 0 has no interfaces?
[ 2669.196898][ T3000]  kmalloc_trace+0x29/0xb0
[ 2669.202450][T21732] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2669.206775][ T3000]  kvm_uevent_notify_change+0xcb/0x3b0
[ 2669.206812][ T3000]  kvm_put_kvm+0x9c/0x1450
[ 2669.218157][T21732] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2669.221273][ T3000]  ? kvm_irqfd_release+0x1ac/0x1d0
[ 2669.229344][T21732] usb 4-1: config 0 descriptor??
[ 2669.233645][ T3000]  ? percpu_counter_add_batch+0x13c/0x160
[ 2669.233676][ T3000]  kvm_vm_release+0x46/0x50
[ 2669.244354][  T681] usb 7-1: Using ep0 maxpacket: 16
[ 2669.249531][ T3000]  ? __cfi_kvm_vm_release+0x10/0x10
[ 2669.249571][ T3000]  __fput+0x1fc/0x8f0
[ 2669.249594][ T3000]  ? _raw_spin_unlock+0x4c/0x70
[ 2669.258145][   T28] kauditd_printk_skb: 331 callbacks suppressed
[ 2669.258169][   T28] audit: type=1400 audit(2000001547.551:114627): avc:  denied  { ioctl } for  pid=2985 comm="syz.3.10427" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x550a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.259227][ T3000]  ____fput+0x15/0x20
[ 2669.259252][ T3000]  task_work_run+0x1db/0x240
[ 2669.259274][ T3000]  ? __cfi_task_work_run+0x10/0x10
[ 2669.259298][ T3000]  ? __cfi___close_range+0x10/0x10
[ 2669.266550][   T28] audit: type=1400 audit(2000001547.551:114628): avc:  denied  { ioctl } for  pid=2985 comm="syz.3.10427" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.268479][ T3000]  exit_to_user_mode_loop+0x9b/0xb0
[ 2669.282560][  T681] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2669.304554][ T3000]  exit_to_user_mode_prepare+0x5a/0xa0
[ 2669.304589][ T3000]  syscall_exit_to_user_mode+0x1a/0x30
[ 2669.304611][ T3000]  do_syscall_64+0x58/0xa0
[ 2669.304635][ T3000]  ? clear_bhb_loop+0x15/0x70
[ 2669.304653][ T3000]  ? clear_bhb_loop+0x15/0x70
[ 2669.304671][ T3000]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2669.304700][ T3000] RIP: 0033:0x7f9ead38e969
[ 2669.304717][ T3000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2669.304735][ T3000] RSP: 002b:00007f9eae170038 EFLAGS: 00000246
[ 2669.312654][   T28] audit: type=1400 audit(2000001547.551:114629): avc:  denied  { ioctl } for  pid=2985 comm="syz.3.10427" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.313289][ T3000]  ORIG_RAX: 00000000000001b4
[ 2669.318395][   T28] audit: type=1400 audit(2000001547.551:114630): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.323484][ T3000] RAX: 0000000000000000 RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38e969
[ 2669.323501][ T3000] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[ 2669.323514][ T3000] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2669.323528][ T3000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2669.354701][  T681] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2669.364609][ T3000] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2669.364639][ T3000]  </TASK>
[ 2669.538087][   T28] audit: type=1400 audit(2000001547.551:114631): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.563803][   T28] audit: type=1400 audit(2000001547.551:114632): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.574463][  T681] usb 7-1: config 0 interface 0 has no altsetting 0
[ 2669.596713][  T681] usb 7-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 2669.598518][   T28] audit: type=1400 audit(2000001547.551:114633): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.633576][   T28] audit: type=1400 audit(2000001547.551:114634): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.673604][   T28] audit: type=1400 audit(2000001547.551:114635): avc:  denied  { ioctl } for  pid=2990 comm="syz.6.10429" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2669.702375][  T681] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2669.713467][  T681] usb 7-1: config 0 descriptor??
[ 2669.720620][   T28] audit: type=1400 audit(2000001547.681:114636): avc:  denied  { bpf } for  pid=3002 comm="syz.2.10433" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2669.802182][ T3013] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10435'.
[ 2670.160660][ T3021] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10438'.
[ 2670.176181][  T681] holtek_kbd 0003:04D9:A055.003F: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.6-1/input0
[ 2670.349774][ T3025] syz.1.10439[3025] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2670.349876][ T3025] syz.1.10439[3025] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2670.572029][  T681] usb 7-1: USB disconnect, device number 69
[ 2671.272158][ T3042] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10445'.
[ 2671.721907][ T3051] netlink: 44 bytes leftover after parsing attributes in process `syz.5.10448'.
[ 2671.871073][T26519] usb 4-1: USB disconnect, device number 79
[ 2672.261057][ T3071] FAULT_INJECTION: forcing a failure.
[ 2672.261057][ T3071] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2672.283423][ T3071] CPU: 0 PID: 3071 Comm: syz.2.10457 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2672.294838][ T3071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2672.305009][ T3071] Call Trace:
[ 2672.308300][ T3071]  <TASK>
[ 2672.311243][ T3071]  __dump_stack+0x21/0x24
[ 2672.315597][ T3071]  dump_stack_lvl+0xee/0x150
[ 2672.320303][ T3071]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2672.325359][ T3071]  dump_stack+0x15/0x24
[ 2672.329542][ T3071]  should_fail_ex+0x3d4/0x520
[ 2672.334223][ T3071]  should_fail_alloc_page+0x61/0x90
[ 2672.339430][ T3071]  prepare_alloc_pages+0x148/0x5f0
[ 2672.344565][ T3071]  ? __alloc_pages_bulk+0x9c0/0x9c0
[ 2672.349775][ T3071]  __alloc_pages+0x115/0x3a0
[ 2672.354375][ T3071]  ? __cfi___alloc_pages+0x10/0x10
[ 2672.359498][ T3071]  ? __kasan_check_write+0x14/0x20
[ 2672.364617][ T3071]  ? _raw_spin_lock+0x8e/0xe0
[ 2672.369301][ T3071]  ? __cfi__raw_spin_lock+0x10/0x10
[ 2672.374501][ T3071]  __get_free_pages+0xe/0x30
[ 2672.379101][ T3071]  proc_pid_cmdline_read+0x54a/0xaa0
[ 2672.384485][ T3071]  ? __cfi_proc_pid_cmdline_read+0x10/0x10
[ 2672.390295][ T3071]  ? tokenize_frame_descr+0x40/0xc0
[ 2672.395509][ T3071]  ? security_file_permission+0x94/0xb0
[ 2672.401054][ T3071]  ? __cfi_proc_pid_cmdline_read+0x10/0x10
[ 2672.406867][ T3071]  vfs_read+0x26e/0x8c0
[ 2672.411031][ T3071]  ? __cfi_vfs_read+0x10/0x10
[ 2672.415718][ T3071]  ? __kasan_check_write+0x14/0x20
[ 2672.420859][ T3071]  ? mutex_lock+0x8d/0x1a0
[ 2672.425297][ T3071]  ? __cfi_mutex_lock+0x10/0x10
[ 2672.430368][ T3071]  ? __fdget_pos+0x2cd/0x380
[ 2672.434962][ T3071]  ? ksys_read+0x71/0x240
[ 2672.439294][ T3071]  ksys_read+0x140/0x240
[ 2672.443548][ T3071]  ? __cfi_ksys_read+0x10/0x10
[ 2672.448363][ T3071]  ? debug_smp_processor_id+0x17/0x20
[ 2672.453738][ T3071]  __x64_sys_read+0x7b/0x90
[ 2672.458264][ T3071]  x64_sys_call+0x2f/0x9a0
[ 2672.462687][ T3071]  do_syscall_64+0x4c/0xa0
[ 2672.467109][ T3071]  ? clear_bhb_loop+0x15/0x70
[ 2672.471786][ T3071]  ? clear_bhb_loop+0x15/0x70
[ 2672.476482][ T3071]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2672.482474][ T3071] RIP: 0033:0x7f15ded8e969
[ 2672.486902][ T3071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2672.506514][ T3071] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2672.514931][ T3071] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2672.522903][ T3071] RDX: 00000000fffffc7a RSI: 0000200000000000 RDI: 0000000000000006
[ 2672.530875][ T3071] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2672.538865][ T3071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2672.546837][ T3071] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2672.554845][ T3071]  </TASK>
[ 2673.064940][T17771] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2673.143556][ T3103] incfs: Can't find or create .index dir in ./file0
[ 2673.150347][ T3103] incfs: mount failed -5
[ 2675.694514][   T28] kauditd_printk_skb: 904 callbacks suppressed
[ 2675.707470][T29255] Bluetooth: hci0: command 0x1003 tx timeout
[ 2675.714317][   T28] audit: type=1400 audit(2000001551.611:115541): avc:  denied  { bpf } for  pid=3100 comm="syz.1.10468" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2675.742775][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2675.889567][   T28] audit: type=1400 audit(2000001552.071:115542): avc:  denied  { bpf } for  pid=3100 comm="syz.1.10468" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2675.936221][   T28] audit: type=1400 audit(2000001552.081:115543): avc:  denied  { prog_load } for  pid=3100 comm="syz.1.10468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2675.956063][   T28] audit: type=1400 audit(2000001552.091:115544): avc:  denied  { bpf } for  pid=3100 comm="syz.1.10468" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2675.997769][   T28] audit: type=1400 audit(2000001552.111:115545): avc:  denied  { bpf } for  pid=3100 comm="syz.1.10468" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2676.059513][ T3111] FAULT_INJECTION: forcing a failure.
[ 2676.059513][ T3111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2676.067278][   T28] audit: type=1400 audit(2000001552.121:115546): avc:  denied  { perfmon } for  pid=3100 comm="syz.1.10468" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2676.102354][ T3118] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2676.109494][ T3118] audit: audit_lost=1843 audit_rate_limit=0 audit_backlog_limit=64
[ 2676.118607][ T3111] CPU: 1 PID: 3111 Comm: syz.5.10470 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2676.130084][ T3111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2676.140249][ T3111] Call Trace:
[ 2676.143550][ T3111]  <TASK>
[ 2676.146489][ T3111]  __dump_stack+0x21/0x24
[ 2676.150841][ T3111]  dump_stack_lvl+0xee/0x150
[ 2676.155454][ T3111]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2676.160502][ T3111]  dump_stack+0x15/0x24
[ 2676.161372][   T28] audit: type=1400 audit(2000001552.131:115547): avc:  denied  { perfmon } for  pid=3100 comm="syz.1.10468" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2676.164677][ T3111]  should_fail_ex+0x3d4/0x520
[ 2676.164705][ T3111]  should_fail+0xb/0x10
[ 2676.164727][ T3111]  should_fail_usercopy+0x1a/0x20
[ 2676.199632][ T3111]  _copy_to_user+0x1e/0x90
[ 2676.204069][ T3111]  simple_read_from_buffer+0xe9/0x160
[ 2676.209467][ T3111]  proc_fail_nth_read+0x19a/0x210
[ 2676.211748][   T28] audit: type=1400 audit(2000001552.141:115548): avc:  denied  { perfmon } for  pid=3100 comm="syz.1.10468" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2676.214515][ T3111]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2676.214549][ T3111]  ? security_file_permission+0x94/0xb0
[ 2676.246700][ T3111]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2676.252274][ T3111]  vfs_read+0x26e/0x8c0
[ 2676.256466][ T3111]  ? __cfi_vfs_read+0x10/0x10
[ 2676.261178][ T3111]  ? __kasan_check_write+0x14/0x20
[ 2676.266391][ T3111]  ? mutex_lock+0x8d/0x1a0
[ 2676.270848][ T3111]  ? __cfi_mutex_lock+0x10/0x10
[ 2676.275721][ T3111]  ? __fdget_pos+0x2cd/0x380
[ 2676.280331][ T3111]  ? ksys_read+0x71/0x240
[ 2676.284668][ T3111]  ksys_read+0x140/0x240
[ 2676.288969][ T3111]  ? __cfi_ksys_read+0x10/0x10
[ 2676.293923][ T3111]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2676.299226][ T3111]  __x64_sys_read+0x7b/0x90
[ 2676.303757][ T3111]  x64_sys_call+0x2f/0x9a0
[ 2676.308192][ T3111]  do_syscall_64+0x4c/0xa0
[ 2676.312737][ T3111]  ? clear_bhb_loop+0x15/0x70
[ 2676.317428][ T3111]  ? clear_bhb_loop+0x15/0x70
[ 2676.322128][ T3111]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2676.328063][ T3111] RIP: 0033:0x7f9ead38d37c
[ 2676.332484][ T3111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2676.352186][ T3111] RSP: 002b:00007f9eae170030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2676.360608][ T3111] RAX: ffffffffffffffda RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38d37c
[ 2676.368589][ T3111] RDX: 000000000000000f RSI: 00007f9eae1700a0 RDI: 0000000000000006
[ 2676.376589][ T3111] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2676.384657][ T3111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2676.392626][ T3111] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2676.400617][ T3111]  </TASK>
[ 2676.464478][ T3125] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10475'.
[ 2676.889795][T30431] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2676.908850][ T3138] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10480'.
[ 2677.824816][ T3177] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10496'.
[ 2678.342686][ T2312] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 2678.733854][ T2312] usb 4-1: too many configurations: 65, using maximum allowed: 8
[ 2678.757347][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.770423][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.799382][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.839417][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.852279][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.867699][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.881321][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.895861][ T2312] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2678.907142][ T2312] usb 4-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.32
[ 2678.923569][T29255] Bluetooth: hci0: command 0x1003 tx timeout
[ 2678.929684][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2678.965911][ T2312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2678.979395][ T2312] usb 4-1: config 0 descriptor??
[ 2678.992867][ T2312] rndis_host 4-1:0.0: More than one union descriptor, skipping ...
[ 2679.009613][ T2312] usb 4-1: bad CDC descriptors
[ 2679.497150][ T2312] cdc_acm 4-1:0.0: More than one union descriptor, skipping ...
[ 2680.024671][ T3217] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10493'.
[ 2680.709216][   T28] kauditd_printk_skb: 1052 callbacks suppressed
[ 2680.709235][   T28] audit: type=1400 audit(2000001559.011:116525): avc:  denied  { bpf } for  pid=3229 comm="syz.1.10512" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2680.761211][   T28] audit: type=1400 audit(2000001559.011:116526): avc:  denied  { map_create } for  pid=3229 comm="syz.1.10512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2680.787731][   T28] audit: type=1400 audit(2000001559.011:116527): avc:  denied  { bpf } for  pid=3229 comm="syz.1.10512" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2680.809327][   T28] audit: type=1400 audit(2000001559.011:116528): avc:  denied  { map_read map_write } for  pid=3229 comm="syz.1.10512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2680.829761][   T28] audit: type=1400 audit(2000001559.011:116529): avc:  denied  { bpf } for  pid=3229 comm="syz.1.10512" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2680.851621][   T28] audit: type=1400 audit(2000001559.011:116530): avc:  denied  { prog_load } for  pid=3229 comm="syz.1.10512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2680.873635][   T28] audit: type=1400 audit(2000001559.011:116531): avc:  denied  { bpf } for  pid=3229 comm="syz.1.10512" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2680.895356][   T28] audit: type=1400 audit(2000001559.011:116532): avc:  denied  { prog_load } for  pid=3229 comm="syz.1.10512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2680.916329][   T28] audit: type=1400 audit(2000001559.011:116533): avc:  denied  { bpf } for  pid=3229 comm="syz.1.10512" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2680.943384][ T3232] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2680.983568][ T3232] FAULT_INJECTION: forcing a failure.
[ 2680.983568][ T3232] name failslab, interval 1, probability 0, space 0, times 0
[ 2680.999308][ T3232] CPU: 0 PID: 3232 Comm: syz.6.10513 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2681.010721][ T3232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2681.020801][ T3232] Call Trace:
[ 2681.024118][ T3232]  <TASK>
[ 2681.027068][ T3232]  __dump_stack+0x21/0x24
[ 2681.031434][ T3232]  dump_stack_lvl+0xee/0x150
[ 2681.036057][ T3232]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2681.041111][ T3232]  ? __kasan_check_write+0x14/0x20
[ 2681.046263][ T3232]  dump_stack+0x15/0x24
[ 2681.050448][ T3232]  should_fail_ex+0x3d4/0x520
[ 2681.051238][ T3238] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10516'.
[ 2681.055152][ T3232]  ? getname_flags+0xb9/0x500
[ 2681.055186][ T3232]  __should_failslab+0xac/0xf0
[ 2681.055207][ T3232]  should_failslab+0x9/0x20
[ 2681.078324][ T3232]  kmem_cache_alloc+0x3b/0x330
[ 2681.083118][ T3232]  getname_flags+0xb9/0x500
[ 2681.087655][ T3232]  getname+0x19/0x20
[ 2681.091662][ T3232]  do_sys_openat2+0xcb/0x7e0
[ 2681.096278][ T3232]  ? __kasan_check_write+0x14/0x20
[ 2681.101418][ T3232]  ? do_sys_open+0xe0/0xe0
[ 2681.105861][ T3232]  ? ksys_write+0x1eb/0x240
[ 2681.110412][ T3232]  ? __cfi_ksys_write+0x10/0x10
[ 2681.115559][ T3232]  __x64_sys_creat+0x8e/0xb0
[ 2681.120199][ T3232]  x64_sys_call+0x116/0x9a0
[ 2681.124735][ T3232]  do_syscall_64+0x4c/0xa0
[ 2681.129174][ T3232]  ? clear_bhb_loop+0x15/0x70
[ 2681.133869][ T3232]  ? clear_bhb_loop+0x15/0x70
[ 2681.138567][ T3232]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2681.144522][ T3232] RIP: 0033:0x7fdc2b78e969
[ 2681.148952][ T3232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2681.168669][ T3232] RSP: 002b:00007fdc2c6c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 2681.177090][ T3232] RAX: ffffffffffffffda RBX: 00007fdc2b9b5fa0 RCX: 00007fdc2b78e969
[ 2681.185067][ T3232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0
[ 2681.193051][ T3232] RBP: 00007fdc2c6c9090 R08: 0000000000000000 R09: 0000000000000000
[ 2681.201017][ T3232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2681.208986][ T3232] R13: 0000000000000000 R14: 00007fdc2b9b5fa0 R15: 00007ffeee145388
[ 2681.216979][ T3232]  </TASK>
[ 2681.444068][ T2312] usb 4-1: USB disconnect, device number 80
[ 2681.487614][ T3242] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10517'.
[ 2682.496328][ T3280] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10531'.
[ 2682.692619][  T681] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[ 2682.892646][  T681] usb 6-1: Using ep0 maxpacket: 16
[ 2682.901521][  T681] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2682.911766][  T681] usb 6-1: config 0 has no interfaces?
[ 2682.917536][  T681] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2682.926715][  T681] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2682.936865][  T681] usb 6-1: config 0 descriptor??
[ 2683.012639][ T2312] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 2683.081906][ T3289] FAULT_INJECTION: forcing a failure.
[ 2683.081906][ T3289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2683.095037][ T3289] CPU: 0 PID: 3289 Comm: syz.6.10534 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2683.106418][ T3289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2683.116479][ T3289] Call Trace:
[ 2683.119773][ T3289]  <TASK>
[ 2683.122702][ T3289]  __dump_stack+0x21/0x24
[ 2683.127120][ T3289]  dump_stack_lvl+0xee/0x150
[ 2683.131707][ T3289]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2683.136729][ T3289]  ? _parse_integer+0x2a/0x40
[ 2683.141443][ T3289]  dump_stack+0x15/0x24
[ 2683.145604][ T3289]  should_fail_ex+0x3d4/0x520
[ 2683.150305][ T3289]  should_fail+0xb/0x10
[ 2683.152666][T26519] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 2683.154484][ T3289]  should_fail_usercopy+0x1a/0x20
[ 2683.167080][ T3289]  _copy_from_user+0x1e/0xc0
[ 2683.171694][ T3289]  ___sys_sendmsg+0x155/0x290
[ 2683.176412][ T3289]  ? __sys_sendmsg+0x270/0x270
[ 2683.181208][ T3289]  ? __kasan_check_write+0x14/0x20
[ 2683.186354][ T3289]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2683.191769][ T3289]  ? vfs_write+0x9d6/0xca0
[ 2683.196224][ T3289]  ? __fdget+0x19c/0x220
[ 2683.200498][ T3289]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2683.205470][ T3289]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2683.210967][ T3289]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2683.217053][ T3289]  x64_sys_call+0x171/0x9a0
[ 2683.221578][ T3289]  do_syscall_64+0x4c/0xa0
[ 2683.226016][ T3289]  ? clear_bhb_loop+0x15/0x70
[ 2683.230711][ T3289]  ? clear_bhb_loop+0x15/0x70
[ 2683.235405][ T3289]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2683.241329][ T3289] RIP: 0033:0x7fdc2b78e969
[ 2683.245770][ T3289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2683.265479][ T3289] RSP: 002b:00007fdc2c6a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2683.273891][ T3289] RAX: ffffffffffffffda RBX: 00007fdc2b9b6080 RCX: 00007fdc2b78e969
[ 2683.281869][ T3289] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000008
[ 2683.289849][ T3289] RBP: 00007fdc2c6a8090 R08: 0000000000000000 R09: 0000000000000000
[ 2683.297844][ T3289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2683.305836][ T3289] R13: 0000000000000000 R14: 00007fdc2b9b6080 R15: 00007ffeee145388
[ 2683.313836][ T3289]  </TASK>
[ 2683.352778][T26519] usb 2-1: Using ep0 maxpacket: 16
[ 2683.366310][T26519] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2683.389483][T26519] usb 2-1: config 0 has no interfaces?
[ 2683.409373][T26519] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 2683.412622][ T2312] usb 4-1: Using ep0 maxpacket: 8
[ 2683.430773][ T2312] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2683.438424][T26519] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2683.449036][ T2312] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 36, changing to 7
[ 2683.465911][ T2312] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 50696, setting to 1024
[ 2683.471552][T26519] usb 2-1: Product: syz
[ 2683.477848][ T2312] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2683.500970][T26519] usb 2-1: Manufacturer: syz
[ 2683.511939][T26519] usb 2-1: SerialNumber: syz
[ 2683.515089][ T2312] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2683.526190][T26519] r8152-cfgselector 2-1: config 0 descriptor??
[ 2683.541710][ T2312] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2683.570401][ T2312] usb 4-1: Product: syz
[ 2683.574742][ T2312] usb 4-1: Manufacturer: syz
[ 2683.579674][ T2312] usb 4-1: SerialNumber: syz
[ 2683.782824][T26519] r8152-cfgselector 2-1: Unknown version 0x0000
[ 2684.917783][T21732] r8152-cfgselector 2-1: USB disconnect, device number 82
[ 2685.719704][   T28] kauditd_printk_skb: 958 callbacks suppressed
[ 2685.766633][ T3325] netlink: 96 bytes leftover after parsing attributes in process `syz.2.10542'.
[ 2685.823293][   T28] audit: type=1400 audit(2000001564.011:117469): avc:  denied  { execute } for  pid=3316 comm="syz.6.10544" path="/256/cpu.stat" dev="tmpfs" ino=1425 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 2686.066786][   T28] audit: type=1400 audit(2000001564.011:117470): avc:  denied  { read } for  pid=3316 comm="syz.6.10544" dev="nsfs" ino=4026532523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2686.273186][   T28] audit: type=1400 audit(2000001564.011:117471): avc:  denied  { read open } for  pid=3316 comm="syz.6.10544" path="net:[4026532523]" dev="nsfs" ino=4026532523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2686.455757][   T28] audit: type=1400 audit(2000001564.011:117472): avc:  denied  { create } for  pid=3316 comm="syz.6.10544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2686.546857][   T28] audit: type=1400 audit(2000001564.021:117473): avc:  denied  { setopt } for  pid=3316 comm="syz.6.10544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2686.574790][ T2312] cdc_ncm 4-1:1.0: bind() failure
[ 2686.581570][ T2312] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 2686.588591][ T2312] cdc_ncm 4-1:1.1: bind() failure
[ 2686.595169][ T2312] usb 4-1: USB disconnect, device number 81
[ 2686.609008][   T28] audit: type=1400 audit(2000001564.041:117474): avc:  denied  { bpf } for  pid=3314 comm="syz.2.10542" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2686.630249][   T28] audit: type=1400 audit(2000001564.041:117475): avc:  denied  { prog_load } for  pid=3314 comm="syz.2.10542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2686.649685][   T28] audit: type=1400 audit(2000001564.041:117476): avc:  denied  { bpf } for  pid=3314 comm="syz.2.10542" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2686.660160][ T3332] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2686.672051][   T28] audit: type=1400 audit(2000001564.051:117477): avc:  denied  { prog_load } for  pid=3314 comm="syz.2.10542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2686.690285][ T3334] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10547'.
[ 2687.796534][T26519] usb 6-1: USB disconnect, device number 104
[ 2688.361445][T30363] device bridge_slave_1 left promiscuous mode
[ 2688.369256][T30363] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2688.392427][T30363] device bridge_slave_0 left promiscuous mode
[ 2688.476350][T30363] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2688.502177][T30363] device veth1_macvtap left promiscuous mode
[ 2688.518475][T30363] device veth0_vlan left promiscuous mode
[ 2689.003404][ T3380] syz.2.10561[3380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2689.003504][ T3380] syz.2.10561[3380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2689.113480][ T3382] FAULT_INJECTION: forcing a failure.
[ 2689.113480][ T3382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2689.138663][ T3382] CPU: 1 PID: 3382 Comm: syz.3.10555 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2689.150057][ T3382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2689.160114][ T3382] Call Trace:
[ 2689.163392][ T3382]  <TASK>
[ 2689.166316][ T3382]  __dump_stack+0x21/0x24
[ 2689.170653][ T3382]  dump_stack_lvl+0xee/0x150
[ 2689.175420][ T3382]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2689.180450][ T3382]  ? __kasan_check_write+0x14/0x20
[ 2689.185573][ T3382]  dump_stack+0x15/0x24
[ 2689.189772][ T3382]  should_fail_ex+0x3d4/0x520
[ 2689.194451][ T3382]  should_fail+0xb/0x10
[ 2689.198616][ T3382]  should_fail_usercopy+0x1a/0x20
[ 2689.203636][ T3382]  _copy_from_user+0x1e/0xc0
[ 2689.208242][ T3382]  __x64_sys_epoll_ctl+0x123/0x1a0
[ 2689.213359][ T3382]  ? __cfi___x64_sys_epoll_ctl+0x10/0x10
[ 2689.218992][ T3382]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2689.225092][ T3382]  x64_sys_call+0x839/0x9a0
[ 2689.229610][ T3382]  do_syscall_64+0x4c/0xa0
[ 2689.234148][ T3382]  ? clear_bhb_loop+0x15/0x70
[ 2689.238830][ T3382]  ? clear_bhb_loop+0x15/0x70
[ 2689.243510][ T3382]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2689.249418][ T3382] RIP: 0033:0x7f1db9d8e969
[ 2689.253928][ T3382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2689.273618][ T3382] RSP: 002b:00007f1dbacaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2689.282042][ T3382] RAX: ffffffffffffffda RBX: 00007f1db9fb6080 RCX: 00007f1db9d8e969
[ 2689.290025][ T3382] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000006
[ 2689.298201][ T3382] RBP: 00007f1dbacaf090 R08: 0000000000000000 R09: 0000000000000000
[ 2689.306264][ T3382] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[ 2689.314231][ T3382] R13: 0000000000000000 R14: 00007f1db9fb6080 R15: 00007ffc0f223f08
[ 2689.322210][ T3382]  </TASK>
[ 2689.981416][ T3363] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2689.991766][ T3363] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2690.019292][ T3363] device bridge_slave_0 entered promiscuous mode
[ 2690.044679][ T3363] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2690.055247][ T3363] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2690.059581][ T3393] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10566'.
[ 2690.063091][ T3363] device bridge_slave_1 entered promiscuous mode
[ 2690.256589][ T3363] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2690.263792][ T3363] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2690.271105][ T3363] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2690.278187][ T3363] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2690.302662][T32613] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 2690.414711][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2690.422672][T30363] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2690.445686][T30363] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2690.475776][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2690.492774][T32613] usb 4-1: Using ep0 maxpacket: 16
[ 2690.499397][T30363] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2690.506570][T30363] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2690.743253][T32613] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2690.753580][   T28] kauditd_printk_skb: 608 callbacks suppressed
[ 2690.753600][   T28] audit: type=1400 audit(2000001568.861:118078): avc:  denied  { ioctl } for  pid=3394 comm="syz.3.10567" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2690.796202][T32613] usb 4-1: config 0 has no interfaces?
[ 2690.815175][T32613] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2690.872639][T32613] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2690.911199][   T28] audit: type=1400 audit(2000001568.871:118079): avc:  denied  { bpf } for  pid=3397 comm="syz.6.10568" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2690.992667][   T28] audit: type=1400 audit(2000001568.871:118080): avc:  denied  { prog_load } for  pid=3397 comm="syz.6.10568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2691.014859][T32613] usb 4-1: config 0 descriptor??
[ 2691.084373][   T28] audit: type=1400 audit(2000001568.871:118081): avc:  denied  { bpf } for  pid=3397 comm="syz.6.10568" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2691.165170][   T28] audit: type=1400 audit(2000001568.881:118082): avc:  denied  { map_create } for  pid=3397 comm="syz.6.10568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2691.234543][ T3363] device veth0_vlan entered promiscuous mode
[ 2691.240712][   T28] audit: type=1400 audit(2000001568.881:118083): avc:  denied  { bpf } for  pid=3397 comm="syz.6.10568" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2691.276914][   T28] audit: type=1400 audit(2000001568.891:118084): avc:  denied  { map_read map_write } for  pid=3397 comm="syz.6.10568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2691.278754][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2691.307436][   T28] audit: type=1400 audit(2000001568.901:118085): avc:  denied  { bpf } for  pid=3397 comm="syz.6.10568" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2691.328741][   T28] audit: type=1400 audit(2000001568.911:118086): avc:  denied  { create } for  pid=3397 comm="syz.6.10568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2691.335274][ T3404] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2691.379723][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2691.404175][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2691.422826][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2691.433778][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2691.460202][T30363] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2691.467321][T30363] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2691.496798][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2691.505730][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2692.228734][ T3405] device pim6reg1 entered promiscuous mode
[ 2692.444060][ T2312] usb 4-1: USB disconnect, device number 82
[ 2692.542846][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2692.558095][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2692.590317][ T3363] device veth1_macvtap entered promiscuous mode
[ 2692.636245][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2692.654360][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2692.693071][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2692.718087][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2692.733010][T30363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2692.872645][  T339] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[ 2693.062889][  T339] usb 6-1: Using ep0 maxpacket: 8
[ 2693.077093][  T339] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[ 2693.089007][  T339] usb 6-1: config 179 has no interface number 0
[ 2693.096730][  T339] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2693.108796][  T339] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2693.122375][  T339] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 20, changing to 8
[ 2693.134644][  T339] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 57696, setting to 1024
[ 2693.147875][  T339] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2693.189059][  T339] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2693.205113][  T339] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2693.220854][ T3418] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2693.268755][ T3440] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 2693.278773][ T3440] SELinux: failed to load policy
[ 2693.434540][ T3450] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10583'.
[ 2693.919787][ T2312] usb 6-1: USB disconnect, device number 105
[ 2693.925875][    C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 2693.925919][    C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 2693.990447][ T3456] FAULT_INJECTION: forcing a failure.
[ 2693.990447][ T3456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2694.004461][ T3456] CPU: 0 PID: 3456 Comm: syz.6.10584 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2694.015858][ T3456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2694.025931][ T3456] Call Trace:
[ 2694.029225][ T3456]  <TASK>
[ 2694.032166][ T3456]  __dump_stack+0x21/0x24
[ 2694.033385][ T3458] x_tables: duplicate underflow at hook 2
[ 2694.036525][ T3456]  dump_stack_lvl+0xee/0x150
[ 2694.046842][ T3456]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2694.051893][ T3456]  dump_stack+0x15/0x24
[ 2694.056085][ T3456]  should_fail_ex+0x3d4/0x520
[ 2694.060833][ T3456]  should_fail+0xb/0x10
[ 2694.065013][ T3456]  should_fail_usercopy+0x1a/0x20
[ 2694.070070][ T3456]  _copy_from_iter+0x190/0xfd0
[ 2694.074942][ T3456]  ? __kernel_text_address+0xd/0x30
[ 2694.080254][ T3456]  ? unwind_get_return_address+0x4d/0x90
[ 2694.085910][ T3456]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2694.092090][ T3456]  ? arch_stack_walk+0xfc/0x150
[ 2694.096978][ T3456]  ? __cfi__copy_from_iter+0x10/0x10
[ 2694.102289][ T3456]  ? stack_trace_save+0x98/0xe0
[ 2694.107166][ T3456]  tun_get_user+0x3d3/0x31a0
[ 2694.111790][ T3456]  ? kstrtoull+0x137/0x1d0
[ 2694.116235][ T3456]  ? tun_do_read+0x1c20/0x1c20
[ 2694.121024][ T3456]  ? __kasan_check_write+0x14/0x20
[ 2694.126149][ T3456]  ? ref_tracker_alloc+0x30f/0x430
[ 2694.131274][ T3456]  ? __cfi_ref_tracker_alloc+0x10/0x10
[ 2694.136747][ T3456]  ? avc_policy_seqno+0x1b/0x70
[ 2694.141614][ T3456]  ? selinux_file_permission+0x2a5/0x510
[ 2694.147249][ T3456]  tun_chr_write_iter+0x1fb/0x300
[ 2694.152290][ T3456]  vfs_write+0x5db/0xca0
[ 2694.156539][ T3456]  ? slab_free_freelist_hook+0xc2/0x190
[ 2694.162096][ T3456]  ? __cfi_vfs_write+0x10/0x10
[ 2694.166866][ T3456]  ? __fget_files+0x2d5/0x330
[ 2694.171635][ T3456]  ? __fdget_pos+0x1f2/0x380
[ 2694.176251][ T3456]  ? ksys_write+0x71/0x240
[ 2694.180677][ T3456]  ksys_write+0x140/0x240
[ 2694.185010][ T3456]  ? __cfi_ksys_write+0x10/0x10
[ 2694.189865][ T3456]  ? debug_smp_processor_id+0x17/0x20
[ 2694.195238][ T3456]  __x64_sys_write+0x7b/0x90
[ 2694.199834][ T3456]  x64_sys_call+0x27b/0x9a0
[ 2694.204354][ T3456]  do_syscall_64+0x4c/0xa0
[ 2694.208776][ T3456]  ? clear_bhb_loop+0x15/0x70
[ 2694.213448][ T3456]  ? clear_bhb_loop+0x15/0x70
[ 2694.218125][ T3456]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2694.224026][ T3456] RIP: 0033:0x7fdc2b78e969
[ 2694.228441][ T3456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2694.248047][ T3456] RSP: 002b:00007fdc2c6c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2694.256462][ T3456] RAX: ffffffffffffffda RBX: 00007fdc2b9b5fa0 RCX: 00007fdc2b78e969
[ 2694.264436][ T3456] RDX: 000000000000ffdd RSI: 0000200000000440 RDI: 0000000000000003
[ 2694.272407][ T3456] RBP: 00007fdc2c6c9090 R08: 0000000000000000 R09: 0000000000000000
[ 2694.280373][ T3456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2694.288341][ T3456] R13: 0000000000000000 R14: 00007fdc2b9b5fa0 R15: 00007ffeee145388
[ 2694.296321][ T3456]  </TASK>
[ 2694.490489][ T3468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10590'.
[ 2694.523965][ T3464] device ip6erspan0 entered promiscuous mode
[ 2695.762750][   T28] kauditd_printk_skb: 909 callbacks suppressed
[ 2695.762789][   T28] audit: type=1400 audit(2000001574.061:118925): avc:  denied  { bpf } for  pid=3481 comm="syz.2.10593" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2695.810534][ T3483] overlayfs: missing 'lowerdir'
[ 2695.818638][ T2312] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 2695.886961][   T28] audit: type=1400 audit(2000001574.071:118926): avc:  denied  { prog_load } for  pid=3481 comm="syz.2.10593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2695.929525][   T28] audit: type=1400 audit(2000001574.071:118927): avc:  denied  { bpf } for  pid=3481 comm="syz.2.10593" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2695.951270][   T28] audit: type=1400 audit(2000001574.071:118928): avc:  denied  { bpf } for  pid=3481 comm="syz.2.10593" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2695.977381][ T3482] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2695.998432][ T3487] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2696.005117][   T28] audit: type=1400 audit(2000001574.071:118929): avc:  denied  { perfmon } for  pid=3481 comm="syz.2.10593" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2696.022610][ T3487] audit: audit_lost=1904 audit_rate_limit=0 audit_backlog_limit=64
[ 2696.026389][   T28] audit: type=1400 audit(2000001574.071:118930): avc:  denied  { bpf } for  pid=3481 comm="syz.2.10593" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2696.056169][   T28] audit: type=1400 audit(2000001574.071:118931): avc:  denied  { perfmon } for  pid=3481 comm="syz.2.10593" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2696.079411][ T3490] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2696.102643][ T2312] usb 4-1: Using ep0 maxpacket: 8
[ 2696.117656][ T2312] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 2696.178578][ T2312] usb 4-1: config 179 has no interface number 0
[ 2696.185886][ T2312] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2696.491820][ T2312] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2696.515603][ T2312] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 20, changing to 8
[ 2696.543659][ T2312] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 57696, setting to 1024
[ 2696.567514][ T2312] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2696.596297][ T2312] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2696.608436][ T2312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2696.621984][ T3468] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2696.843107][ T3499] FAULT_INJECTION: forcing a failure.
[ 2696.843107][ T3499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2696.856311][ T3499] CPU: 1 PID: 3499 Comm: syz.5.10598 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2696.867707][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2696.877782][ T3499] Call Trace:
[ 2696.881075][ T3499]  <TASK>
[ 2696.884081][ T3499]  __dump_stack+0x21/0x24
[ 2696.888445][ T3499]  dump_stack_lvl+0xee/0x150
[ 2696.893090][ T3499]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2696.898143][ T3499]  ? __kasan_check_read+0x11/0x20
[ 2696.903201][ T3499]  dump_stack+0x15/0x24
[ 2696.907376][ T3499]  should_fail_ex+0x3d4/0x520
[ 2696.912077][ T3499]  should_fail+0xb/0x10
[ 2696.916281][ T3499]  should_fail_usercopy+0x1a/0x20
[ 2696.921330][ T3499]  _copy_from_user+0x1e/0xc0
[ 2696.925948][ T3499]  ___sys_recvmsg+0x12b/0x510
[ 2696.930656][ T3499]  ? kstrtoull+0x137/0x1d0
[ 2696.935094][ T3499]  ? __sys_recvmsg+0x270/0x270
[ 2696.939895][ T3499]  ? kstrtouint_from_user+0xf7/0x150
[ 2696.945289][ T3499]  ? __fget_files+0x2d5/0x330
[ 2696.950082][ T3499]  ? __fdget+0x19c/0x220
[ 2696.954346][ T3499]  ? do_recvmmsg+0x176/0x7a0
[ 2696.958948][ T3499]  do_recvmmsg+0x359/0x7a0
[ 2696.963507][ T3499]  ? __sys_recvmmsg+0x280/0x280
[ 2696.968380][ T3499]  ? __cfi_mutex_unlock+0x10/0x10
[ 2696.973440][ T3499]  ? __kasan_check_write+0x14/0x20
[ 2696.978574][ T3499]  ? fput+0x154/0x1a0
[ 2696.982573][ T3499]  __x64_sys_recvmmsg+0x18d/0x240
[ 2696.987610][ T3499]  ? __cfi___x64_sys_recvmmsg+0x10/0x10
[ 2696.993377][ T3499]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2696.999468][ T3499]  x64_sys_call+0x3e7/0x9a0
[ 2697.003995][ T3499]  do_syscall_64+0x4c/0xa0
[ 2697.008435][ T3499]  ? clear_bhb_loop+0x15/0x70
[ 2697.013131][ T3499]  ? clear_bhb_loop+0x15/0x70
[ 2697.017824][ T3499]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2697.023749][ T3499] RIP: 0033:0x7f9ead38e969
[ 2697.028182][ T3499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2697.047918][ T3499] RSP: 002b:00007f9eae12e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2697.056445][ T3499] RAX: ffffffffffffffda RBX: 00007f9ead5b6160 RCX: 00007f9ead38e969
[ 2697.064452][ T3499] RDX: 0000000000000001 RSI: 0000200000002380 RDI: 000000000000000a
[ 2697.072449][ T3499] RBP: 00007f9eae12e090 R08: 0000000000000000 R09: 0000000000000000
[ 2697.080526][ T3499] R10: 0000000000034000 R11: 0000000000000246 R12: 0000000000000001
[ 2697.088512][ T3499] R13: 0000000000000000 R14: 00007f9ead5b6160 R15: 00007ffc31a107f8
[ 2697.096536][ T3499]  </TASK>
[ 2697.369642][T32613] usb 4-1: USB disconnect, device number 83
[ 2697.375732][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 2697.375775][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 2697.890282][ T3514] serio: Serial port ptm0
[ 2697.928476][ T3519] FAULT_INJECTION: forcing a failure.
[ 2697.928476][ T3519] name failslab, interval 1, probability 0, space 0, times 0
[ 2697.941202][ T3519] CPU: 1 PID: 3519 Comm: syz.5.10604 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2697.952700][ T3519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2697.962848][ T3519] Call Trace:
[ 2697.966126][ T3519]  <TASK>
[ 2697.969058][ T3519]  __dump_stack+0x21/0x24
[ 2697.973404][ T3519]  dump_stack_lvl+0xee/0x150
[ 2697.978001][ T3519]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2697.983033][ T3519]  ? unwind_get_return_address+0x4d/0x90
[ 2697.988671][ T3519]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2697.994830][ T3519]  dump_stack+0x15/0x24
[ 2697.998990][ T3519]  should_fail_ex+0x3d4/0x520
[ 2698.003669][ T3519]  __should_failslab+0xac/0xf0
[ 2698.008430][ T3519]  ? serport_ldisc_read+0x11b/0x540
[ 2698.013630][ T3519]  should_failslab+0x9/0x20
[ 2698.018140][ T3519]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2698.023514][ T3519]  ? serport_ldisc_read+0x11b/0x540
[ 2698.028712][ T3519]  kmalloc_trace+0x29/0xb0
[ 2698.033315][ T3519]  serport_ldisc_read+0x11b/0x540
[ 2698.038338][ T3519]  ? kstrtoull+0x137/0x1d0
[ 2698.042759][ T3519]  ? __cfi_ldsem_down_read+0x10/0x10
[ 2698.048047][ T3519]  ? __cfi_serport_ldisc_read+0x10/0x10
[ 2698.053593][ T3519]  ? kstrtouint+0x74/0xe0
[ 2698.057925][ T3519]  ? kstrtouint_from_user+0xf7/0x150
[ 2698.063213][ T3519]  tty_read+0x271/0x560
[ 2698.067378][ T3519]  ? __cfi_tty_read+0x10/0x10
[ 2698.072051][ T3519]  ? avc_policy_seqno+0x1b/0x70
[ 2698.076901][ T3519]  ? fsnotify_perm+0x120/0x5b0
[ 2698.081661][ T3519]  ? security_file_permission+0x8a/0xb0
[ 2698.087210][ T3519]  vfs_read+0x41e/0x8c0
[ 2698.091378][ T3519]  ? __cfi_vfs_read+0x10/0x10
[ 2698.096059][ T3519]  ? __fget_files+0x2d5/0x330
[ 2698.100745][ T3519]  ? __fdget_pos+0x1f2/0x380
[ 2698.105338][ T3519]  ? ksys_read+0x71/0x240
[ 2698.109678][ T3519]  ksys_read+0x140/0x240
[ 2698.113925][ T3519]  ? __cfi_ksys_read+0x10/0x10
[ 2698.118711][ T3519]  ? debug_smp_processor_id+0x17/0x20
[ 2698.124098][ T3519]  __x64_sys_read+0x7b/0x90
[ 2698.128609][ T3519]  x64_sys_call+0x2f/0x9a0
[ 2698.133029][ T3519]  do_syscall_64+0x4c/0xa0
[ 2698.137469][ T3519]  ? clear_bhb_loop+0x15/0x70
[ 2698.142140][ T3519]  ? clear_bhb_loop+0x15/0x70
[ 2698.146814][ T3519]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2698.152709][ T3519] RIP: 0033:0x7f9ead38e969
[ 2698.157123][ T3519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2698.176734][ T3519] RSP: 002b:00007f9eae170038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2698.185156][ T3519] RAX: ffffffffffffffda RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38e969
[ 2698.193124][ T3519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 2698.201094][ T3519] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2698.209065][ T3519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2698.217034][ T3519] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2698.225012][ T3519]  </TASK>
[ 2698.388875][ T3528] serio: Serial port ptm1
[ 2698.472856][ T3533] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10609'.
[ 2699.576610][ T3550] netlink: 100 bytes leftover after parsing attributes in process `syz.5.10615'.
[ 2699.700036][ T3558] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10614'.
[ 2699.941486][ T3569] netlink: 112 bytes leftover after parsing attributes in process `syz.1.10622'.
[ 2700.232849][T26519] usb 7-1: new high-speed USB device number 70 using dummy_hcd
[ 2700.473519][T32613] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 2700.565316][T26519] usb 7-1: Using ep0 maxpacket: 16
[ 2700.575529][T26519] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2700.586705][T26519] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2700.598108][T26519] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[ 2700.608189][T26519] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2700.667634][T32613] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 2700.684308][T32613] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2700.695948][T32613] usb 4-1: config 0 descriptor??
[ 2700.741915][T26519] usb 7-1: config 0 descriptor??
[ 2700.907493][   T28] kauditd_printk_skb: 956 callbacks suppressed
[ 2700.907509][   T28] audit: type=1400 audit(2000001579.211:119870): avc:  denied  { ioctl } for  pid=3562 comm="syz.3.10619" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2700.939428][   T28] audit: type=1400 audit(2000001579.211:119871): avc:  denied  { ioctl } for  pid=3562 comm="syz.3.10619" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2700.982912][ T3568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2700.992089][ T3568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2700.995916][   T28] audit: type=1400 audit(2000001579.221:119872): avc:  denied  { create } for  pid=3585 comm="syz.1.10626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2701.019892][   T28] audit: type=1400 audit(2000001579.221:119873): avc:  denied  { bpf } for  pid=3585 comm="syz.1.10626" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2701.041788][   T28] audit: type=1400 audit(2000001579.221:119874): avc:  denied  { prog_load } for  pid=3585 comm="syz.1.10626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2701.062056][   T28] audit: type=1400 audit(2000001579.221:119875): avc:  denied  { bpf } for  pid=3585 comm="syz.1.10626" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2701.083920][   T28] audit: type=1400 audit(2000001579.221:119876): avc:  denied  { bpf } for  pid=3585 comm="syz.1.10626" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2701.106554][   T28] audit: type=1400 audit(2000001579.221:119877): avc:  denied  { perfmon } for  pid=3585 comm="syz.1.10626" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2701.131408][ T3564] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2701.131981][ T3590] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2701.212794][T26519] konepure 0003:1E7D:2DB4.0040: unknown main item tag 0x0
[ 2701.220140][T26519] konepure 0003:1E7D:2DB4.0040: unknown main item tag 0x0
[ 2701.227712][T26519] konepure 0003:1E7D:2DB4.0040: unknown main item tag 0x0
[ 2701.235114][T26519] konepure 0003:1E7D:2DB4.0040: unknown main item tag 0x0
[ 2701.245535][T26519] konepure 0003:1E7D:2DB4.0040: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.6-1/input0
[ 2701.344336][T32613] usb 4-1: Cannot read MAC address
[ 2701.349635][T32613] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -32
[ 2701.373915][T32613] usb 4-1: USB disconnect, device number 84
[ 2701.435353][ T2312] usb 7-1: USB disconnect, device number 70
[ 2701.486368][ T3598] device wg2 entered promiscuous mode
[ 2701.765992][ T3610] device wg2 entered promiscuous mode
[ 2702.700343][ T3627] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10636'.
[ 2704.903270][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 2704.911762][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 2704.921458][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 2704.930120][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 2704.938411][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 2704.946836][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 2706.031028][   T28] kauditd_printk_skb: 922 callbacks suppressed
[ 2706.031045][   T28] audit: type=1400 audit(2000001584.331:120688): avc:  denied  { bpf } for  pid=3663 comm="syz.6.10650" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2706.058171][   T28] audit: type=1400 audit(2000001584.331:120689): avc:  denied  { prog_load } for  pid=3663 comm="syz.6.10650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2706.072696][  T339] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 2706.077565][   T28] audit: type=1400 audit(2000001584.331:120690): avc:  denied  { bpf } for  pid=3663 comm="syz.6.10650" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2706.105925][   T28] audit: type=1400 audit(2000001584.341:120691): avc:  denied  { prog_load } for  pid=3663 comm="syz.6.10650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2706.134076][   T28] audit: type=1400 audit(2000001584.341:120692): avc:  denied  { bpf } for  pid=3663 comm="syz.6.10650" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2706.154998][   T28] audit: type=1400 audit(2000001584.341:120693): avc:  denied  { bpf } for  pid=3663 comm="syz.6.10650" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2706.262992][  T339] usb 6-1: Using ep0 maxpacket: 16
[ 2706.274972][  T339] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2706.297013][  T339] usb 6-1: config 0 has no interfaces?
[ 2706.303821][   T28] audit: type=1400 audit(2000001584.341:120694): avc:  denied  { perfmon } for  pid=3663 comm="syz.6.10650" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2706.327999][  T339] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2706.334196][ T3677] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2706.338768][  T339] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2706.354499][ T3676] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2706.361082][ T3676] audit: audit_lost=1949 audit_rate_limit=0 audit_backlog_limit=64
[ 2706.373163][  T339] usb 6-1: config 0 descriptor??
[ 2706.443628][ T3682] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10655'.
[ 2706.556519][ T3685] fuse: Unknown parameter '0xffffffffffffffff'
[ 2706.577163][ T3685] FAULT_INJECTION: forcing a failure.
[ 2706.577163][ T3685] name failslab, interval 1, probability 0, space 0, times 0
[ 2706.589856][ T3685] CPU: 1 PID: 3685 Comm: syz.3.10651 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2706.601247][ T3685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2706.611319][ T3685] Call Trace:
[ 2706.614613][ T3685]  <TASK>
[ 2706.617552][ T3685]  __dump_stack+0x21/0x24
[ 2706.621900][ T3685]  dump_stack_lvl+0xee/0x150
[ 2706.626509][ T3685]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2706.631554][ T3685]  ? memset+0x35/0x40
[ 2706.635692][ T3685]  dump_stack+0x15/0x24
[ 2706.639868][ T3685]  should_fail_ex+0x3d4/0x520
[ 2706.644570][ T3685]  ? getname_flags+0xb9/0x500
[ 2706.649266][ T3685]  __should_failslab+0xac/0xf0
[ 2706.654044][ T3685]  should_failslab+0x9/0x20
[ 2706.658568][ T3685]  kmem_cache_alloc+0x3b/0x330
[ 2706.663344][ T3685]  getname_flags+0xb9/0x500
[ 2706.667884][ T3685]  __se_sys_newfstatat+0xdf/0x380
[ 2706.672948][ T3685]  ? __x64_sys_newfstatat+0xb0/0xb0
[ 2706.678170][ T3685]  ? release_firmware_map_entry+0x194/0x194
[ 2706.684087][ T3685]  ? finish_task_switch+0x16b/0x7b0
[ 2706.689308][ T3685]  ? __switch_to_asm+0x3a/0x60
[ 2706.694104][ T3685]  ? __kasan_check_read+0x11/0x20
[ 2706.699160][ T3685]  ? irqentry_exit+0x37/0x40
[ 2706.703771][ T3685]  ? sysvec_reschedule_ipi+0x78/0x80
[ 2706.709069][ T3685]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 2706.714727][ T3685]  __x64_sys_newfstatat+0x9b/0xb0
[ 2706.719774][ T3685]  x64_sys_call+0x77c/0x9a0
[ 2706.724300][ T3685]  do_syscall_64+0x4c/0xa0
[ 2706.728751][ T3685]  ? clear_bhb_loop+0x15/0x70
[ 2706.733543][ T3685]  ? clear_bhb_loop+0x15/0x70
[ 2706.738307][ T3685]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2706.744225][ T3685] RIP: 0033:0x7f1db9d8e969
[ 2706.748664][ T3685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2706.768297][ T3685] RSP: 002b:00007f1dbac8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[ 2706.776774][ T3685] RAX: ffffffffffffffda RBX: 00007f1db9fb6160 RCX: 00007f1db9d8e969
[ 2706.784786][ T3685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[ 2706.792787][ T3685] RBP: 00007f1dbac8e090 R08: 0000000000000000 R09: 0000000000000000
[ 2706.800785][ T3685] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[ 2706.808778][ T3685] R13: 0000000000000000 R14: 00007f1db9fb6160 R15: 00007ffc0f223f08
[ 2706.816875][ T3685]  </TASK>
[ 2706.822632][  T339] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 2707.028317][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2707.055976][  T339] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2707.090604][  T339] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2707.132144][  T339] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2707.176158][  T339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2707.218254][  T339] usb 3-1: config 0 descriptor??
[ 2707.379885][ T3695] netlink: 976 bytes leftover after parsing attributes in process `syz.3.10658'.
[ 2707.658555][  T339] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[ 2707.672269][  T339] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[ 2707.692161][  T339] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[ 2707.721260][  T339] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[ 2707.732300][  T339] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[ 2707.747988][  T339] plantronics 0003:047F:FFFF.0041: No inputs registered, leaving
[ 2707.761360][  T339] plantronics 0003:047F:FFFF.0041: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 2708.014131][  T512] usb 3-1: USB disconnect, device number 100
[ 2708.108830][ T3709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10663'.
[ 2708.118441][ T3709] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10663'.
[ 2708.719853][T21732] usb 6-1: USB disconnect, device number 106
[ 2710.066879][ T3761] FAULT_INJECTION: forcing a failure.
[ 2710.066879][ T3761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2710.084618][ T3759] device pim6reg1 entered promiscuous mode
[ 2710.092421][ T3761] CPU: 1 PID: 3761 Comm: syz.6.10676 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2710.103828][ T3761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2710.113902][ T3761] Call Trace:
[ 2710.117198][ T3761]  <TASK>
[ 2710.120170][ T3761]  __dump_stack+0x21/0x24
[ 2710.124533][ T3761]  dump_stack_lvl+0xee/0x150
[ 2710.129154][ T3761]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2710.134208][ T3761]  dump_stack+0x15/0x24
[ 2710.138383][ T3761]  should_fail_ex+0x3d4/0x520
[ 2710.143079][ T3761]  should_fail+0xb/0x10
[ 2710.147250][ T3761]  should_fail_usercopy+0x1a/0x20
[ 2710.152287][ T3761]  _copy_from_user+0x1e/0xc0
[ 2710.156892][ T3761]  ___sys_sendmsg+0x155/0x290
[ 2710.161597][ T3761]  ? __sys_sendmsg+0x270/0x270
[ 2710.166393][ T3761]  ? kstrtouint+0x74/0xe0
[ 2710.170754][ T3761]  ? __fdget+0x19c/0x220
[ 2710.175019][ T3761]  __sys_sendmmsg+0x274/0x460
[ 2710.179716][ T3761]  ? slab_free_freelist_hook+0xc2/0x190
[ 2710.185281][ T3761]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 2710.190520][ T3761]  ? __cfi_ksys_write+0x10/0x10
[ 2710.195398][ T3761]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2710.200274][ T3761]  x64_sys_call+0x3f5/0x9a0
[ 2710.204840][ T3761]  do_syscall_64+0x4c/0xa0
[ 2710.209292][ T3761]  ? clear_bhb_loop+0x15/0x70
[ 2710.213988][ T3761]  ? clear_bhb_loop+0x15/0x70
[ 2710.218765][ T3761]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2710.224690][ T3761] RIP: 0033:0x7fdc2b78e969
[ 2710.229129][ T3761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2710.248759][ T3761] RSP: 002b:00007fdc2c6a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2710.257200][ T3761] RAX: ffffffffffffffda RBX: 00007fdc2b9b6080 RCX: 00007fdc2b78e969
[ 2710.265197][ T3761] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003
[ 2710.273189][ T3761] RBP: 00007fdc2c6a8090 R08: 0000000000000000 R09: 0000000000000000
[ 2710.281181][ T3761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2710.289171][ T3761] R13: 0000000000000001 R14: 00007fdc2b9b6080 R15: 00007ffeee145388
[ 2710.297186][ T3761]  </TASK>
[ 2710.492153][ T3767] device pim6reg1 entered promiscuous mode
[ 2710.576672][ T3770] FAULT_INJECTION: forcing a failure.
[ 2710.576672][ T3770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2710.596605][ T3770] CPU: 0 PID: 3770 Comm: syz.3.10681 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2710.608116][ T3770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2710.618191][ T3770] Call Trace:
[ 2710.621586][ T3770]  <TASK>
[ 2710.624548][ T3770]  __dump_stack+0x21/0x24
[ 2710.628925][ T3770]  dump_stack_lvl+0xee/0x150
[ 2710.633543][ T3770]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2710.638602][ T3770]  dump_stack+0x15/0x24
[ 2710.642785][ T3770]  should_fail_ex+0x3d4/0x520
[ 2710.647487][ T3770]  should_fail+0xb/0x10
[ 2710.651664][ T3770]  should_fail_usercopy+0x1a/0x20
[ 2710.656710][ T3770]  _copy_from_user+0x1e/0xc0
[ 2710.661335][ T3770]  __sys_sendto+0x2c0/0x5e0
[ 2710.665867][ T3770]  ? slab_free_freelist_hook+0xc2/0x190
[ 2710.671444][ T3770]  ? __cfi___sys_sendto+0x10/0x10
[ 2710.676501][ T3770]  ? ksys_write+0x1eb/0x240
[ 2710.681037][ T3770]  ? __cfi_ksys_write+0x10/0x10
[ 2710.685920][ T3770]  __x64_sys_sendto+0xe5/0x100
[ 2710.690718][ T3770]  x64_sys_call+0x83/0x9a0
[ 2710.695185][ T3770]  do_syscall_64+0x4c/0xa0
[ 2710.699634][ T3770]  ? clear_bhb_loop+0x15/0x70
[ 2710.704336][ T3770]  ? clear_bhb_loop+0x15/0x70
[ 2710.709033][ T3770]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2710.714969][ T3770] RIP: 0033:0x7f1db9d8e969
[ 2710.719405][ T3770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2710.739027][ T3770] RSP: 002b:00007f1dbacd0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 2710.747463][ T3770] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2710.755456][ T3770] RDX: 00000000000005c4 RSI: 0000000000000000 RDI: 0000000000000007
[ 2710.763443][ T3770] RBP: 00007f1dbacd0090 R08: 0000200000000540 R09: 000000000000001c
[ 2710.771437][ T3770] R10: 000000000404c844 R11: 0000000000000246 R12: 0000000000000001
[ 2710.779431][ T3770] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2710.787432][ T3770]  </TASK>
[ 2711.037457][   T28] kauditd_printk_skb: 1151 callbacks suppressed
[ 2711.037475][   T28] audit: type=1400 audit(2000001589.341:121843): avc:  denied  { bpf } for  pid=3780 comm="syz.1.10686" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2711.139355][   T28] audit: type=1400 audit(2000001589.341:121844): avc:  denied  { perfmon } for  pid=3780 comm="syz.1.10686" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2711.191681][   T28] audit: type=1400 audit(2000001589.341:121845): avc:  denied  { perfmon } for  pid=3780 comm="syz.1.10686" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2711.294861][ T3790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10690'.
[ 2711.301323][   T28] audit: type=1400 audit(2000001589.341:121846): avc:  denied  { perfmon } for  pid=3780 comm="syz.1.10686" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2711.324251][ T3790] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2711.334251][ T3793] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2711.340791][ T3793] audit: audit_lost=1951 audit_rate_limit=0 audit_backlog_limit=64
[ 2711.354866][ T3790] audit: audit_lost=1952 audit_rate_limit=0 audit_backlog_limit=64
[ 2711.363684][ T3796] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2711.370217][ T3796] audit: audit_lost=1953 audit_rate_limit=0 audit_backlog_limit=64
[ 2714.545564][ T3849] xt_hashlimit: size too large, truncated to 1048576
[ 2714.602646][ T3850] FAULT_INJECTION: forcing a failure.
[ 2714.602646][ T3850] name failslab, interval 1, probability 0, space 0, times 0
[ 2714.617799][ T3850] CPU: 0 PID: 3850 Comm: syz.2.10710 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2714.629221][ T3850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2714.639306][ T3850] Call Trace:
[ 2714.642636][ T3850]  <TASK>
[ 2714.645642][ T3850]  __dump_stack+0x21/0x24
[ 2714.650009][ T3850]  dump_stack_lvl+0xee/0x150
[ 2714.654642][ T3850]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2714.659712][ T3850]  ? __cfi_vfs_write+0x10/0x10
[ 2714.664510][ T3850]  dump_stack+0x15/0x24
[ 2714.668688][ T3850]  should_fail_ex+0x3d4/0x520
[ 2714.673387][ T3850]  ? getname_flags+0xb9/0x500
[ 2714.678104][ T3850]  __should_failslab+0xac/0xf0
[ 2714.682891][ T3850]  should_failslab+0x9/0x20
[ 2714.687423][ T3850]  kmem_cache_alloc+0x3b/0x330
[ 2714.692212][ T3850]  getname_flags+0xb9/0x500
[ 2714.696746][ T3850]  getname_uflags+0x26/0x30
[ 2714.701293][ T3850]  __x64_sys_execveat+0xb6/0xf0
[ 2714.706160][ T3850]  x64_sys_call+0x5d8/0x9a0
[ 2714.710665][ T3850]  do_syscall_64+0x4c/0xa0
[ 2714.715086][ T3850]  ? clear_bhb_loop+0x15/0x70
[ 2714.719760][ T3850]  ? clear_bhb_loop+0x15/0x70
[ 2714.724441][ T3850]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2714.730343][ T3850] RIP: 0033:0x7f15ded8e969
[ 2714.734760][ T3850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2714.754377][ T3850] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[ 2714.762801][ T3850] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2714.770908][ T3850] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 2714.778894][ T3850] RBP: 00007f15dfb9c090 R08: 0000000000001000 R09: 0000000000000000
[ 2714.786874][ T3850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2714.794849][ T3850] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2714.802913][ T3850]  </TASK>
[ 2715.087333][ T3852] FAULT_INJECTION: forcing a failure.
[ 2715.087333][ T3852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2715.100470][ T3852] CPU: 1 PID: 3852 Comm: syz.6.10711 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2715.111861][ T3852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2715.121939][ T3852] Call Trace:
[ 2715.125248][ T3852]  <TASK>
[ 2715.128198][ T3852]  __dump_stack+0x21/0x24
[ 2715.132539][ T3852]  dump_stack_lvl+0xee/0x150
[ 2715.137140][ T3852]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2715.142170][ T3852]  ? _parse_integer+0x2a/0x40
[ 2715.146850][ T3852]  dump_stack+0x15/0x24
[ 2715.151014][ T3852]  should_fail_ex+0x3d4/0x520
[ 2715.155689][ T3852]  should_fail+0xb/0x10
[ 2715.159845][ T3852]  should_fail_usercopy+0x1a/0x20
[ 2715.165002][ T3852]  _copy_from_user+0x1e/0xc0
[ 2715.169593][ T3852]  ___sys_sendmsg+0x155/0x290
[ 2715.174278][ T3852]  ? __sys_sendmsg+0x270/0x270
[ 2715.179059][ T3852]  ? __kasan_check_write+0x14/0x20
[ 2715.184281][ T3852]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2715.189581][ T3852]  ? vfs_write+0x9d6/0xca0
[ 2715.194029][ T3852]  ? __fdget+0x19c/0x220
[ 2715.198285][ T3852]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2715.203233][ T3852]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2715.208799][ T3852]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2715.214874][ T3852]  x64_sys_call+0x171/0x9a0
[ 2715.219381][ T3852]  do_syscall_64+0x4c/0xa0
[ 2715.223799][ T3852]  ? clear_bhb_loop+0x15/0x70
[ 2715.228491][ T3852]  ? clear_bhb_loop+0x15/0x70
[ 2715.233163][ T3852]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2715.239060][ T3852] RIP: 0033:0x7fdc2b78e969
[ 2715.243472][ T3852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2715.263073][ T3852] RSP: 002b:00007fdc2c6c9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2715.271490][ T3852] RAX: ffffffffffffffda RBX: 00007fdc2b9b5fa0 RCX: 00007fdc2b78e969
[ 2715.279462][ T3852] RDX: 0000000000000010 RSI: 0000200000000380 RDI: 0000000000000007
[ 2715.287428][ T3852] RBP: 00007fdc2c6c9090 R08: 0000000000000000 R09: 0000000000000000
[ 2715.295396][ T3852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2715.303361][ T3852] R13: 0000000000000000 R14: 00007fdc2b9b5fa0 R15: 00007ffeee145388
[ 2715.311339][ T3852]  </TASK>
[ 2715.595973][ T3864] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10713'.
[ 2715.666198][ T3870] netlink: 'syz.1.10715': attribute type 9 has an invalid length.
[ 2715.841121][ T3873] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=41111 sclass=netlink_route_socket pid=3873 comm=syz.2.10716
[ 2716.047103][   T28] kauditd_printk_skb: 733 callbacks suppressed
[ 2716.047121][   T28] audit: type=1400 audit(2000001594.351:122577): avc:  denied  { bpf } for  pid=3880 comm="syz.1.10718" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2716.387944][ T3884] overlayfs: statfs failed on './file0'
[ 2716.421273][   T28] audit: type=1400 audit(2000001594.351:122578): avc:  denied  { map_create } for  pid=3880 comm="syz.1.10718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2716.441858][   T28] audit: type=1400 audit(2000001594.351:122579): avc:  denied  { bpf } for  pid=3880 comm="syz.1.10718" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2716.469570][ T3881] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2716.476681][ T3881] audit: audit_lost=1954 audit_rate_limit=0 audit_backlog_limit=64
[ 2716.482102][   T28] audit: type=1400 audit(2000001594.351:122580): avc:  denied  { map_read map_write } for  pid=3880 comm="syz.1.10718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2716.484643][ T3881] audit: backlog limit exceeded
[ 2716.511739][ T3887] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2716.518829][ T3887] audit: audit_lost=1955 audit_rate_limit=0 audit_backlog_limit=64
[ 2716.527185][ T3887] audit: backlog limit exceeded
[ 2721.053234][   T28] kauditd_printk_skb: 250 callbacks suppressed
[ 2721.053251][   T28] audit: type=1400 audit(2000001599.361:122819): avc:  denied  { bpf } for  pid=3911 comm="syz.3.10729" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2721.092509][ T3912] FAULT_INJECTION: forcing a failure.
[ 2721.092509][ T3912] name failslab, interval 1, probability 0, space 0, times 0
[ 2721.135378][ T3912] CPU: 1 PID: 3912 Comm: syz.3.10729 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2721.146969][ T3912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2721.157044][ T3912] Call Trace:
[ 2721.160337][ T3912]  <TASK>
[ 2721.163327][ T3912]  __dump_stack+0x21/0x24
[ 2721.167682][ T3912]  dump_stack_lvl+0xee/0x150
[ 2721.172289][ T3912]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2721.177335][ T3912]  ? __kasan_check_write+0x14/0x20
[ 2721.182559][ T3912]  dump_stack+0x15/0x24
[ 2721.186749][ T3912]  should_fail_ex+0x3d4/0x520
[ 2721.191445][ T3912]  ? getname_flags+0xb9/0x500
[ 2721.196141][ T3912]  __should_failslab+0xac/0xf0
[ 2721.200923][ T3912]  should_failslab+0x9/0x20
[ 2721.205451][ T3912]  kmem_cache_alloc+0x3b/0x330
[ 2721.210238][ T3912]  getname_flags+0xb9/0x500
[ 2721.214769][ T3912]  getname+0x19/0x20
[ 2721.218702][ T3912]  do_sys_openat2+0xcb/0x7e0
[ 2721.223312][ T3912]  ? __kasan_check_write+0x14/0x20
[ 2721.228456][ T3912]  ? do_sys_open+0xe0/0xe0
[ 2721.232889][ T3912]  ? ksys_write+0x1eb/0x240
[ 2721.237421][ T3912]  ? __cfi_ksys_write+0x10/0x10
[ 2721.242296][ T3912]  __x64_sys_openat+0x136/0x160
[ 2721.247172][ T3912]  x64_sys_call+0x783/0x9a0
[ 2721.250276][   T28] audit: type=1400 audit(2000001599.391:122820): avc:  denied  { bpf } for  pid=3908 comm="syz.1.10727" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2721.251697][ T3912]  do_syscall_64+0x4c/0xa0
[ 2721.251733][ T3912]  ? clear_bhb_loop+0x15/0x70
[ 2721.251753][ T3912]  ? clear_bhb_loop+0x15/0x70
[ 2721.251773][ T3912]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2721.251803][ T3912] RIP: 0033:0x7f1db9d8e969
[ 2721.251821][ T3912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2721.251839][ T3912] RSP: 002b:00007f1dbacd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2721.251863][ T3912] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2721.251879][ T3912] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 2721.251895][ T3912] RBP: 00007f1dbacd0090 R08: 0000000000000000 R09: 0000000000000000
[ 2721.251908][ T3912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2721.251921][ T3912] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2721.273080][   T28] audit: type=1400 audit(2000001599.391:122821): avc:  denied  { prog_load } for  pid=3908 comm="syz.1.10727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2721.277075][ T3912]  </TASK>
[ 2721.281764][   T28] audit: type=1400 audit(2000001599.411:122822): avc:  denied  { bpf } for  pid=3908 comm="syz.1.10727" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2721.471290][   T28] audit: type=1400 audit(2000001599.411:122823): avc:  denied  { map_create } for  pid=3908 comm="syz.1.10727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2721.491698][   T28] audit: type=1400 audit(2000001599.411:122824): avc:  denied  { bpf } for  pid=3908 comm="syz.1.10727" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2721.535870][   T28] audit: type=1400 audit(2000001599.421:122825): avc:  denied  { prog_load } for  pid=3908 comm="syz.1.10727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2721.551124][ T3918] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2721.608292][ T3922] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2721.614942][ T3922] audit: audit_lost=1960 audit_rate_limit=0 audit_backlog_limit=64
[ 2721.822923][  T512] usb 7-1: new high-speed USB device number 71 using dummy_hcd
[ 2722.102772][  T512] usb 7-1: Using ep0 maxpacket: 16
[ 2722.134452][  T512] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2722.294043][  T512] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2722.415731][  T512] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2722.443880][  T512] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2722.754137][  T512] usb 7-1: config 0 descriptor??
[ 2723.725216][ T3958] device wg2 entered promiscuous mode
[ 2723.725412][  T512] usbhid 7-1:0.0: can't add hid device: -71
[ 2723.745159][  T512] usbhid: probe of 7-1:0.0 failed with error -71
[ 2723.765352][  T512] usb 7-1: USB disconnect, device number 71
[ 2723.843391][ T3964] device wg2 entered promiscuous mode
[ 2726.375894][   T28] kauditd_printk_skb: 584 callbacks suppressed
[ 2726.376134][   T28] audit: type=1400 audit(2000001602.601:123368): avc:  denied  { bpf } for  pid=3959 comm="syz.1.10747" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2726.557994][   T28] audit: type=1400 audit(2000001602.951:123369): avc:  denied  { bpf } for  pid=3959 comm="syz.1.10747" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2726.582413][   T28] audit: type=1400 audit(2000001602.951:123370): avc:  denied  { prog_load } for  pid=3959 comm="syz.1.10747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2726.602944][   T28] audit: type=1400 audit(2000001602.951:123371): avc:  denied  { bpf } for  pid=3959 comm="syz.1.10747" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2726.642820][   T28] audit: type=1400 audit(2000001602.951:123372): avc:  denied  { bpf } for  pid=3959 comm="syz.1.10747" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2726.716851][ T3977] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2726.733527][ T3975] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2726.740309][ T3978] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2726.747467][ T3973] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2726.764724][ T3979] FAULT_INJECTION: forcing a failure.
[ 2726.764724][ T3979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2726.779777][ T3982] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2726.874947][ T3979] CPU: 0 PID: 3979 Comm: syz.2.10751 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2726.886382][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2726.896548][ T3979] Call Trace:
[ 2726.899842][ T3979]  <TASK>
[ 2726.902786][ T3979]  __dump_stack+0x21/0x24
[ 2726.907147][ T3979]  dump_stack_lvl+0xee/0x150
[ 2726.911769][ T3979]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2726.916815][ T3979]  ? _parse_integer+0x2a/0x40
[ 2726.921517][ T3979]  dump_stack+0x15/0x24
[ 2726.925699][ T3979]  should_fail_ex+0x3d4/0x520
[ 2726.930399][ T3979]  should_fail+0xb/0x10
[ 2726.934572][ T3979]  should_fail_usercopy+0x1a/0x20
[ 2726.939620][ T3979]  _copy_from_user+0x1e/0xc0
[ 2726.944225][ T3979]  ___sys_sendmsg+0x155/0x290
[ 2726.948939][ T3979]  ? __sys_sendmsg+0x270/0x270
[ 2726.953730][ T3979]  ? __kasan_check_write+0x14/0x20
[ 2726.958869][ T3979]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2726.964187][ T3979]  ? vfs_write+0x9d6/0xca0
[ 2726.968636][ T3979]  ? __fdget+0x19c/0x220
[ 2726.972903][ T3979]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2726.977901][ T3979]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2726.983397][ T3979]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2726.989489][ T3979]  x64_sys_call+0x171/0x9a0
[ 2726.994014][ T3979]  do_syscall_64+0x4c/0xa0
[ 2726.998465][ T3979]  ? clear_bhb_loop+0x15/0x70
[ 2727.003172][ T3979]  ? clear_bhb_loop+0x15/0x70
[ 2727.007865][ T3979]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2727.013789][ T3979] RIP: 0033:0x7f15ded8e969
[ 2727.018224][ T3979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2727.037897][ T3979] RSP: 002b:00007f15dfb7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2727.046333][ T3979] RAX: ffffffffffffffda RBX: 00007f15defb6080 RCX: 00007f15ded8e969
[ 2727.054321][ T3979] RDX: 0000000020000000 RSI: 0000200000001940 RDI: 0000000000000006
[ 2727.062307][ T3979] RBP: 00007f15dfb7b090 R08: 0000000000000000 R09: 0000000000000000
[ 2727.070293][ T3979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2727.078282][ T3979] R13: 0000000000000000 R14: 00007f15defb6080 R15: 00007ffc130b80e8
[ 2727.086277][ T3979]  </TASK>
[ 2727.177643][ T3975] device wg2 entered promiscuous mode
[ 2728.168880][ T4002] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10759'.
[ 2728.756972][ T4015] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10764'.
[ 2728.827204][ T4019] syz.6.10766[4019] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2728.875721][ T4018] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10765'.
[ 2728.881867][ T4019] tmpfs: Unknown parameter './file0'
[ 2728.969369][ T4023] netlink: 88 bytes leftover after parsing attributes in process `syz.2.10767'.
[ 2729.592596][  T512] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[ 2729.801307][  T512] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2729.819605][  T512] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2729.841643][  T512] usb 6-1: New USB device found, idVendor=172f, idProduct=0502, bcdDevice= 0.00
[ 2729.862277][  T512] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2729.884324][  T512] usb 6-1: config 0 descriptor??
[ 2730.313668][  T512] waltop 0003:172F:0502.0042: hidraw0: USB HID v0.00 Device [HID 172f:0502] on usb-dummy_hcd.5-1/input0
[ 2730.545240][ T2313] usb 6-1: USB disconnect, device number 107
[ 2731.543477][   T28] kauditd_printk_skb: 1260 callbacks suppressed
[ 2731.543499][   T28] audit: type=1400 audit(2000001609.591:124536): avc:  denied  { bpf } for  pid=4065 comm="syz.3.10781" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2731.636921][   T28] audit: type=1400 audit(2000001609.601:124537): avc:  denied  { map_create } for  pid=4065 comm="syz.3.10781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2731.657394][   T28] audit: type=1400 audit(2000001609.621:124538): avc:  denied  { bpf } for  pid=4065 comm="syz.3.10781" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2731.684421][   T28] audit: type=1400 audit(2000001609.621:124539): avc:  denied  { prog_load } for  pid=4065 comm="syz.3.10781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2731.738630][   T28] audit: type=1400 audit(2000001609.621:124540): avc:  denied  { bpf } for  pid=4065 comm="syz.3.10781" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2731.804747][ T4079] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2731.811324][ T4079] audit: audit_lost=2009 audit_rate_limit=0 audit_backlog_limit=64
[ 2731.822605][ T4079] audit: backlog limit exceeded
[ 2731.833728][   T28] audit: type=1400 audit(2000001609.631:124541): avc:  denied  { bpf } for  pid=4065 comm="syz.3.10781" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2731.862062][   T28] audit: type=1400 audit(2000001609.631:124542): avc:  denied  { perfmon } for  pid=4065 comm="syz.3.10781" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2731.970676][ T4088] device pim6reg1 entered promiscuous mode
[ 2732.779759][ T4112] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10795'.
[ 2732.979296][ T4117] 9pnet_fd: Insufficient options for proto=fd
[ 2735.042107][  T512] usb 6-1: new high-speed USB device number 108 using dummy_hcd
[ 2735.316277][  T512] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2735.333122][  T512] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2735.346529][ T4158] FAULT_INJECTION: forcing a failure.
[ 2735.346529][ T4158] name failslab, interval 1, probability 0, space 0, times 0
[ 2735.411761][  T512] usb 6-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 2735.418355][ T4158] CPU: 0 PID: 4158 Comm: syz.1.10809 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2735.432296][ T4158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2735.442377][ T4158] Call Trace:
[ 2735.445674][ T4158]  <TASK>
[ 2735.448624][ T4158]  __dump_stack+0x21/0x24
[ 2735.452980][ T4158]  dump_stack_lvl+0xee/0x150
[ 2735.457767][ T4158]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2735.459876][  T512] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2735.462813][ T4158]  ? stack_trace_save+0x98/0xe0
[ 2735.462842][ T4158]  dump_stack+0x15/0x24
[ 2735.479822][ T4158]  should_fail_ex+0x3d4/0x520
[ 2735.484525][ T4158]  __should_failslab+0xac/0xf0
[ 2735.489325][ T4158]  should_failslab+0x9/0x20
[ 2735.493858][ T4158]  kmem_cache_alloc_node+0x42/0x340
[ 2735.499082][ T4158]  ? dup_task_struct+0x5a/0x770
[ 2735.503963][ T4158]  dup_task_struct+0x5a/0x770
[ 2735.508684][ T4158]  ? __kasan_check_write+0x14/0x20
[ 2735.515053][ T4158]  ? recalc_sigpending+0x168/0x1c0
[ 2735.520196][ T4158]  copy_process+0x5ac/0x3470
[ 2735.524825][ T4158]  ? __cfi_kstrtouint_from_user+0x10/0x10
[ 2735.525024][  T512] usb 6-1: config 0 descriptor??
[ 2735.530573][ T4158]  ? __kasan_check_write+0x14/0x20
[ 2735.530607][ T4158]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2735.545938][ T4158]  ? idle_dummy+0x10/0x10
[ 2735.550323][ T4158]  kernel_clone+0x23a/0x810
[ 2735.554856][ T4158]  ? __cfi_kernel_clone+0x10/0x10
[ 2735.559907][ T4158]  ? __kasan_check_write+0x14/0x20
[ 2735.565143][ T4158]  ? mutex_unlock+0x89/0x220
[ 2735.569903][ T4158]  __x64_sys_clone+0x168/0x1b0
[ 2735.574768][ T4158]  ? __cfi___x64_sys_clone+0x10/0x10
[ 2735.580098][ T4158]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2735.586198][ T4158]  x64_sys_call+0x990/0x9a0
[ 2735.590732][ T4158]  do_syscall_64+0x4c/0xa0
[ 2735.595201][ T4158]  ? clear_bhb_loop+0x15/0x70
[ 2735.599898][ T4158]  ? clear_bhb_loop+0x15/0x70
[ 2735.604602][ T4158]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2735.610528][ T4158] RIP: 0033:0x7f3488f8e969
[ 2735.615051][ T4158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2735.634888][ T4158] RSP: 002b:00007f3489ea1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2735.643938][ T4158] RAX: ffffffffffffffda RBX: 00007f34891b5fa0 RCX: 00007f3488f8e969
[ 2735.651939][ T4158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2735.660269][ T4158] RBP: 00007f3489ea2090 R08: 0000000000000000 R09: 0000000000000000
[ 2735.668264][ T4158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2735.676362][ T4158] R13: 0000000000000000 R14: 00007f34891b5fa0 R15: 00007ffdb1991108
[ 2735.684465][ T4158]  </TASK>
[ 2736.301566][ T4180] 9pnet_fd: Insufficient options for proto=fd
[ 2736.992816][   T28] kauditd_printk_skb: 1298 callbacks suppressed
[ 2736.992859][   T28] audit: type=1400 audit(2000001615.021:125781): avc:  denied  { bpf } for  pid=4181 comm="syz.1.10818" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2737.042915][T26519] usb 7-1: new high-speed USB device number 72 using dummy_hcd
[ 2737.070598][   T28] audit: type=1400 audit(2000001615.121:125782): avc:  denied  { bpf } for  pid=4181 comm="syz.1.10818" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2737.091749][   T28] audit: type=1400 audit(2000001615.211:125783): avc:  denied  { bpf } for  pid=4181 comm="syz.1.10818" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2737.112725][   T28] audit: type=1400 audit(2000001615.221:125784): avc:  denied  { bpf } for  pid=4181 comm="syz.1.10818" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2737.144836][  T512] usbhid 6-1:0.0: can't add hid device: -71
[ 2737.150951][  T512] usbhid: probe of 6-1:0.0 failed with error -71
[ 2737.158646][   T28] audit: type=1400 audit(2000001615.221:125785): avc:  denied  { bpf } for  pid=4181 comm="syz.1.10818" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2737.164662][  T512] usb 6-1: USB disconnect, device number 108
[ 2737.221472][   T28] audit: type=1400 audit(2000001615.221:125786): avc:  denied  { prog_load } for  pid=4181 comm="syz.1.10818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2737.271431][ T4188] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2737.276207][ T4186] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2737.284636][ T4186] audit: audit_lost=2030 audit_rate_limit=0 audit_backlog_limit=64
[ 2737.292596][ T4186] audit: backlog limit exceeded
[ 2737.315592][ T4188] x_tables: duplicate underflow at hook 2
[ 2737.427132][T26519] usb 7-1: Using ep0 maxpacket: 16
[ 2737.436532][T26519] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2737.462618][T26519] usb 7-1: config 0 has no interfaces?
[ 2737.468151][T26519] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2737.492608][T26519] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2737.507593][T26519] usb 7-1: config 0 descriptor??
[ 2737.952734][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2739.517451][ T4212] netlink: 'syz.1.10824': attribute type 27 has an invalid length.
[ 2739.612021][ T4212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2739.619285][ T4212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2739.685991][ T4212] device wg2 left promiscuous mode
[ 2739.784994][ T4212] device ip6erspan0 left promiscuous mode
[ 2739.814345][ T4214] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 2739.844636][ T4214] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2739.851787][ T4214] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2739.873524][ T4214] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2739.880618][ T4214] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2739.912068][ T4214] device veth0_vlan left promiscuous mode
[ 2739.933159][ T4214] device veth0_vlan entered promiscuous mode
[ 2739.940932][ T4214] device veth1_macvtap left promiscuous mode
[ 2739.969829][ T4214] device veth1_macvtap entered promiscuous mode
[ 2739.990830][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2740.003147][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2740.028090][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2740.042207][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2740.052127][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2740.061473][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2740.071009][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2740.080105][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2740.089394][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2740.099136][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2740.113337][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2740.121850][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 2740.142992][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 2740.151301][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 2740.160735][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 2740.170016][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 2740.179136][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2740.188378][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 2740.197546][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 2740.208784][ T4217] netem: change failed
[ 2740.255416][T26519] usb 4-1: new full-speed USB device number 85 using dummy_hcd
[ 2740.265536][  T512] usb 7-1: USB disconnect, device number 72
[ 2740.279045][ T4223] netlink: 'syz.3.10829': attribute type 3 has an invalid length.
[ 2740.473635][T26519] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2740.490063][T26519] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2740.505029][T26519] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2740.522595][T26519] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2740.530626][T26519] usb 4-1: Product: syz
[ 2740.533268][ T4237] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10834'.
[ 2740.547304][T26519] usb 4-1: Manufacturer: syz
[ 2740.551935][T26519] usb 4-1: SerialNumber: syz
[ 2740.832609][  T512] usb 7-1: new high-speed USB device number 73 using dummy_hcd
[ 2740.914585][ T4243] device pim6reg1 entered promiscuous mode
[ 2741.096969][  T512] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[ 2741.124569][  T512] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2741.163773][  T512] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2741.203517][  T512] usb 7-1: Product: syz
[ 2741.214533][  T512] usb 7-1: Manufacturer: syz
[ 2741.219221][  T512] usb 7-1: SerialNumber: syz
[ 2741.258616][ T4223] block device autoloading is deprecated and will be removed.
[ 2741.444434][ T4231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2741.470450][ T4231] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2741.568446][ T4248] device pim6reg1 entered promiscuous mode
[ 2741.579767][T26519] usb 4-1: cannot find UAC_HEADER
[ 2741.598757][T26519] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[ 2741.613635][T26519] usb 4-1: USB disconnect, device number 85
[ 2741.751914][  T512] cdc_ncm 7-1:1.0: bind() failure
[ 2741.757906][  T512] cdc_ncm: probe of 7-1:1.1 failed with error -71
[ 2741.764772][  T512] cdc_mbim: probe of 7-1:1.1 failed with error -71
[ 2741.772261][  T512] usb 7-1: USB disconnect, device number 73
[ 2742.140373][   T28] kauditd_printk_skb: 741 callbacks suppressed
[ 2742.140390][   T28] audit: type=1400 audit(2000001620.441:126502): avc:  denied  { unlink } for  pid=28702 comm="syz-executor" name="file0" dev="tmpfs" ino=2860 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2742.201199][   T28] audit: type=1400 audit(2000001620.491:126503): avc:  denied  { read write } for  pid=4258 comm="syz.3.10841" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.225332][   T28] audit: type=1400 audit(2000001620.491:126504): avc:  denied  { read write open } for  pid=4258 comm="syz.3.10841" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.250591][   T28] audit: type=1400 audit(2000001620.491:126505): avc:  denied  { ioctl } for  pid=4258 comm="syz.3.10841" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.297288][   T28] audit: type=1400 audit(2000001620.501:126506): avc:  denied  { ioctl } for  pid=4258 comm="syz.3.10841" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.323100][   T28] audit: type=1400 audit(2000001620.501:126507): avc:  denied  { ioctl } for  pid=4258 comm="syz.3.10841" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.348801][   T28] audit: type=1400 audit(2000001620.501:126508): avc:  denied  { ioctl } for  pid=4258 comm="syz.3.10841" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2742.413250][   T28] audit: type=1400 audit(2000001620.721:126509): avc:  denied  { bpf } for  pid=4260 comm="syz.6.10842" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2742.462659][   T28] audit: type=1400 audit(2000001620.721:126510): avc:  denied  { prog_load } for  pid=4260 comm="syz.6.10842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2742.502620][   T28] audit: type=1400 audit(2000001620.721:126511): avc:  denied  { bpf } for  pid=4260 comm="syz.6.10842" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2742.512755][  T512] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 2743.429863][T29255] Bluetooth: hci0: command 0x1003 tx timeout
[ 2743.443309][  T868] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2743.532650][  T512] usb 4-1: Using ep0 maxpacket: 16
[ 2743.541426][  T512] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2743.552200][  T512] usb 4-1: config 0 has no interfaces?
[ 2743.557828][  T512] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 2743.566980][  T512] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2743.585139][  T512] usb 4-1: config 0 descriptor??
[ 2743.764001][ T4270] FAULT_INJECTION: forcing a failure.
[ 2743.764001][ T4270] name failslab, interval 1, probability 0, space 0, times 0
[ 2743.776640][ T4270] CPU: 1 PID: 4270 Comm: syz.2.10845 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2743.788029][ T4270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2743.798099][ T4270] Call Trace:
[ 2743.801386][ T4270]  <TASK>
[ 2743.804325][ T4270]  __dump_stack+0x21/0x24
[ 2743.808673][ T4270]  dump_stack_lvl+0xee/0x150
[ 2743.813276][ T4270]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2743.818314][ T4270]  ? try_to_wake_up+0x613/0x1220
[ 2743.823265][ T4270]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2743.828747][ T4270]  dump_stack+0x15/0x24
[ 2743.832933][ T4270]  should_fail_ex+0x3d4/0x520
[ 2743.837649][ T4270]  __should_failslab+0xac/0xf0
[ 2743.842424][ T4270]  ? ref_tracker_alloc+0x139/0x430
[ 2743.847551][ T4270]  should_failslab+0x9/0x20
[ 2743.852073][ T4270]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2743.857470][ T4270]  ? ref_tracker_alloc+0x139/0x430
[ 2743.862602][ T4270]  kmalloc_trace+0x29/0xb0
[ 2743.867035][ T4270]  ref_tracker_alloc+0x139/0x430
[ 2743.871993][ T4270]  ? __cfi_ref_tracker_alloc+0x10/0x10
[ 2743.877470][ T4270]  ? __kasan_check_read+0x11/0x20
[ 2743.882514][ T4270]  ? linkwatch_urgent_event+0x66/0x430
[ 2743.887984][ T4270]  linkwatch_fire_event+0x1d2/0x240
[ 2743.893203][ T4270]  netif_carrier_off+0x9c/0xc0
[ 2743.897984][ T4270]  __tun_detach+0xc1c/0x1460
[ 2743.902593][ T4270]  ? __cfi_mutex_lock+0x10/0x10
[ 2743.907468][ T4270]  tun_chr_close+0x92/0x140
[ 2743.911998][ T4270]  ? __cfi_tun_chr_close+0x10/0x10
[ 2743.917127][ T4270]  __fput+0x1fc/0x8f0
[ 2743.921121][ T4270]  ____fput+0x15/0x20
[ 2743.925116][ T4270]  task_work_run+0x1db/0x240
[ 2743.929812][ T4270]  ? __cfi_task_work_run+0x10/0x10
[ 2743.934936][ T4270]  ? filp_close+0x111/0x160
[ 2743.939454][ T4270]  exit_to_user_mode_loop+0x9b/0xb0
[ 2743.944664][ T4270]  exit_to_user_mode_prepare+0x5a/0xa0
[ 2743.950147][ T4270]  syscall_exit_to_user_mode+0x1a/0x30
[ 2743.955631][ T4270]  do_syscall_64+0x58/0xa0
[ 2743.960076][ T4270]  ? clear_bhb_loop+0x15/0x70
[ 2743.964765][ T4270]  ? clear_bhb_loop+0x15/0x70
[ 2743.969462][ T4270]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2743.975376][ T4270] RIP: 0033:0x7f15ded8e969
[ 2743.979809][ T4270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2743.999424][ T4270] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 2744.007861][ T4270] RAX: 0000000000000000 RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2744.015863][ T4270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 2744.023847][ T4270] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2744.031836][ T4270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2744.039820][ T4270] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2744.047822][ T4270]  </TASK>
[ 2744.824681][ T4274] xt_hashlimit: size too large, truncated to 1048576
[ 2745.498151][T32613] usb 4-1: USB disconnect, device number 86
[ 2745.614106][ T4286] FAULT_INJECTION: forcing a failure.
[ 2745.614106][ T4286] name failslab, interval 1, probability 0, space 0, times 0
[ 2745.643427][ T4286] CPU: 0 PID: 4286 Comm: syz.2.10848 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2745.654860][ T4286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2745.664940][ T4286] Call Trace:
[ 2745.668247][ T4286]  <TASK>
[ 2745.671190][ T4286]  __dump_stack+0x21/0x24
[ 2745.675546][ T4286]  dump_stack_lvl+0xee/0x150
[ 2745.680157][ T4286]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2745.685200][ T4286]  ? __stack_depot_save+0x36/0x480
[ 2745.690338][ T4286]  dump_stack+0x15/0x24
[ 2745.694512][ T4286]  should_fail_ex+0x3d4/0x520
[ 2745.699288][ T4286]  __should_failslab+0xac/0xf0
[ 2745.704063][ T4286]  ? kvmalloc_node+0x294/0x480
[ 2745.708851][ T4286]  should_failslab+0x9/0x20
[ 2745.713381][ T4286]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2745.718778][ T4286]  ? __kasan_check_write+0x14/0x20
[ 2745.723906][ T4286]  ? kvmalloc_node+0x294/0x480
[ 2745.728695][ T4286]  __kmalloc_node+0xa1/0x1e0
[ 2745.733309][ T4286]  kvmalloc_node+0x294/0x480
[ 2745.737920][ T4286]  ? __kasan_check_write+0x14/0x20
[ 2745.743070][ T4286]  ? __cfi_kvmalloc_node+0x10/0x10
[ 2745.748218][ T4286]  file_tty_write+0x2c5/0x890
[ 2745.752933][ T4286]  ? __cfi_n_tty_write+0x10/0x10
[ 2745.757904][ T4286]  tty_write+0x3c/0x50
[ 2745.762002][ T4286]  vfs_write+0x5db/0xca0
[ 2745.766263][ T4286]  ? slab_free_freelist_hook+0xc2/0x190
[ 2745.771838][ T4286]  ? __cfi_vfs_write+0x10/0x10
[ 2745.776631][ T4286]  ? putname+0x111/0x160
[ 2745.780985][ T4286]  ? do_sys_openat2+0x23a/0x7e0
[ 2745.785857][ T4286]  ? __kasan_check_read+0x11/0x20
[ 2745.790913][ T4286]  ? __fdget_pos+0x1f2/0x380
[ 2745.795529][ T4286]  ksys_write+0x140/0x240
[ 2745.799889][ T4286]  ? __cfi_ksys_write+0x10/0x10
[ 2745.804770][ T4286]  ? debug_smp_processor_id+0x17/0x20
[ 2745.810195][ T4286]  __x64_sys_write+0x7b/0x90
[ 2745.814816][ T4286]  x64_sys_call+0x27b/0x9a0
[ 2745.819344][ T4286]  do_syscall_64+0x4c/0xa0
[ 2745.823888][ T4286]  ? clear_bhb_loop+0x15/0x70
[ 2745.828639][ T4286]  ? clear_bhb_loop+0x15/0x70
[ 2745.833335][ T4286]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2745.839356][ T4286] RIP: 0033:0x7f15ded8e969
[ 2745.843788][ T4286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2745.863409][ T4286] RSP: 002b:00007f15dfb7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2745.871854][ T4286] RAX: ffffffffffffffda RBX: 00007f15defb6080 RCX: 00007f15ded8e969
[ 2745.879851][ T4286] RDX: 0000000000001006 RSI: 0000200000002380 RDI: 0000000000000008
[ 2745.887840][ T4286] RBP: 00007f15dfb7b090 R08: 0000000000000000 R09: 0000000000000000
[ 2745.895828][ T4286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2745.903798][ T4286] R13: 0000000000000000 R14: 00007f15defb6080 R15: 00007ffc130b80e8
[ 2745.911789][ T4286]  </TASK>
[ 2745.978340][ T4293] FAULT_INJECTION: forcing a failure.
[ 2745.978340][ T4293] name failslab, interval 1, probability 0, space 0, times 0
[ 2745.994663][ T4293] CPU: 1 PID: 4293 Comm: syz.5.10850 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2746.006422][ T4293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2746.016530][ T4293] Call Trace:
[ 2746.019900][ T4293]  <TASK>
[ 2746.022844][ T4293]  __dump_stack+0x21/0x24
[ 2746.027189][ T4293]  dump_stack_lvl+0xee/0x150
[ 2746.031789][ T4293]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2746.036816][ T4293]  ? stack_trace_save+0x98/0xe0
[ 2746.041697][ T4293]  dump_stack+0x15/0x24
[ 2746.045858][ T4293]  should_fail_ex+0x3d4/0x520
[ 2746.050550][ T4293]  __should_failslab+0xac/0xf0
[ 2746.055329][ T4293]  should_failslab+0x9/0x20
[ 2746.059867][ T4293]  kmem_cache_alloc_node+0x42/0x340
[ 2746.065069][ T4293]  ? dup_task_struct+0x5a/0x770
[ 2746.069934][ T4293]  dup_task_struct+0x5a/0x770
[ 2746.074617][ T4293]  ? __kasan_check_write+0x14/0x20
[ 2746.079728][ T4293]  ? recalc_sigpending+0x168/0x1c0
[ 2746.084841][ T4293]  copy_process+0x5ac/0x3470
[ 2746.089439][ T4293]  ? __cfi_kstrtouint_from_user+0x10/0x10
[ 2746.095162][ T4293]  ? __kasan_check_write+0x14/0x20
[ 2746.100278][ T4293]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2746.105573][ T4293]  ? idle_dummy+0x10/0x10
[ 2746.109911][ T4293]  kernel_clone+0x23a/0x810
[ 2746.114417][ T4293]  ? __cfi_kernel_clone+0x10/0x10
[ 2746.119449][ T4293]  ? __kasan_check_write+0x14/0x20
[ 2746.124566][ T4293]  ? mutex_unlock+0x89/0x220
[ 2746.129161][ T4293]  __x64_sys_clone+0x168/0x1b0
[ 2746.133930][ T4293]  ? __cfi___x64_sys_clone+0x10/0x10
[ 2746.139223][ T4293]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2746.145289][ T4293]  x64_sys_call+0x990/0x9a0
[ 2746.149790][ T4293]  do_syscall_64+0x4c/0xa0
[ 2746.154226][ T4293]  ? clear_bhb_loop+0x15/0x70
[ 2746.158898][ T4293]  ? clear_bhb_loop+0x15/0x70
[ 2746.163570][ T4293]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2746.169469][ T4293] RIP: 0033:0x7f9ead38e969
[ 2746.173882][ T4293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2746.193656][ T4293] RSP: 002b:00007f9eae16ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2746.202073][ T4293] RAX: ffffffffffffffda RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38e969
[ 2746.210042][ T4293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[ 2746.218012][ T4293] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2746.225980][ T4293] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 2746.233947][ T4293] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2746.241943][ T4293]  </TASK>
[ 2748.122812][   T28] kauditd_printk_skb: 274 callbacks suppressed
[ 2748.122834][   T28] audit: type=1400 audit(2000001624.651:126786): avc:  denied  { bpf } for  pid=4308 comm="syz.5.10856" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2748.193351][   T28] audit: type=1400 audit(2000001624.651:126787): avc:  denied  { prog_load } for  pid=4308 comm="syz.5.10856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2748.226071][   T28] audit: type=1400 audit(2000001624.651:126788): avc:  denied  { bpf } for  pid=4308 comm="syz.5.10856" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2748.299127][ T4315] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2748.308908][   T28] audit: type=1400 audit(2000001624.651:126789): avc:  denied  { bpf } for  pid=4308 comm="syz.5.10856" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2748.348357][ T4315] audit: audit_lost=2040 audit_rate_limit=0 audit_backlog_limit=64
[ 2748.356566][ T4315] audit: backlog limit exceeded
[ 2748.361957][ T4315] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2748.368563][ T4315] audit: audit_lost=2041 audit_rate_limit=0 audit_backlog_limit=64
[ 2748.376725][ T4315] audit: backlog limit exceeded
[ 2748.514738][T32613] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0
[ 2748.532677][T32613] hid-generic 0000:0000:0000.0043: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2752.126972][ T4349] netlink: 88 bytes leftover after parsing attributes in process `syz.1.10867'.
[ 2752.162700][T26519] usb 7-1: new full-speed USB device number 74 using dummy_hcd
[ 2752.273006][ T4352] FAULT_INJECTION: forcing a failure.
[ 2752.273006][ T4352] name failslab, interval 1, probability 0, space 0, times 0
[ 2752.285702][ T4352] CPU: 1 PID: 4352 Comm: syz.5.10866 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2752.297257][ T4352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2752.307324][ T4352] Call Trace:
[ 2752.310621][ T4352]  <TASK>
[ 2752.313562][ T4352]  __dump_stack+0x21/0x24
[ 2752.317913][ T4352]  dump_stack_lvl+0xee/0x150
[ 2752.322520][ T4352]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2752.327558][ T4352]  ? preempt_schedule_irq+0xbb/0x110
[ 2752.332892][ T4352]  ? __cfi_preempt_schedule_irq+0x10/0x10
[ 2752.338637][ T4352]  ? __cfi_push_rt_tasks+0x10/0x10
[ 2752.343753][ T4352]  ? finish_task_switch+0x16b/0x7b0
[ 2752.348964][ T4352]  dump_stack+0x15/0x24
[ 2752.353128][ T4352]  should_fail_ex+0x3d4/0x520
[ 2752.357851][ T4352]  __should_failslab+0xac/0xf0
[ 2752.362624][ T4352]  ? __se_sys_memfd_create+0xf2/0x3b0
[ 2752.368000][ T4352]  should_failslab+0x9/0x20
[ 2752.372507][ T4352]  __kmem_cache_alloc_node+0x3d/0x2c0
[ 2752.377935][ T4352]  ? __se_sys_memfd_create+0xf2/0x3b0
[ 2752.383319][ T4352]  __kmalloc+0xa1/0x1e0
[ 2752.387481][ T4352]  ? strnlen_user+0x10d/0x190
[ 2752.392174][ T4352]  __se_sys_memfd_create+0xf2/0x3b0
[ 2752.397467][ T4352]  __x64_sys_memfd_create+0x5b/0x70
[ 2752.402677][ T4352]  x64_sys_call+0x235/0x9a0
[ 2752.407184][ T4352]  do_syscall_64+0x4c/0xa0
[ 2752.411626][ T4352]  ? clear_bhb_loop+0x15/0x70
[ 2752.416324][ T4352]  ? clear_bhb_loop+0x15/0x70
[ 2752.420998][ T4352]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2752.426900][ T4352] RIP: 0033:0x7f9ead38e969
[ 2752.431314][ T4352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2752.450918][ T4352] RSP: 002b:00007f9eae12de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 2752.459338][ T4352] RAX: ffffffffffffffda RBX: 0000000000000511 RCX: 00007f9ead38e969
[ 2752.467315][ T4352] RDX: 00007f9eae12def0 RSI: 0000000000000000 RDI: 00007f9ead411444
[ 2752.475289][ T4352] RBP: 0000200000000540 R08: 00007f9eae12dbb7 R09: 00007f9eae12de40
[ 2752.483301][ T4352] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000500
[ 2752.491274][ T4352] R13: 00007f9eae12def0 R14: 00007f9eae12deb0 R15: 0000200000000240
[ 2752.499336][ T4352]  </TASK>
[ 2752.502527][  T512] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 2752.615556][T26519] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2752.632197][T26519] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2752.656306][T26519] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 2752.676315][T26519] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2752.685121][T26519] usb 7-1: SerialNumber: syz
[ 2752.704897][T26519] usb 7-1: 0:2 : does not exist
[ 2752.709914][  T512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2752.724544][  T512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2752.737548][  T512] usb 3-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 2752.747108][  T512] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2752.757460][  T512] usb 3-1: config 0 descriptor??
[ 2752.920042][T21732] usb 7-1: USB disconnect, device number 74
[ 2753.825717][   T28] kauditd_printk_skb: 502 callbacks suppressed
[ 2753.832690][   T28] audit: type=1400 audit(2000001631.531:127292): avc:  denied  { bpf } for  pid=4341 comm="syz.2.10865" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2753.885309][   T28] audit: type=1400 audit(2000001631.551:127293): avc:  denied  { map_create } for  pid=4341 comm="syz.2.10865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2753.951096][   T28] audit: type=1400 audit(2000001631.591:127294): avc:  denied  { bpf } for  pid=4341 comm="syz.2.10865" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2753.983961][   T28] audit: type=1400 audit(2000001631.601:127295): avc:  denied  { prog_load } for  pid=4341 comm="syz.2.10865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2754.004686][   T28] audit: type=1400 audit(2000001631.611:127296): avc:  denied  { bpf } for  pid=4341 comm="syz.2.10865" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2754.070952][   T28] audit: type=1400 audit(2000001631.621:127297): avc:  denied  { bpf } for  pid=4341 comm="syz.2.10865" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2754.128791][   T28] audit: type=1400 audit(2000001631.631:127298): avc:  denied  { perfmon } for  pid=4341 comm="syz.2.10865" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2754.142926][ T4386] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2754.158320][ T4386] audit: audit_lost=2042 audit_rate_limit=0 audit_backlog_limit=64
[ 2754.166806][ T4386] audit: backlog limit exceeded
[ 2754.177187][ T4386] netlink: 24 bytes leftover after parsing attributes in process `syz.6.10877'.
[ 2754.193803][ T4388] netlink: 24 bytes leftover after parsing attributes in process `syz.6.10877'.
[ 2754.499192][ T4391] device syzkaller0 entered promiscuous mode
[ 2754.988830][  T512] usbhid 3-1:0.0: can't add hid device: -71
[ 2755.000960][  T512] usbhid: probe of 3-1:0.0 failed with error -71
[ 2755.172690][  T512] usb 3-1: USB disconnect, device number 101
[ 2756.164543][ T4406] netlink: 56 bytes leftover after parsing attributes in process `syz.6.10882'.
[ 2757.328630][ T4412] FAULT_INJECTION: forcing a failure.
[ 2757.328630][ T4412] name failslab, interval 1, probability 0, space 0, times 0
[ 2758.141871][ T4412] CPU: 1 PID: 4412 Comm: syz.5.10884 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2758.153292][ T4412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2758.163366][ T4412] Call Trace:
[ 2758.166659][ T4412]  <TASK>
[ 2758.169598][ T4412]  __dump_stack+0x21/0x24
[ 2758.173948][ T4412]  dump_stack_lvl+0xee/0x150
[ 2758.178642][ T4412]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2758.183685][ T4412]  ? stack_trace_save+0x98/0xe0
[ 2758.188552][ T4412]  dump_stack+0x15/0x24
[ 2758.192723][ T4412]  should_fail_ex+0x3d4/0x520
[ 2758.197414][ T4412]  __should_failslab+0xac/0xf0
[ 2758.202186][ T4412]  should_failslab+0x9/0x20
[ 2758.206705][ T4412]  kmem_cache_alloc_node+0x42/0x340
[ 2758.211915][ T4412]  ? dup_task_struct+0x5a/0x770
[ 2758.216790][ T4412]  dup_task_struct+0x5a/0x770
[ 2758.221487][ T4412]  ? __kasan_check_write+0x14/0x20
[ 2758.226614][ T4412]  ? recalc_sigpending+0x168/0x1c0
[ 2758.231745][ T4412]  copy_process+0x5ac/0x3470
[ 2758.236449][ T4412]  ? __cfi_kstrtouint_from_user+0x10/0x10
[ 2758.242194][ T4412]  ? __kasan_check_write+0x14/0x20
[ 2758.247323][ T4412]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2758.252626][ T4412]  ? idle_dummy+0x10/0x10
[ 2758.256988][ T4412]  kernel_clone+0x23a/0x810
[ 2758.261506][ T4412]  ? __cfi_kernel_clone+0x10/0x10
[ 2758.266552][ T4412]  ? __kasan_check_write+0x14/0x20
[ 2758.271680][ T4412]  ? mutex_unlock+0x89/0x220
[ 2758.276312][ T4412]  __x64_sys_clone+0x168/0x1b0
[ 2758.281095][ T4412]  ? __cfi___x64_sys_clone+0x10/0x10
[ 2758.286409][ T4412]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2758.292502][ T4412]  x64_sys_call+0x990/0x9a0
[ 2758.297020][ T4412]  do_syscall_64+0x4c/0xa0
[ 2758.301453][ T4412]  ? clear_bhb_loop+0x15/0x70
[ 2758.306136][ T4412]  ? clear_bhb_loop+0x15/0x70
[ 2758.310830][ T4412]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2758.316748][ T4412] RIP: 0033:0x7f9ead38e969
[ 2758.321171][ T4412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2758.340783][ T4412] RSP: 002b:00007f9eae16ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2758.349226][ T4412] RAX: ffffffffffffffda RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38e969
[ 2758.357209][ T4412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000042000000
[ 2758.365275][ T4412] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2758.373260][ T4412] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 2758.381243][ T4412] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2758.389233][ T4412]  </TASK>
[ 2758.749246][ T4429] netlink: 88 bytes leftover after parsing attributes in process `syz.5.10889'.
[ 2758.862622][   T28] kauditd_printk_skb: 451 callbacks suppressed
[ 2758.862644][   T28] audit: type=1400 audit(2000001637.131:127687): avc:  denied  { execmem } for  pid=4431 comm="syz.3.10890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 2758.972667][  T512] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 2759.342665][  T512] usb 2-1: Using ep0 maxpacket: 8
[ 2759.382031][  T512] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 2759.459053][   T28] audit: type=1400 audit(2000001637.301:127688): avc:  denied  { ioctl } for  pid=4426 comm="syz.1.10888" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2759.586618][  T512] usb 2-1: config 4 has an invalid interface number: 147 but max is 0
[ 2759.789235][  T512] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[ 2759.853210][  T512] usb 2-1: config 4 has no interface number 0
[ 2759.883125][ T4439] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2759.889688][ T4439] audit: audit_lost=2064 audit_rate_limit=0 audit_backlog_limit=64
[ 2759.912584][   T28] audit: type=1400 audit(2000001637.301:127689): avc:  denied  { ioctl } for  pid=4426 comm="syz.1.10888" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2759.958456][ T4428] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2759.973629][ T4440] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2759.983027][ T4428] audit: audit_lost=2065 audit_rate_limit=0 audit_backlog_limit=64
[ 2760.043744][ T4440] audit: audit_lost=2066 audit_rate_limit=0 audit_backlog_limit=64
[ 2760.045341][ T4441] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2760.060975][  T512] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[ 2760.084002][  T512] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2760.118132][  T512] usb 2-1: Product: syz
[ 2760.149593][ T2313] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0
[ 2760.152634][  T512] usb 2-1: Manufacturer: syz
[ 2760.165538][ T2313] hid-generic 0000:0000:0000.0044: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2760.171777][  T512] usb 2-1: SerialNumber: syz
[ 2760.705551][ T4446] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10893'.
[ 2761.334099][  T681] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[ 2761.824657][  T681] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2761.848362][  T681] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2761.867964][  T681] usb 6-1: New USB device found, idVendor=046d, idProduct=c211, bcdDevice= 0.00
[ 2761.883643][  T681] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2761.919232][  T681] usb 6-1: config 0 descriptor??
[ 2762.138444][  T512] usb 2-1: Found UVC 0.02 device syz (04f2:b746)
[ 2762.147925][  T512] usb 2-1: No valid video chain found.
[ 2762.165648][  T512] usb 2-1: USB disconnect, device number 83
[ 2763.525888][  T681] usbhid 6-1:0.0: can't add hid device: -71
[ 2763.531898][  T681] usbhid: probe of 6-1:0.0 failed with error -71
[ 2763.540772][  T681] usb 6-1: USB disconnect, device number 109
[ 2764.239606][   T28] kauditd_printk_skb: 381 callbacks suppressed
[ 2764.239712][   T28] audit: type=1400 audit(2000001641.941:128018): avc:  denied  { bpf } for  pid=4476 comm="syz.2.10903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.432266][   T28] audit: type=1400 audit(2000001641.941:128019): avc:  denied  { map_create } for  pid=4476 comm="syz.2.10903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2764.649891][   T28] audit: type=1400 audit(2000001641.941:128020): avc:  denied  { map_read map_write } for  pid=4476 comm="syz.2.10903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2764.677795][   T28] audit: type=1400 audit(2000001641.991:128021): avc:  denied  { bpf } for  pid=4476 comm="syz.2.10903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.736488][ T2312] usb 7-1: new low-speed USB device number 75 using dummy_hcd
[ 2764.744693][   T28] audit: type=1400 audit(2000001641.991:128022): avc:  denied  { prog_load } for  pid=4476 comm="syz.2.10903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2764.764564][   T28] audit: type=1400 audit(2000001641.991:128023): avc:  denied  { bpf } for  pid=4476 comm="syz.2.10903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.786995][   T28] audit: type=1400 audit(2000001642.001:128024): avc:  denied  { bpf } for  pid=4476 comm="syz.2.10903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.819862][   T28] audit: type=1400 audit(2000001642.001:128025): avc:  denied  { perfmon } for  pid=4476 comm="syz.2.10903" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.842919][   T28] audit: type=1400 audit(2000001642.011:128026): avc:  denied  { bpf } for  pid=4476 comm="syz.2.10903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2764.866450][   T28] audit: type=1400 audit(2000001642.011:128027): avc:  denied  { perfmon } for  pid=4476 comm="syz.2.10903" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2766.017675][T21732] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0
[ 2766.308669][T21732] hid-generic 0000:0000:0000.0045: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2766.822412][ T4519] binfmt_misc: register: failed to install interpreter file ./file2
[ 2766.882613][T21732] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 2766.890374][  T681] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[ 2767.145912][  T681] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 2767.155791][T21732] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2767.166786][  T681] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 2767.177090][T21732] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2767.186273][  T681] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 2767.196015][T21732] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2767.204124][  T681] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[ 2767.225118][T21732] usb 3-1: config 0 descriptor??
[ 2767.415543][  T681] usb 6-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 2767.424740][  T681] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2767.434199][  T681] usb 6-1: Product: syz
[ 2767.438494][  T681] usb 6-1: Manufacturer: syz
[ 2767.443151][  T681] usb 6-1: SerialNumber: syz
[ 2767.449602][  T681] usb 6-1: config 0 descriptor??
[ 2767.460008][  T681] ums-isd200 6-1:0.0: USB Mass Storage device detected
[ 2767.622325][ T4540] netlink: 88 bytes leftover after parsing attributes in process `syz.6.10923'.
[ 2767.759823][ T4513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2767.768440][ T4513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2767.875917][T21732] keytouch 0003:0926:3333.0046: fixing up Keytouch IEC report descriptor
[ 2768.039204][T21732] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0046/input/input101
[ 2768.069677][  T681] scsi host1: usb-storage 6-1:0.0
[ 2768.120997][ T4547] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10924'.
[ 2768.150125][T21732] keytouch 0003:0926:3333.0046: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[ 2768.292809][ T2312] usb 6-1: USB disconnect, device number 110
[ 2768.684402][ T2312] usb 3-1: USB disconnect, device number 102
[ 2768.699546][T32613] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0
[ 2768.719068][T32613] hid-generic 0000:0000:0000.0047: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2769.245036][   T28] kauditd_printk_skb: 688 callbacks suppressed
[ 2769.245054][   T28] audit: type=1400 audit(2000001647.551:128716): avc:  denied  { bpf } for  pid=4565 comm="syz.5.10930" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.361826][   T28] audit: type=1400 audit(2000001647.611:128717): avc:  denied  { perfmon } for  pid=4565 comm="syz.5.10930" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.435024][ T4570] FAULT_INJECTION: forcing a failure.
[ 2769.435024][ T4570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2769.443459][   T28] audit: type=1400 audit(2000001647.611:128718): avc:  denied  { perfmon } for  pid=4565 comm="syz.5.10930" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.502284][ T4570] CPU: 0 PID: 4570 Comm: syz.2.10931 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2769.513701][ T4570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2769.523773][ T4570] Call Trace:
[ 2769.527092][ T4570]  <TASK>
[ 2769.530029][ T4570]  __dump_stack+0x21/0x24
[ 2769.534384][ T4570]  dump_stack_lvl+0xee/0x150
[ 2769.538994][ T4570]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2769.544037][ T4570]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 2769.549871][ T4570]  dump_stack+0x15/0x24
[ 2769.554050][ T4570]  should_fail_ex+0x3d4/0x520
[ 2769.558742][ T4570]  should_fail+0xb/0x10
[ 2769.562907][ T4570]  should_fail_usercopy+0x1a/0x20
[ 2769.567956][ T4570]  _copy_from_user+0x1e/0xc0
[ 2769.572557][ T4570]  ? __cfi_do_get_msr+0x10/0x10
[ 2769.577420][ T4570]  msr_io+0x96/0x2e0
[ 2769.581323][ T4570]  ? __cfi_kvm_arch_vcpu_load+0x10/0x10
[ 2769.586883][ T4570]  ? kvm_arch_dev_ioctl+0x7c0/0x7c0
[ 2769.592104][ T4570]  kvm_arch_vcpu_ioctl+0x757/0x2240
[ 2769.597317][ T4570]  ? __cfi_kvm_arch_vcpu_ioctl+0x10/0x10
[ 2769.602972][ T4570]  ? 0xffffffffa0003de4
[ 2769.607135][ T4570]  ? is_bpf_text_address+0x177/0x190
[ 2769.612439][ T4570]  ? kernel_text_address+0xa0/0xd0
[ 2769.617567][ T4570]  ? __kernel_text_address+0xd/0x30
[ 2769.622779][ T4570]  ? unwind_get_return_address+0x4d/0x90
[ 2769.622996][   T28] audit: type=1400 audit(2000001647.611:128719): avc:  denied  { perfmon } for  pid=4565 comm="syz.5.10930" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.628419][ T4570]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[ 2769.655820][ T4570]  ? arch_stack_walk+0xfc/0x150
[ 2769.660711][ T4570]  ? stack_trace_save+0x98/0xe0
[ 2769.665584][ T4570]  ? __stack_depot_save+0x36/0x480
[ 2769.670734][ T4570]  ? _parse_integer_limit+0x18a/0x1d0
[ 2769.671989][   T28] audit: type=1400 audit(2000001647.611:128720): avc:  denied  { perfmon } for  pid=4565 comm="syz.5.10930" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.676126][ T4570]  ? do_vfs_ioctl+0xc36/0x1c80
[ 2769.697440][   T28] audit: type=1400 audit(2000001647.611:128721): avc:  denied  { bpf } for  pid=4565 comm="syz.5.10930" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.701972][ T4570]  ? __ia32_compat_sys_ioctl+0x790/0x790
[ 2769.722779][   T28] audit: type=1400 audit(2000001647.621:128722): avc:  denied  { perfmon } for  pid=4565 comm="syz.5.10930" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.728327][ T4570]  ? kstrtouint+0x74/0xe0
[ 2769.753840][ T4570]  ? kstrtouint_from_user+0xf7/0x150
[ 2769.759166][ T4570]  ? __cfi_kstrtouint_from_user+0x10/0x10
[ 2769.759770][   T28] audit: type=1400 audit(2000001647.621:128723): avc:  denied  { bpf } for  pid=4565 comm="syz.5.10930" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.764901][ T4570]  ? memcpy+0x56/0x70
[ 2769.789622][ T4570]  ? __kasan_check_write+0x14/0x20
[ 2769.794752][ T4570]  ? mutex_lock_killable+0x8d/0x1a0
[ 2769.799973][ T4570]  ? __cfi_mutex_lock_killable+0x10/0x10
[ 2769.805646][ T4570]  kvm_vcpu_ioctl+0x6ac/0xb70
[ 2769.810372][ T4570]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2769.815611][ T4570]  ? selinux_file_ioctl+0x377/0x480
[ 2769.820846][ T4570]  ? __cfi_selinux_file_ioctl+0x10/0x10
[ 2769.826240][   T28] audit: type=1400 audit(2000001647.621:128724): avc:  denied  { bpf } for  pid=4565 comm="syz.5.10930" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2769.826423][ T4570]  ? mutex_unlock+0x89/0x220
[ 2769.851749][ T4570]  ? __cfi_mutex_unlock+0x10/0x10
[ 2769.856808][ T4570]  ? __fget_files+0x2d5/0x330
[ 2769.861525][ T4570]  ? security_file_ioctl+0x95/0xc0
[ 2769.866658][ T4570]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[ 2769.870813][   T28] audit: type=1400 audit(2000001647.631:128725): avc:  denied  { prog_run } for  pid=4565 comm="syz.5.10930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2769.871884][ T4570]  __se_sys_ioctl+0x12f/0x1b0
[ 2769.895740][ T4570]  __x64_sys_ioctl+0x7b/0x90
[ 2769.900361][ T4570]  x64_sys_call+0x58b/0x9a0
[ 2769.904890][ T4570]  do_syscall_64+0x4c/0xa0
[ 2769.909330][ T4570]  ? clear_bhb_loop+0x15/0x70
[ 2769.914028][ T4570]  ? clear_bhb_loop+0x15/0x70
[ 2769.918732][ T4570]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2769.924670][ T4570] RIP: 0033:0x7f15ded8e969
[ 2769.929112][ T4570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2769.948742][ T4570] RSP: 002b:00007f15dfb9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2769.957189][ T4570] RAX: ffffffffffffffda RBX: 00007f15defb5fa0 RCX: 00007f15ded8e969
[ 2769.965611][ T4570] RDX: 0000200000000540 RSI: 00000000c008ae88 RDI: 0000000000000008
[ 2769.973613][ T4570] RBP: 00007f15dfb9c090 R08: 0000000000000000 R09: 0000000000000000
[ 2769.981610][ T4570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2769.989608][ T4570] R13: 0000000000000000 R14: 00007f15defb5fa0 R15: 00007ffc130b80e8
[ 2769.997708][ T4570]  </TASK>
[ 2770.419818][T26519] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 2770.612590][T26519] usb 2-1: Using ep0 maxpacket: 16
[ 2770.619161][T26519] usb 2-1: too many configurations: 112, using maximum allowed: 8
[ 2770.635020][ T4585] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 2770.653376][ T4585] SELinux: failed to load policy
[ 2770.664253][T26519] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 2770.692003][T26519] usb 2-1: New USB device strings: Mfr=144, Product=246, SerialNumber=0
[ 2770.701807][T26519] usb 2-1: Product: syz
[ 2770.701829][T26519] usb 2-1: Manufacturer: syz
[ 2770.722943][ T4588] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10936'.
[ 2770.846679][ T4591] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10937'.
[ 2770.956771][T26519] r8152-cfgselector 2-1: Unknown version 0x0000
[ 2770.969753][T26519] cdc_acm 2-1:1.0: Zero length descriptor references
[ 2770.976565][T26519] cdc_acm: probe of 2-1:1.0 failed with error -22
[ 2770.984158][T26519] r8152-cfgselector 2-1: Unknown version 0x0000
[ 2770.997544][T26519] r8152-cfgselector 2-1: USB disconnect, device number 84
[ 2771.072808][ T4599] syz.6.10938[4599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2771.072913][ T4599] syz.6.10938[4599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2771.882126][ T4605] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10940'.
[ 2772.129515][ T2312] usb 6-1: new low-speed USB device number 111 using dummy_hcd
[ 2772.315968][ T2312] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2772.333597][ T2312] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2772.356708][ T2312] usb 6-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 2772.379534][ T2312] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2772.391331][ T2312] usb 6-1: config 0 descriptor??
[ 2772.825779][ T2312] steelseries_srws1 0003:1038:1410.0048: unknown main item tag 0x0
[ 2772.854207][ T2312] steelseries_srws1 0003:1038:1410.0048: item fetching failed at offset 2/7
[ 2772.874503][ T2312] steelseries_srws1 0003:1038:1410.0048: parse failed
[ 2772.904604][ T2312] steelseries_srws1: probe of 0003:1038:1410.0048 failed with error -22
[ 2773.174300][ T4650] netlink: 88 bytes leftover after parsing attributes in process `syz.3.10951'.
[ 2773.557402][ T4648] overlayfs: missing 'lowerdir'
[ 2773.712934][ T4657] FAULT_INJECTION: forcing a failure.
[ 2773.712934][ T4657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2773.753471][ T4657] CPU: 0 PID: 4657 Comm: syz.6.10952 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2773.765063][ T4657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2773.775291][ T4657] Call Trace:
[ 2773.778596][ T4657]  <TASK>
[ 2773.781545][ T4657]  __dump_stack+0x21/0x24
[ 2773.785912][ T4657]  dump_stack_lvl+0xee/0x150
[ 2773.790535][ T4657]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2773.795599][ T4657]  dump_stack+0x15/0x24
[ 2773.799782][ T4657]  should_fail_ex+0x3d4/0x520
[ 2773.804487][ T4657]  should_fail+0xb/0x10
[ 2773.808672][ T4657]  should_fail_usercopy+0x1a/0x20
[ 2773.813721][ T4657]  _copy_to_user+0x1e/0x90
[ 2773.818159][ T4657]  simple_read_from_buffer+0xe9/0x160
[ 2773.823559][ T4657]  proc_fail_nth_read+0x19a/0x210
[ 2773.828615][ T4657]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2773.834191][ T4657]  ? security_file_permission+0x94/0xb0
[ 2773.839768][ T4657]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2773.845356][ T4657]  vfs_read+0x26e/0x8c0
[ 2773.849546][ T4657]  ? __cfi_vfs_read+0x10/0x10
[ 2773.854350][ T4657]  ? __kasan_check_write+0x14/0x20
[ 2773.859493][ T4657]  ? mutex_lock+0x8d/0x1a0
[ 2773.863945][ T4657]  ? __cfi_mutex_lock+0x10/0x10
[ 2773.868839][ T4657]  ? __fdget_pos+0x2cd/0x380
[ 2773.873458][ T4657]  ? ksys_read+0x71/0x240
[ 2773.877818][ T4657]  ksys_read+0x140/0x240
[ 2773.882090][ T4657]  ? __cfi_ksys_read+0x10/0x10
[ 2773.886884][ T4657]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2773.892176][ T4657]  __x64_sys_read+0x7b/0x90
[ 2773.896682][ T4657]  x64_sys_call+0x2f/0x9a0
[ 2773.901100][ T4657]  do_syscall_64+0x4c/0xa0
[ 2773.905518][ T4657]  ? clear_bhb_loop+0x15/0x70
[ 2773.910191][ T4657]  ? clear_bhb_loop+0x15/0x70
[ 2773.914865][ T4657]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2773.920760][ T4657] RIP: 0033:0x7fdc2b78d37c
[ 2773.925264][ T4657] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2773.944870][ T4657] RSP: 002b:00007fdc2c6a8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2773.953283][ T4657] RAX: ffffffffffffffda RBX: 00007fdc2b9b6080 RCX: 00007fdc2b78d37c
[ 2773.961251][ T4657] RDX: 000000000000000f RSI: 00007fdc2c6a80a0 RDI: 0000000000000008
[ 2773.969312][ T4657] RBP: 00007fdc2c6a8090 R08: 0000000000000000 R09: 0000000000000000
[ 2773.977301][ T4657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2773.985286][ T4657] R13: 0000000000000000 R14: 00007fdc2b9b6080 R15: 00007ffeee145388
[ 2773.993279][ T4657]  </TASK>
[ 2774.220605][ T2312] usb 6-1: USB disconnect, device number 111
[ 2774.284104][   T28] kauditd_printk_skb: 648 callbacks suppressed
[ 2774.284134][   T28] audit: type=1400 audit(2000001652.591:129374): avc:  denied  { bpf } for  pid=4662 comm="syz.1.10954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2774.358992][   T28] audit: type=1400 audit(2000001652.591:129375): avc:  denied  { prog_load } for  pid=4662 comm="syz.1.10954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2774.396739][   T28] audit: type=1400 audit(2000001652.591:129376): avc:  denied  { bpf } for  pid=4662 comm="syz.1.10954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2774.420356][   T28] audit: type=1400 audit(2000001652.591:129377): avc:  denied  { prog_load } for  pid=4662 comm="syz.1.10954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2774.441065][   T28] audit: type=1400 audit(2000001652.591:129378): avc:  denied  { bpf } for  pid=4662 comm="syz.1.10954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2774.480066][   T28] audit: type=1400 audit(2000001652.591:129379): avc:  denied  { map_create } for  pid=4662 comm="syz.1.10954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2774.501138][   T28] audit: type=1400 audit(2000001652.591:129380): avc:  denied  { bpf } for  pid=4662 comm="syz.1.10954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2774.524273][   T28] audit: type=1400 audit(2000001652.591:129381): avc:  denied  { map_read map_write } for  pid=4662 comm="syz.1.10954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2774.545512][   T28] audit: type=1400 audit(2000001652.591:129382): avc:  denied  { bpf } for  pid=4662 comm="syz.1.10954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2774.567486][   T28] audit: type=1400 audit(2000001652.591:129383): avc:  denied  { prog_load } for  pid=4662 comm="syz.1.10954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2774.579217][ T4672] syz.6.10956[4672] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2774.593442][ T4672] syz.6.10956[4672] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2774.611400][ T4672] FAULT_INJECTION: forcing a failure.
[ 2774.611400][ T4672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2774.636017][ T4672] CPU: 1 PID: 4672 Comm: syz.6.10956 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2774.647412][ T4672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2774.657490][ T4672] Call Trace:
[ 2774.660790][ T4672]  <TASK>
[ 2774.663740][ T4672]  __dump_stack+0x21/0x24
[ 2774.668106][ T4672]  dump_stack_lvl+0xee/0x150
[ 2774.672740][ T4672]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2774.677794][ T4672]  dump_stack+0x15/0x24
[ 2774.681981][ T4672]  should_fail_ex+0x3d4/0x520
[ 2774.686698][ T4672]  should_fail+0xb/0x10
[ 2774.690886][ T4672]  should_fail_usercopy+0x1a/0x20
[ 2774.695940][ T4672]  _copy_to_user+0x1e/0x90
[ 2774.700370][ T4672]  simple_read_from_buffer+0xe9/0x160
[ 2774.705755][ T4672]  proc_fail_nth_read+0x19a/0x210
[ 2774.711003][ T4672]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2774.716646][ T4672]  ? security_file_permission+0x94/0xb0
[ 2774.722228][ T4672]  ? __cfi_proc_fail_nth_read+0x10/0x10
[ 2774.727814][ T4672]  vfs_read+0x26e/0x8c0
[ 2774.731978][ T4672]  ? __cfi_vfs_read+0x10/0x10
[ 2774.736664][ T4672]  ? __kasan_check_write+0x14/0x20
[ 2774.741806][ T4672]  ? mutex_lock+0x8d/0x1a0
[ 2774.746233][ T4672]  ? __cfi_mutex_lock+0x10/0x10
[ 2774.751211][ T4672]  ? __fdget_pos+0x2cd/0x380
[ 2774.755811][ T4672]  ? ksys_read+0x71/0x240
[ 2774.760176][ T4672]  ksys_read+0x140/0x240
[ 2774.764427][ T4672]  ? __cfi_filldir64+0x10/0x10
[ 2774.769194][ T4672]  ? __cfi_ksys_read+0x10/0x10
[ 2774.773987][ T4672]  ? debug_smp_processor_id+0x17/0x20
[ 2774.779435][ T4672]  __x64_sys_read+0x7b/0x90
[ 2774.783979][ T4672]  x64_sys_call+0x2f/0x9a0
[ 2774.788424][ T4672]  do_syscall_64+0x4c/0xa0
[ 2774.792850][ T4672]  ? clear_bhb_loop+0x15/0x70
[ 2774.797534][ T4672]  ? clear_bhb_loop+0x15/0x70
[ 2774.802219][ T4672]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2774.808219][ T4672] RIP: 0033:0x7fdc2b78d37c
[ 2774.812719][ T4672] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2774.832428][ T4672] RSP: 002b:00007fdc2c6c9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2774.840848][ T4672] RAX: ffffffffffffffda RBX: 00007fdc2b9b5fa0 RCX: 00007fdc2b78d37c
[ 2774.848819][ T4672] RDX: 000000000000000f RSI: 00007fdc2c6c90a0 RDI: 0000000000000007
[ 2774.856876][ T4672] RBP: 00007fdc2c6c9090 R08: 0000000000000000 R09: 0000000000000000
[ 2774.864873][ T4672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2774.872843][ T4672] R13: 0000000000000000 R14: 00007fdc2b9b5fa0 R15: 00007ffeee145388
[ 2774.880820][ T4672]  </TASK>
[ 2775.233025][ T4688] block device autoloading is deprecated and will be removed.
[ 2775.240770][ T4688] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2775.262593][ T4688] FAT-fs (loop5): unable to read boot sector
[ 2776.271586][ T4701] loop5: detected capacity change from 0 to 256
[ 2776.308644][ T4701] exfat: Deprecated parameter 'utf8'
[ 2776.314602][ T4701] exfat: Deprecated parameter 'namecase'
[ 2776.320600][ T4701] exfat: Deprecated parameter 'utf8'
[ 2776.326920][ T4701] exfat: Bad value for 'uid'
[ 2776.752955][ T2312] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 2776.784056][ T4702] FAULT_INJECTION: forcing a failure.
[ 2776.784056][ T4702] name failslab, interval 1, probability 0, space 0, times 0
[ 2776.832293][ T4702] CPU: 0 PID: 4702 Comm: syz.3.10966 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2776.843717][ T4702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2776.853788][ T4702] Call Trace:
[ 2776.857087][ T4702]  <TASK>
[ 2776.860041][ T4702]  __dump_stack+0x21/0x24
[ 2776.864405][ T4702]  dump_stack_lvl+0xee/0x150
[ 2776.869040][ T4702]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2776.874089][ T4702]  ? stack_trace_save+0x98/0xe0
[ 2776.878965][ T4702]  dump_stack+0x15/0x24
[ 2776.883152][ T4702]  should_fail_ex+0x3d4/0x520
[ 2776.887861][ T4702]  __should_failslab+0xac/0xf0
[ 2776.892658][ T4702]  should_failslab+0x9/0x20
[ 2776.897186][ T4702]  kmem_cache_alloc_node+0x42/0x340
[ 2776.902392][ T4702]  ? dup_task_struct+0x5a/0x770
[ 2776.907301][ T4702]  dup_task_struct+0x5a/0x770
[ 2776.912013][ T4702]  ? __kasan_check_write+0x14/0x20
[ 2776.917575][ T4702]  ? recalc_sigpending+0x168/0x1c0
[ 2776.922693][ T4702]  copy_process+0x5ac/0x3470
[ 2776.927296][ T4702]  ? __cfi_kstrtouint_from_user+0x10/0x10
[ 2776.933033][ T4702]  ? __kasan_check_write+0x14/0x20
[ 2776.938159][ T4702]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2776.943461][ T4702]  ? idle_dummy+0x10/0x10
[ 2776.947912][ T4702]  kernel_clone+0x23a/0x810
[ 2776.952423][ T4702]  ? __cfi_kernel_clone+0x10/0x10
[ 2776.957459][ T4702]  ? __kasan_check_write+0x14/0x20
[ 2776.962579][ T4702]  ? mutex_unlock+0x89/0x220
[ 2776.967189][ T4702]  __x64_sys_clone+0x168/0x1b0
[ 2776.971979][ T4702]  ? __cfi___x64_sys_clone+0x10/0x10
[ 2776.977274][ T4702]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2776.983345][ T4702]  x64_sys_call+0x990/0x9a0
[ 2776.987852][ T4702]  do_syscall_64+0x4c/0xa0
[ 2776.992271][ T4702]  ? clear_bhb_loop+0x15/0x70
[ 2776.996945][ T4702]  ? clear_bhb_loop+0x15/0x70
[ 2777.001626][ T4702]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2777.007534][ T4702] RIP: 0033:0x7f1db9d8e969
[ 2777.011992][ T4702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2777.031949][ T4702] RSP: 002b:00007f1dbaccffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2777.040373][ T4702] RAX: ffffffffffffffda RBX: 00007f1db9fb5fa0 RCX: 00007f1db9d8e969
[ 2777.048359][ T4702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000200000
[ 2777.056335][ T4702] RBP: 00007f1dbacd0090 R08: 0000000000000000 R09: 0000000000000000
[ 2777.064306][ T4702] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 2777.072277][ T4702] R13: 0000000000000000 R14: 00007f1db9fb5fa0 R15: 00007ffc0f223f08
[ 2777.080257][ T4702]  </TASK>
[ 2777.182654][ T2312] usb 2-1: Using ep0 maxpacket: 32
[ 2777.193498][ T2312] usb 2-1: config 1 has an invalid interface number: 242 but max is 0
[ 2777.229689][ T2312] usb 2-1: config 1 has no interface number 0
[ 2777.253340][ T2312] usb 2-1: config 1 interface 242 has no altsetting 0
[ 2777.275716][ T2312] usb 2-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df
[ 2777.293859][ T2312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2777.303311][ T4706] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 2777.350566][ T2312] usb 2-1: Product: syz
[ 2777.356292][ T2312] usb 2-1: Manufacturer: syz
[ 2777.361084][ T2312] usb 2-1: SerialNumber: syz
[ 2777.388036][ T4706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10968'.
[ 2777.876604][ T4715] loop5: detected capacity change from 0 to 512
[ 2777.886667][ T4715] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 2777.895522][ T4715] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2777.915350][ T4694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2777.932712][ T4694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2777.947664][ T4715] EXT4-fs warning (device loop5): ext4_enable_quotas:7024: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 2777.963052][ T4715] EXT4-fs (loop5): mount failed
[ 2778.205522][ T4724] FAULT_INJECTION: forcing a failure.
[ 2778.205522][ T4724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2778.219055][ T4724] CPU: 1 PID: 4724 Comm: syz.2.10972 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2778.230462][ T4724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2778.240535][ T4724] Call Trace:
[ 2778.243823][ T4724]  <TASK>
[ 2778.246770][ T4724]  __dump_stack+0x21/0x24
[ 2778.251384][ T4724]  dump_stack_lvl+0xee/0x150
[ 2778.255989][ T4724]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2778.261030][ T4724]  ? __schedule+0xb8f/0x14e0
[ 2778.265647][ T4724]  dump_stack+0x15/0x24
[ 2778.269816][ T4724]  should_fail_ex+0x3d4/0x520
[ 2778.274511][ T4724]  should_fail+0xb/0x10
[ 2778.278676][ T4724]  should_fail_usercopy+0x1a/0x20
[ 2778.283803][ T4724]  _copy_from_user+0x1e/0xc0
[ 2778.288504][ T4724]  ___sys_sendmsg+0x155/0x290
[ 2778.293205][ T4724]  ? __sys_sendmsg+0x270/0x270
[ 2778.298000][ T4724]  ? __fdget+0x19c/0x220
[ 2778.302352][ T4724]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2778.307312][ T4724]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2778.312794][ T4724]  ? __kasan_check_write+0x14/0x20
[ 2778.317925][ T4724]  x64_sys_call+0x171/0x9a0
[ 2778.322440][ T4724]  do_syscall_64+0x4c/0xa0
[ 2778.326888][ T4724]  ? clear_bhb_loop+0x15/0x70
[ 2778.331585][ T4724]  ? clear_bhb_loop+0x15/0x70
[ 2778.336274][ T4724]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2778.342288][ T4724] RIP: 0033:0x7f15ded8e969
[ 2778.346718][ T4724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2778.366430][ T4724] RSP: 002b:00007f15dfb5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2778.374868][ T4724] RAX: ffffffffffffffda RBX: 00007f15defb6160 RCX: 00007f15ded8e969
[ 2778.382955][ T4724] RDX: 0000000000040800 RSI: 0000200000000300 RDI: 0000000000000008
[ 2778.390951][ T4724] RBP: 00007f15dfb5a090 R08: 0000000000000000 R09: 0000000000000000
[ 2778.398938][ T4724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2778.406922][ T4724] R13: 0000000000000000 R14: 00007f15defb6160 R15: 00007ffc130b80e8
[ 2778.414909][ T4724]  </TASK>
[ 2778.487669][ T4728] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10974'.
[ 2778.597278][ T4739] FAULT_INJECTION: forcing a failure.
[ 2778.597278][ T4739] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2778.612080][ T4739] CPU: 1 PID: 4739 Comm: syz.5.10976 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2778.623491][ T4739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2778.633564][ T4739] Call Trace:
[ 2778.636858][ T4739]  <TASK>
[ 2778.639804][ T4739]  __dump_stack+0x21/0x24
[ 2778.644161][ T4739]  dump_stack_lvl+0xee/0x150
[ 2778.648784][ T4739]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2778.653846][ T4739]  ? _parse_integer+0x2a/0x40
[ 2778.658556][ T4739]  dump_stack+0x15/0x24
[ 2778.662738][ T4739]  should_fail_ex+0x3d4/0x520
[ 2778.667443][ T4739]  should_fail+0xb/0x10
[ 2778.671622][ T4739]  should_fail_usercopy+0x1a/0x20
[ 2778.676669][ T4739]  _copy_from_user+0x1e/0xc0
[ 2778.681374][ T4739]  ___sys_sendmsg+0x155/0x290
[ 2778.686091][ T4739]  ? __sys_sendmsg+0x270/0x270
[ 2778.690897][ T4739]  ? __kasan_check_write+0x14/0x20
[ 2778.696079][ T4739]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2778.701407][ T4739]  ? vfs_write+0x9d6/0xca0
[ 2778.705858][ T4739]  ? __fdget+0x19c/0x220
[ 2778.710122][ T4739]  __x64_sys_sendmsg+0x1f0/0x2c0
[ 2778.715080][ T4739]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[ 2778.720563][ T4739]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 2778.726658][ T4739]  x64_sys_call+0x171/0x9a0
[ 2778.731181][ T4739]  do_syscall_64+0x4c/0xa0
[ 2778.735654][ T4739]  ? clear_bhb_loop+0x15/0x70
[ 2778.740340][ T4739]  ? clear_bhb_loop+0x15/0x70
[ 2778.745020][ T4739]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2778.750932][ T4739] RIP: 0033:0x7f9ead38e969
[ 2778.755358][ T4739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2778.774966][ T4739] RSP: 002b:00007f9eae170038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2778.783393][ T4739] RAX: ffffffffffffffda RBX: 00007f9ead5b5fa0 RCX: 00007f9ead38e969
[ 2778.791363][ T4739] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[ 2778.799344][ T4739] RBP: 00007f9eae170090 R08: 0000000000000000 R09: 0000000000000000
[ 2778.807318][ T4739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2778.815414][ T4739] R13: 0000000000000000 R14: 00007f9ead5b5fa0 R15: 00007ffc31a107f8
[ 2778.823394][ T4739]  </TASK>
[ 2779.304421][   T28] kauditd_printk_skb: 710 callbacks suppressed
[ 2779.304438][   T28] audit: type=1400 audit(2000001657.611:130093): avc:  denied  { bpf } for  pid=4751 comm="syz.5.10980" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2779.396366][  T512] usb 7-1: new high-speed USB device number 76 using dummy_hcd
[ 2779.411806][   T28] audit: type=1400 audit(2000001657.641:130094): avc:  denied  { execmem } for  pid=4751 comm="syz.5.10980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 2779.433325][   T28] audit: type=1400 audit(2000001657.731:130095): avc:  denied  { ioctl } for  pid=4741 comm="syz.6.10977" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2779.470177][   T28] audit: type=1400 audit(2000001657.731:130096): avc:  denied  { ioctl } for  pid=4741 comm="syz.6.10977" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2779.837107][ T4755] loop5: detected capacity change from 0 to 512
[ 2779.877465][   T28] audit: type=1400 audit(2000001657.881:130097): avc:  denied  { bpf } for  pid=4751 comm="syz.5.10980" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2779.942208][  T512] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2780.027543][  T512] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2780.165790][ T4755] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2780.178176][ T4755] ext4 filesystem being mounted at /443/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2780.378983][ T2312] aqc111 2-1:1.242 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2780.612986][ T2312] aqc111 2-1:1.242 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2780.623851][   T28] audit: type=1400 audit(2000001657.881:130098): avc:  denied  { prog_load } for  pid=4751 comm="syz.5.10980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2780.645315][ T2312] aqc111 2-1:1.242 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2780.658561][   T28] audit: type=1400 audit(2000001657.881:130099): avc:  denied  { bpf } for  pid=4751 comm="syz.5.10980" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2780.667439][  T512] usb 7-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[ 2780.688470][  T512] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2780.698494][   T28] audit: type=1400 audit(2000001657.891:130100): avc:  denied  { bpf } for  pid=4751 comm="syz.5.10980" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2780.719776][   T28] audit: type=1400 audit(2000001657.891:130101): avc:  denied  { perfmon } for  pid=4751 comm="syz.5.10980" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2780.719903][  T512] usb 7-1: config 0 descriptor??
[ 2780.726036][ T2312] aqc111 2-1:1.242 eth1: register 'aqc111' at usb-dummy_hcd.1-1, Aquantia AQtion USB to 5GbE Controller, da:f2:4f:9e:2f:31
[ 2780.759314][   T28] audit: type=1400 audit(2000001657.891:130102): avc:  denied  { bpf } for  pid=4751 comm="syz.5.10980" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2780.867796][T30263] EXT4-fs (loop5): unmounting filesystem.
[ 2780.884704][ T2312] usb 2-1: USB disconnect, device number 85
[ 2780.898355][ T2312] aqc111 2-1:1.242 eth1: unregister 'aqc111' usb-dummy_hcd.1-1, Aquantia AQtion USB to 5GbE Controller
[ 2781.052877][ T2312] aqc111 2-1:1.242 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 2781.123033][ T2312] aqc111 2-1:1.242 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 2781.132407][ T2312] aqc111 2-1:1.242 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 2781.180244][ T4772] loop5: detected capacity change from 0 to 512
[ 2781.664729][ T4772] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2781.955027][ T4772] ext4 filesystem being mounted at /444/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2782.058598][T30263] EXT4-fs (loop5): unmounting filesystem.
[ 2782.336350][ T4787] loop5: detected capacity change from 0 to 256
[ 2782.405980][ T4787] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[ 2782.622628][T17771] tipc: Left network mode
[ 2782.755529][  T512] usbhid 7-1:0.0: can't add hid device: -71
[ 2782.761649][  T512] usbhid: probe of 7-1:0.0 failed with error -71
[ 2782.806864][  T512] usb 7-1: USB disconnect, device number 76
[ 2782.936789][ T4803] bridge: RTM_NEWNEIGH with invalid ether address
[ 2783.463462][T17771] device bridge_slave_1 left promiscuous mode
[ 2783.469650][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2783.508601][T17771] device bridge_slave_0 left promiscuous mode
[ 2783.523980][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2783.550599][T17771] device veth1_macvtap left promiscuous mode
[ 2784.110880][ T4813] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2784.129151][ T4813] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2784.137207][ T4813] device bridge_slave_0 entered promiscuous mode
[ 2784.145690][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2784.152946][ T4813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2784.160488][ T4813] device bridge_slave_1 entered promiscuous mode
[ 2784.316782][   T28] kauditd_printk_skb: 542 callbacks suppressed
[ 2784.316801][   T28] audit: type=1400 audit(2000001662.611:130645): avc:  denied  { module_request } for  pid=4813 comm="syz-executor" kmod="rtnl-link-virt_wifi" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 2784.422614][   T28] audit: type=1400 audit(2000001662.671:130646): avc:  denied  { bpf } for  pid=4809 comm="syz.6.10998" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2784.509873][   T28] audit: type=1400 audit(2000001662.671:130647): avc:  denied  { map_create } for  pid=4809 comm="syz.6.10998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2784.560359][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2784.567483][ T4813] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2784.574813][ T4813] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2784.581849][ T4813] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2784.622607][   T28] audit: type=1400 audit(2000001662.671:130648): avc:  denied  { perfmon } for  pid=4809 comm="syz.6.10998" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2784.687636][   T28] audit: type=1400 audit(2000001662.671:130649): avc:  denied  { map_read map_write } for  pid=4809 comm="syz.6.10998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 2784.725026][ T4851] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2784.726130][ T4849] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2784.731648][   T28] audit: type=1400 audit(2000001662.671:130650): avc:  denied  { bpf } for  pid=4809 comm="syz.6.10998" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2784.750807][ T4813] audit: audit_backlog=65 > audit_backlog_limit=64
[ 2784.759069][ T4851] audit: audit_lost=2084 audit_rate_limit=0 audit_backlog_limit=64
[ 2784.773816][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2784.790695][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2784.847352][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2784.857499][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2784.907025][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2784.917019][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2784.938778][T17771] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2784.945886][T17771] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2784.953987][ T2313] usb 3-1: new low-speed USB device number 103 using dummy_hcd
[ 2784.991531][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2785.005693][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2785.014291][T17771] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2785.021348][T17771] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2785.049326][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2785.061728][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2785.087233][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2785.097173][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2785.142661][ T4859] bridge: RTM_NEWNEIGH with invalid ether address
[ 2785.148051][ T2313] usb 3-1: Invalid ep0 maxpacket: 32
[ 2785.212513][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2785.223948][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2785.250127][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2785.260571][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2785.272786][ T4813] device veth0_vlan entered promiscuous mode
[ 2785.279182][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2785.288843][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2785.302589][ T2313] usb 3-1: new low-speed USB device number 104 using dummy_hcd
[ 2785.348097][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2785.367026][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2785.384974][ T4813] device veth1_macvtap entered promiscuous mode
[ 2785.407838][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2785.417378][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2785.425961][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2785.442018][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2785.451800][T17771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2785.492678][ T2313] usb 3-1: Invalid ep0 maxpacket: 32
[ 2785.498394][ T2313] usb usb3-port1: attempt power cycle
[ 2785.922611][ T2313] usb 3-1: new low-speed USB device number 105 using dummy_hcd
[ 2785.925135][ T4876] FAULT_INJECTION: forcing a failure.
[ 2785.925135][ T4876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2785.953894][ T4876] CPU: 1 PID: 4876 Comm: syz.1.11014 Tainted: G        W          6.1.134-syzkaller-00016-ga0fa2316cce1 #0
[ 2785.964840][ T2313] usb 3-1: Invalid ep0 maxpacket: 32
[ 2785.965302][ T4876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 2785.965319][ T4876] Call Trace:
[ 2785.965327][ T4876]  <TASK>
[ 2785.986960][ T4876]  __dump_stack+0x21/0x24
[ 2785.991317][ T4876]  dump_stack_lvl+0xee/0x150
[ 2785.995930][ T4876]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 2786.000985][ T4876]  dump_stack+0x15/0x24
[ 2786.005169][ T4876]  should_fail_ex+0x3d4/0x520
[ 2786.009875][ T4876]  should_fail+0xb/0x10
[ 2786.014047][ T4876]  should_fail_usercopy+0x1a/0x20
[ 2786.019093][ T4876]  _copy_from_user+0x1e/0xc0
[ 2786.023702][ T4876]  ___sys_sendmsg+0x155/0x290
[ 2786.028431][ T4876]  ? __sys_sendmsg+0x270/0x270
[ 2786.033239][ T4876]  ? kstrtouint+0x74/0xe0
[ 2786.037604][ T4876]  ? __fdget+0x19c/0x220
[ 2786.041873][ T4876]  __sys_sendmmsg+0x274/0x460
[ 2786.046577][ T4876]  ? slab_free_freelist_hook+0xc2/0x190
[ 2786.052134][ T4876]  ? __cfi___sys_sendmmsg+0x10/0x10
[ 2786.057349][ T4876]  ? __cfi_ksys_write+0x10/0x10
[ 2786.062227][ T4876]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2786.067090][ T4876]  x64_sys_call+0x3f5/0x9a0
[ 2786.071597][ T4876]  do_syscall_64+0x4c/0xa0
[ 2786.076017][ T4876]  ? clear_bhb_loop+0x15/0x70
[ 2786.080716][ T4876]  ? clear_bhb_loop+0x15/0x70
[ 2786.085397][ T4876]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2786.091295][ T4876] RIP: 0033:0x7f3488f8e969
[ 2786.095708][ T4876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2786.115317][ T4876] RSP: 002b:00007f3489ea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2786.123761][ T4876] RAX: ffffffffffffffda RBX: 00007f34891b5fa0 RCX: 00007f3488f8e969
[ 2786.131759][ T4876] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000008
[ 2786.139736][ T4876] RBP: 00007f3489ea2090 R08: 0000000000000000 R09: 0000000000000000
[ 2786.147707][ T4876] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[ 2786.155758][ T4876] R13: 0000000000000000 R14: 00007f34891b5fa0 R15: 00007ffdb1991108
[ 2786.163740][ T4876]  </TASK>
[ 2786.233260][ T2313] usb 3-1: new low-speed USB device number 106 using dummy_hcd
[ 2786.274863][ T2313] usb 3-1: Invalid ep0 maxpacket: 32
[ 2786.280998][ T2313] usb usb3-port1: unable to enumerate USB device
Connection to 10.128.1.34 closed by remote host.
[ 2787.303322][T17771] device bridge_slave_1 left promiscuous mode
[ 2787.309484][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2787.317142][T17771] device bridge_slave_0 left promiscuous mode
[ 2787.323315][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2787.331322][T17771] device veth1_macvtap left promiscuous mode
[ 2787.337416][T17771] device veth0_vlan left promiscuous mode
[ 2787.656790][T17771] tipc: Disabling bearer <udp:syz2>
[ 2787.662115][T17771] tipc: Left network mode
[ 2788.153817][T17771] device bridge_slave_1 left promiscuous mode
[ 2788.159964][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2788.167757][T17771] device bridge_slave_0 left promiscuous mode
[ 2788.174944][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2788.183843][T17771] device bridge_slave_1 left promiscuous mode
[ 2788.189954][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2788.197483][T17771] device bridge_slave_0 left promiscuous mode
[ 2788.203833][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2788.211931][T17771] device bridge_slave_1 left promiscuous mode
[ 2788.218154][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2788.225770][T17771] device bridge_slave_0 left promiscuous mode
[ 2788.231905][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2788.240400][T17771] device bridge_slave_1 left promiscuous mode
[ 2788.246580][T17771] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2788.254130][T17771] device bridge_slave_0 left promiscuous mode
[ 2788.260242][T17771] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2788.268787][T17771] device veth1_macvtap left promiscuous mode
[ 2788.274882][T17771] device veth0_vlan left promiscuous mode
[ 2788.281086][T17771] device veth1_macvtap left promiscuous mode
[ 2788.287146][T17771] device veth0_vlan left promiscuous mode
[ 2788.293305][T17771] device veth1_macvtap left promiscuous mode
[ 2788.299311][T17771] device veth0_vlan left promiscuous mode
[ 2788.585694][ T4885] kvm: exiting hardware virtualization
[ 2788.592355][ T4885] sd 0:0:1:0: [sda] Synchronizing SCSI cache
[ 2788.599814][ T4885] ACPI: PM: Preparing to enter system sleep state S5
[ 2788.607098][ T4885] reboot: Power down
serialport: VM disconnected.