last executing test programs:

17.316356125s ago: executing program 4 (id=5491):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYRES32=r3, @ANYRES32], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
recvmsg$unix(r5, &(0x7f00000003c0)={&(0x7f0000000240), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/213, 0xd5}, {&(0x7f0000001b00)=""/217, 0xd9}, {0x0}], 0x4}, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x84)
r6 = fsmount(0xffffffffffffffff, 0x1, 0x70)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)
socket$inet(0x2, 0x3, 0x5)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, &(0x7f0000000380)=0xffffffffffffff2c)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x1000000, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r8], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000018dfde1035121000822953050a010902120001000000000904000000855f3000"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000001400)=0x81, 0x4)

16.811546506s ago: executing program 3 (id=5493):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000001c0), 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES8=0x0, @ANYBLOB, @ANYRESHEX])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffc2, &(0x7f0000000280)=0x666)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="a50a0000000000006111540000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80)

15.883773132s ago: executing program 3 (id=5497):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x8010, &(0x7f0000000180)=ANY=[@ANYBLOB='iocharcp857,\x00\x00\x00\x00\x00'], 0x1, 0x14d3, &(0x7f0000001580)="$eJzs3HuYz9XaMPB1r7W+jGnSr0kOw7rX/eWXBsskSQ5JckiSJElySkiaJElIDDklIQk5TpLDEJLDYDDO5/P50GRLkiSnnMJ6L+39PJ6928/led+938cfc3+ua12z7vn+7vu31twz8z1c18zPnYZUb1ijSn0iEv8S+OuHFCFEjBCivxDiDiFEIIQoE18m/vrxXApS/rU3Yf9ez6Xd6hWwW4n7n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3H/GsrOt0wrcySP7Dn7+n53x+T974/5nb9z/7I37n71x/7M37n/2xv3P3rj/2Rv3n7Hs7FY/f+Zxa8et/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY9XPQ3aCHEf8xv9boYY4wxxhhjjDH27+Nz3uoVMMYYY4wxxhhj7P8/EFIooUUgcoicIkbkErHiNhEnbhe5xR0iIu4U8eIukUfcLfKKfCK/KCASREFRSBiBwgoSoSgsioiouEcUFfeKRFFMFBclhBMlRZK4T5QS94vS4gFRRjwoyoqHRDlRXlQQFcXDopJ4RFQWj4oq4jFRVVQT1UUN8bioKZ4QtcSTorZ4StQRT4u64hlRTzwr6ovnRAPxvGgoXhCNxIuisWgimopmovn/U/67opt4T3QXPUSK6Cl6ifdFb9FH9BX9RH/xgRggPhQDxUdikBgshoiPxVDxiRgmPhXDxQgxUnwmRonRYowYK8aJ8SJVfC4miC/ERPGlmCQmiyliqkgT08R08ZWYIWaKWeJrMVt8I+aIuWKemC/SxQKxUCwSGWKxWCKWikyxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvETrFL7BZ7xF6xT+wXB8RB8a3IEt/9X+Zf+If8ziBAgAQJGjTkgBwQAzEQC7EQB3GQG3JDBCIQD/GQB/JAXsgL+SE/JEACFIJCgIBAQFAYCkMUolAUikIiJEJxKA4OHCRBEpSC+6E0lIYyUAbKQlkoB+WhPFSEilAJKkFlqAxVoApUhapQHarD4/A4PAG1oBbUhtpQB+pAXagL9aAe1If60AAaQENoCI2gETSGxtAUmkJzaA4toAW0hJbQGlpDG2gDbaEtJEMytIN20B7aQwfoAB2hI3SCTtAZukAXeBfehffgPegBVWVP6AW9oDf0hr7QD/rBBzAAPoQP4SMYBINhCHwMH8MnMAzOw3AYASNhJFSSo2EMjAWS4yEVUmECTICJMBEmwWSYDFMhDabBdJgOM2AmzISvYTZ8A9/AXJgL8yEd0mEhLIIMyIAlcAEyYRkshxWwElbBSlgDa2ENrIcNsB42wSbYAltgG2yDHbADdsEu2AN7YB/sgwNwAAZBFmTBITgEh+EwHIEjcBSOwjE4BsfhOJyAE3ASTsIpOA1n4DScg3NwHi7ARbgIl+EyXIErcA2uXf/hl9dpqWUOmUPGyBgZK2NlnIyTuWVuGZERGS/jZR6ZR+aVeWV+mV8myARZSBaSKFGSDGVhWVhGZVQWlUVlokyUxWVx6aSTSTJJlpKlZGlZWpaRD8qy8iFZTpaXrVxFWVFWkq1dZfmorCKryKqymqwua8gasqasKWvJWrK2rC3ryDqyrnxG1pM9oS88J693pqEcDI3kEGgsm8imspn8BF6SLeQwaClbydbyFTkChkNb2cIly9dlOzkG2ss35Vh4S3aU46GTfEd2ll1kV/mu7CZbuu6yh5wEPWUvORV6yz6yr+wnZ0A1eb1j1eVHcpAcLIfIj+V8+EQOk5/K4XKEHCk/k6PkaDlGjpXj5HiZKj+XE+QXcqL8Uk6Sk+UUOVWmyWlyuvxKzpAz5Sz5tZwtv5Fz5Fw5T86X6XKBXCgXyQy5WC6RS2WmXCaXyxVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq9wmt8sdcqfcJXfLPXKv3Cf3ywPyoPxWZsnv5CH5F3lYfi+PyB/kUfmjPCZ/ksflz/KE/EWelL/KU/K0PCPPynPyN3leXpAX5SV5Wf4ur8ir8pr0UihQUimlVaByqJwqRuVSseo2FaduV7nVHSqi7lTx6i6VR92t8qp8Kr8qoBJUQVVIGYXKKlKhKqyKqKi6RxVV96pEVUwVVyWUUyVVkrpPlVL3q9LqAVVGPajKqodUOVVeVVAV1cOqknpEVVaPqirqMVVVVVPVVQ31uKqpnlC11JOqtnpK1VFPq7rqGVVPPavqq+dUA/W8aqheUI3Ui6qxaqKaqmaquXpJtVAvq5aqlWqtXlFt1KuqrXpNJavXVTv1hmqv3lQd1Fuqo3pbdVLvqM6qi+qqrqpryqvuqodKUT1VL/W+6q36qL6qn+qvPlAD1IdqoPpIDVKD1RD1sRqqPlHD1KdquBqhRqrP1Cg1Wo1RY9U4NV6lqs/VBPWFmqi+VJPUZDVFTVVpaprq+7dKs/4H+V/8k/yBf7z7FrVVbVPb1Q61U+1Su9UetVftVfvVfnVQHVRZKksdUofUYXVYHVFH1FF1VB1Tx9RxdVydUCfUSXVSnVKn1SV1Vp1Tv6nz6oK6oC6py+qyuvK3r4HQoKVWWutA59A5dYzOpWP1bTpO365z6zt0RN+p4/VdOo++W+fV+XR+XUAn6IK6kDYatdWkQ11YF9FRfY8uqu/VibqYLq5LaKdL6iR937+cf7P1NdfNdQvdQrfULXVr3Vq30W10W91WJ+tk3U630+11e91Bd9AddUfdSXfSnXVn3VV31d10N91dd9cpOkX30u/r3rqP7qv76f76Az1AD9AD9UA9SA/SQ/QQPVQP1cP0MD1cD9cj9Ug9So/SY/QYPU6P06k6VU/QE/REPVFP0pP0FD1Fp+k0PV1P1zP0DD1Lz9Kz9Ww9R8/R8/Q8na7T9UK9UGfoDL1EL9GZepleplfoFXqVXqXX6DV6nV6nN+gNepPepDP1Vr1Vb9fb9U69U+/Wu/VevVfv1/v1QX1QZ+ksfUgf0of1YX1EH9FH9VF9TB/Tx/VxfUKf0Cf1SX1Kn9Jn9Bl9Tp/T5/V5fVFf1Jf1ZX1FX9HX9LXrl32BDGSgAx3kCHIEMUFMEBvEBnFBXJA7yB1EgkgQH8QHeYK7g7xBviB/UCBICAoGhQITYGADCsKgcFAkiAb3BEWDe4PEoFhQPCgRuKBkkBTcF5QK7g9KBw8EZYIHg7LBQ0G5oHxQIagYPBxUCh4JKgePBlWCx4KqQbWgelAjeDyoGTwR1AqeDGoHTwV1gqeDusEzQb3g2aB+8FzQIHg+aBi8EDQKXgwaB02CpkGzoPm/tb735/O97LqbHibF9DS9zPumt+lj+pp+pr/5wAwwH5qB5iMzyAw2Q8zHZqj5xAwzn5rhZoQZaT4zo8xoM8aMNePMeJNqPjcTzBdmovnSTDKTzRQz1aSZaWa6+crMMDPNLPO1mW2+MXPMXDPPzDfpZoFZaBaZDLPYLDFLTaZZZpabFWalWWVWmzVmrVln1psNZqPZZDabLWar2Wa2mx1mp9lldps9Zq/ZZ/abA+ag+dZkme/MIfMXc9h8b46YH8xR86M5Zn4yx83P5oT5xZw0v5pT5rQ5Y86ac+Y3c95cMBfNJXPZ/G6umKvmmvHXL+6vn95Ro8YcmANjMAZjMRbjMA5zY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIryMkLIyFMYpRLIpFMRETsTgWR4cOkzAJS2EpLI2lsQyWwbJYFsthOayAFfBhfBgfwUfwUXwUH8PHsBpWwxpYA2tiTayFtbA21sY6WAfrYl2sh/WwPtbHBtgAG2JDbISNsDE2xqbYFJtjc2yBLbAltsTW2BrbYBtsi20xGZOxHbbD9tgeO2AH7IgdsRN2ws7YGbtiV+yG3bA7dscUTMFe2At7Y2/si32xP/bHATgAB+JAHISDcAgOwaE4FIfhMByOI3AkfoajcDSOwbE4DsdjKqbiBJyAE3EiTsJJOAWnYBqm4XScjjNwBs7CWTgbZ+McnIPzcB6mYzouxIWYgRm4BJdgJmbiclyOK3ElrsbVuBbX4npcjxtxI27GzbgVt+J23I47cSfuxt24F/fiftyPB/EgZmEWHsJDeBgP4xE8gkfxKB7DY3gcj+MJPIEn8SSewlN4Bs/gOTyH5/E8XsSLeBl/xyt4Fa+hxxiby8ba22ycvd3mtnfYf4zz2wI2wRa0hayxeW2+v4vRWptoi9nitoR1tqRNsvf9KS5ny9sKtqJ92Fayj9jKf4pr2idsLfukrW2fsjXs438X17FP27r2BVvPvmjr2ya2gW1mG9oXbCP7om1sm9imtpltY1+1be1rNtm+btvZN/4UL7SL7Fq7zq63G+x+e8BetJfscfuzvWx/t91tD9vffmAH2A/tQPuRHWQH/ykeaT+zo+xoO8aOtePs+D/FU+xUm2an2en2KzvDzvxTnG4X2Nk2w86xc+08O/+P+PqaMuxiu8QutZl2mV1uV9iVdpVdbdf851pX2E12s91i99p9drvdYXfaXXa33fNHfH0fB+23Nst+Z4/Zn+xh+709Yk/Yo/bHP+Lr+zthf7En7a/2lD1tz9iz9pz9zZ63F/7Y//W9n7VX7TXrrSAgSYo0BZSDclIM5aJYuo3i6HbKTXdQhO6keLqL8tDdlJfyUX4qQAlUkAqRISRLRCEVpiIUpXuoKN1LiVSMilMJclSSkug+KkX3U2l6gMrQg1SWHqJyVJ4qUEV6mCrRI1SZHqUq9BhVpWpUnWrQ41STnqBa9CTVpqeoDj1NdekZqkfPUn16jhrQ89SQXqBG9CI1pibUlJpRc3qJWtDL1JJaUWt6hdrQq9SWXqNkep3a0RvUnt6kDvQWdaS3qRO9Q52pC3Wld6kbvUfdqQelUE/qRe9Tb+pDfakf9acPaAB9SAPpIxpEg2kIfUxD6RMaRp/ScBpBI+kzGkWjaQyNpXE0nlLpc5pAX9BE+pIm0WSaQlMpjabRdPqKZtBMmkVf02z6hubQXJpH8ymdFtBCWkQZtJiW0FLKpGW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO2kW7aQ/tpX20nw7QQfqWsug7OkR/ocP0PR2hH+go/UjH6Cc6Tj/TCfqFTtKvdIpO0xk6S+foNzpPF+giXaLL9Dtdoat0jTyJEEIZqlCHQZgjzBnGhLnC2PC2MC68Pcwd3hFGwjvD+PCuME94d5g3zBfmDwuECWHBsFBoQgxtSGEYFg6LhNHwnrBoeG+YGBYLi4clQheWDJPC+8JS4f1h6fCBsEz4YFg2fCgsF5YPK4QVw4fDSuEjYeXw0bBK+FhYNawWVg9rhI+HNcMnwlrhk2Ht8KmwdPh0WDd8JqwXPhvWD58LG4TPhw3DF8JG4Yth47BJ2DRsFjYPXwpbhC+HLcNWYevwlbBN+GrYNnwtTA5fD9uFb9z0eErYM+wVvh++H3r/pJoXnR9Njy6ILowuimZEF0eXRJdGM6PLosujK6Iro6uiq6Nromuj66LroxuiG6ObopujW6Le18gpHDjplNMucDlcThfjcrlYd5uLc7e73O4OF3F3unh3l8vj7nZ5XT6X3xVwCa6gK+SMQ2cdudAVdkVc1N3jirp7XaIr5oq7Es65ki7JNXPNXXPXwr3sWrpWrrV7xb3iXnWvutfca+5118694dq7N10H95br6N52b7t3XGfXxXV177pu7j3X3fVwKS7F9XK9XG/X2/V1fV1/198NcAPcQDfQDXKD3BA3xA11Q90wN8wNd8PdSDfSjXKj3Bg3xo1z41yqS3UT3AQ30U10k9wkN8VNcWkuzU13090MN8PNcrPcbDfbzXFz3Dw3z6W7dLfQLXQZLsMtcUtcpst0y91yt9KtdKvdarfWrXXr3Xq30W10m91mt9VtddvddrfT7XS73W631+11+91+d9AddFkuyx1yh9xhd9gdcT+4o+5Hd8z95I67n90J94s76X51p9xpd8addefcb+68u+AuukvusvvdXXFX3TXnXWrk88iEyBeRiZEvI5MikyNTIlMjaZFpkemRryIzIjMjsyJfR2ZHvonMicyNzIvMj6RHFkQWRhZFMiKLI0siSyOZkWWR5ZEVkZWRVRHvC24PfWFfxEf9Pb6ov9cn+mK+uC/hnS/pk/x9vpS/35f2D/gy/kFf1j/ky/nyvoJ/0Tf2TXxT38w39y/5Fv5l39K38q39K76Nf9W39a/5ZP+6b+ff8O39m76Df8t39G/7Tv4d39l38V39u76bf8939z18iu/pe/n3fW/fx/f1/Xx//4Ef4D/0A/1HfpAf7If4j/1Q/4kf5j/1w/0IP9J/5kf50X6MH+vH+fE+1X/uJ/gv/ET/pZ/kJ/spfqpP89P8dP+Vn+Fn+ln+az/bf+Pn+Ll+np/v0/0Cv9Av8hl+sV/il/pMv8wv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/c7/E6/y+/2e/xev8/v9wf8Qf+tz/Lf+UP+L/6w/94f8T/4o/5Hf8z/5I/7n/0J/4s/6X/1p/xpf8af9ef8b/68v+Av+kv+sv/dX/FX/TX+mzXGGGOMsf8RdZPjPf/J5+TfxnW9hBC37yhw9B9rbsz713kfmdAmIoR4vUen5/5jVK2akpLyt9dmKhEUmSuEiNzIzyFuxMtEa/GqSBatRKl/ur4+sstlukn96INCxP6XnBhxI75R//7/pv7o2TetP1eIxCI3cnKJG/GN+qX/m/r5Wtykfq7vU4Vo+V9y4sSN+Eb9JPGyeEMk/90rGWOMMcYYY4yxv+ojK3S42f3t9fvzBH0jJ6e4Ed/s/pwxxhhjjDHGGGO33ltdur72UnJyqw484QlPePKfk1v9m4kxxhhjjDH273bjov9Wr4QxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu+/jf+ndit3iNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2q/2fAAAA//+uBTVz")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
open(&(0x7f0000000140)='./bus\x00', 0x400, 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x60)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
close(r4)
open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl0\x00', 0x0})
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

14.956961217s ago: executing program 3 (id=5502):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000080)=0x45d0f620, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="3400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468"], 0x34}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab5600000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004000)={&(0x7f0000000600)=@newtaction={0x84, 0x30, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1100}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ff}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)

14.907053431s ago: executing program 3 (id=5504):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x5, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, &(0x7f0000048000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000110000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c000280080004000000000008"], 0x4c}}, 0x0)

14.249687044s ago: executing program 4 (id=5506):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d40)={{}, &(0x7f0000000400), &(0x7f0000000980)}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010000104000000000005000000180000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964"], 0x44}}, 0x0)

13.775458132s ago: executing program 3 (id=5508):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x331, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180))
close(r1)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r3, &(0x7f00000001c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x17, 0x5, &(0x7f0000000380)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0xa, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, r3}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000005c0))
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)='}', 0x1}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private0, @in6=@remote, 0x4e23, 0xfffc, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@loopback}}, 0xe8)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))

12.94077155s ago: executing program 4 (id=5511):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0xff030000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

12.915882792s ago: executing program 1 (id=5512):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000280)="3f033608260812002c001e0089e9aa000000ce2f2a3ca60915f1bfb5f796c4391638b4283335993041acd72fef3bff77fa76b0bfac7a0e5a70f70ea7f26cbaec66af44c918195a804dfb069490b65dea25e8410329016d70461898488b34d8f8240a5516b67e33a05f5f606fa4da26480850cc204c9847292f9aa26d0ef793bfb6590ab4878e992e9f02bd54b98d32e6986bbb1fa823e0e67938294bf8a640bbf23266e55a0ffa0cc5d9d553118ec6d771aab8b3d1bd41c3", 0x5ee, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14)
syz_usb_connect_ath9k(0x3, 0x56, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e402, [{{0x9, 0x2, 0xfffffffffffffc3f, 0x1, 0x1, 0x0, 0x80, 0xfa, {{0x9, 0x4, 0x0, 0x0, 0x6, 0xff, 0x0, 0x0, 0x0, "", {{0x3}}}}}}]}}, 0x7fe782539b0b)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000001000080"])

12.915442022s ago: executing program 4 (id=5513):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x404c815)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x9)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x6, &(0x7f0000000000)={0x12, {{0x29, 0x0, 0x4000000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x88)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x10}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095000000000000000cfaa5462e9e73e6e7595941c7b604f17f7647bcb073235aaefa9ac81f49519728abd34cb7010c76e1a40bb04e58bf2f014f0598dad3769b97cf768910f8f597cf12e005100ce31d0cfd61dee377d8a655592466c951419c91"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = signalfd(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r8, &(0x7f0000000180), 0x40010)
pipe2(&(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
r11 = openat$random(0xffffffffffffff9c, &(0x7f0000000280), 0x606101, 0x0)
splice(r11, 0x0, r10, 0x0, 0xff, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x214e, &(0x7f0000000180)=ANY=[@ANYBLOB="1800593e00000100000000001d00fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0xfffffffe, '\x00', 0x0, r9, 0x5, 0x2, 0xfffffffe}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x10, &(0x7f0000000900)=ANY=[@ANYBLOB="0010448c3fa616594c91797ccd2892f246ffb4c467edf288e6a24b3e86c3e1a8f66b36f86efa57f7cc86ac23a68dceda633e295c39d06fdfe68ad47585c866eb6d2882ca5069da83854d3dae957669d397598e9c43d0de516795979094a1e1ccc567327030d12a51f354c325bfc07c93320bafdaaa89661e5780fd998275a7d7d17b09388030e21990776e3f9a71cac4ca2a91d8ff56ec39d63bc09497ab21d81206759f87bab5af20e8fcfd893406da7f6c8a662a6c8aa5ebe6c6897ee373c5a64099bd7c59e6652191cd7b2ea7c3e0db67549d394c8fba3f4f2d0b9b3133a080869cc52a", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000000b990a0007000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x5, 0x4, &(0x7f0000000340)=""/4, 0x41100, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x4, 0xd, 0x0, 0xf953}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000640), &(0x7f0000000680)=[{0x4, 0x5, 0x1, 0x7}, {0x4, 0x2, 0x2, 0x9}, {0x2, 0x3, 0xc, 0x6}, {0x4, 0x5, 0x0, 0x5}, {0x4, 0x3, 0x9, 0x6}, {0x1, 0x3, 0xf, 0x9}, {0x1000002, 0x5, 0xe, 0x9}, {0x0, 0x5, 0xf, 0x5}, {0x8, 0x4, 0x1, 0xc}, {0x3, 0x2, 0xa, 0x8}], 0x10, 0x9}, 0x90)

11.95467234s ago: executing program 4 (id=5519):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x268, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdbffffff}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000200)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @timestamp], 0x7)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0x40)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0x24}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r2, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b", 0x17a, 0x805, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='br_fdb_add\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYBLOB], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)

10.958939211s ago: executing program 3 (id=5522):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x901006, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='writeback_bdi_register\x00', r3}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x200000000000000, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

10.749340018s ago: executing program 1 (id=5523):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1506, &(0x7f0000001b00)="$eJzs3AvYTdX2MPAx5pyLl6Sd5D7HHIudXkyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnfo9P5Oud0/v++8//3fZ7v/47f86xnz7HXGnPNucf7vnvN9T57f9NhSOW6VSrUZmb4b8G/PnQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3snEX+uh6Zf7RGIq0nqn7ZJ/dM2qX/aJvVP26T+aZvUP22T+qdtUn8h0rLtM3JeL1va3eT+f1om7///gxwtPPaLjYVv7PhvpEj90zapf9om9U/bpP5pm9Q/bZP6p21S/7RN6i9EWvZfv3cs/zv4n7Bd7Z8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBpw4XwGwMAf2tf7XEJIYQQQgghhBDizxPSX+0RCCGEEEIIIYQQ4v8+BAUaDESQDtJDCmSAjHANZIJrITNcBwm4HrLADZAVboRskB1yQE7IBbkhD1ggcMAQQ17IB0m4CfLDzZAKBaAgFAIPhaEIFIVicAsUh1uhBNwGJeF2KAWloQyUhTugHNwJ5eEuqAB3Q0WoBJWhCtwDVeFeqAb3QXW4H2rAA1ATHoRa8BeoDQ9BHXgY6sIjUA8ehfrQABpCI2j8X8p/AbrAi9AVukF36AE9oRf0hj7QF/pBf3gJBsDLMBBegUEwGIbAqzAUXoNh8DoMhxG/vGKjYDSMgbEwDsbDBHgTJsJbMAnehskwBabCNJgOM2AmvAOzYDbMgXdhLrwH82A+LICFsAjeh8WwBJbCB7AMPoTlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+3wEeyAnbALdsMe2Av74GPYD5/AAfgUDsJn/2b++X/K74iAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMhjkwB+bCXJgH8yAhISNjXsyLSUxifsyPqZiKBbEgevRYBItgMbwFi2NxLIElsCSWxFJYGktjWSyL5bAclsfyWAErYEWsiJWxMt6D9+C9WA2rYXWsjjWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbEhNsbG2ASbYFNsis2xObbAFtgKW2FrbI1tsA22xbbYDtthe2yPHbADdsRO2AlfwBfwRXwRu2FF1QN7Yk/sjb2xL/bDfvgSDsCX8WV8BQfhYByCr+Kr+BoOw3M4HEfgSByJ5dRoHINjkdV4nIATcCJOxEk4CSfjFJyC03A6zsCZOBNn4Wycje/iXHwP38P5OB8X4iJchItxCS7FpbgMz+NyXIErcRWuxjW4GtfhelyHG3ETbsQtuAW34Tb8CD/CnbgTd+Nu3IsGAD/GT/ATHIQH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxJJ7C03gGT+NZPIvn8DxewAt4ES/iJXwu11d19hbYMAjUFUYZlU6lUykqRWVUGVUmlUllVplVQiVUFpVFZVVZVTaVTeVQOVQulUvlUXkUKVKsYpVX5VVJlVT5VX6VqlJVQVVQeeVVEVVEFVPFVHFVXJVQt6mS6nZVSpVWzXxZVVaVU819eXWXqqAqqIqqkqqsqqgqqqqqqqqpaqq6qq5qqBqqpnpQ1VI9sC8+pK5Upq4ajPXUEKyvGqiGqpF6DR9TTdQwbKqaqebqCTUCh2Mr1cS3Vk+pNmoMtlXPqLH4rGqvxmMH9bzqqDqpzuoF1UU19V1VNzUZe6ieahr2Vn1UX9VPzcJK6krFKqtX1CA1WA1Rr6qF+Joapl5Xw9UINVK9oUap0WqMGqvGqfFqgnpTTVRvqUnqbTVZTVFT1TQ1Xc1QM9U7apaareaod9Vc9Z6ap+arBWqhWqTeV4vVErVUfaCWqQ/VcrVCrVSr1Gq1Rq1V69R6tUFtVJvUZrVFbVXb1Hb1kdqhdqpdarfao/aqfepjtV99og6oT9VB9Zk6pD5Xh9UX6oj6Uh1VX6lj6mt1XH2jTqhv1Un1nTqlTqsz6nt1Vv2gzqnz6oL6UV1UP6lL6md1WQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frFN1AV1QF9JeF9ZFdFFdTN+ii+tbdQl9my6pb9eldGldRpfVd+hy+k5dXt+lK+i7dUVdSVfWVfQ9uqq+V1fT9+nq+n5dQz+ga+oHdS39F11bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hW+pW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9SddGf9s76sg+6qu+nuuofuqXvp3rqP7qv76f76JT1Av6wH6lf0ID1YD9Gv6qH6NT1Mv66H6xF6pH5Dj9Kj9Rg9Vo/T4/UE/aaeqN/Sk/TberKeoqfqaXq6nqH7/trTnP+D/Lf+Rf7AX86+TW/XH+kdeqfepXfrPXqv3qf36f16vz6gD+iD+qA+pA/pw/qwPqKP6KP6qD6mj+nj+rg+oU/ok/qkPqVP6x/19/qs/kGf0+f1ef2jvqgv6ku/vgZg0CijjTGRSWfSmxSTwWQ015hM5lqT2VxnEuZ6k8XcYLKaG002k93kMDlNLpPb5DHWkHGGTWzymnwmaW7CXy8oTEFTyHhT2BQxRf+dfJPf3GxSTYF/yP+j8TU2jU0T08Q0NU1Nc9PctDAtTCvTyrQ2rU0b08a0NW1NO9POtDftTQfTwXQ0HU1n09l0MV1MV9PVdDfdTU/Ty/Q2fUxf08/0Ny+ZAWaAGWgGmkFmkBlihpihZqgZZoaZ4Wa4GWlGmlFmlBljxphxZpyZYCaYiWaimWQmmclmsplqpprpZrqZaWaaWWaWmWPmmLlmrpln5pkFZoFZZBaZxWaxWWqWmmVmmVluVpgVZpVZZdaYNWadWWc2mA1mk9lktpgtZrnZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDllTpkz5ow5a86ac+acuWAumIvmorlkLpnL5vKVy75IRSoykYnSRemilCglyhhljDJFmaLMUeYoESWiLFGWKGt0Y5Qtyh7liHJGuaLcUZ7IRhS5iKM4yhvli5LRTVH+6OYoNSoQFYwKRT4qHBWJikbFolui4tGtUYnotqhkdHtUKiodlYnKRndE5aI7o/LRXVGF6O6oYlQpqhxVie6Jqkb3RtWi+6Lq0f1RjeiBqGb0YFQr+ktUO3ooqhM9HNWNHonqRY9G9aMGUcOoUdT4T+0/hHPZH/ddbTfb3fawPW0v29v2sX1tP9vfvmQH2JftQPuKHWQH2yH2VTvUvmaH2dftcDvCjrRv2FF2tB1jx9pxdrydYN+0E+1bdpJ92062U+xUO81OtzPsTPuOnWVn2zn2XTvXvmfn2fl2gV1oF9n37WK7xC61H9hl9kO73K6wK+0qu9qusWvtOrvebrAb7Sa72W6xW+02u91+ZHfYnXaX3W332L12n/3Y7ref2AP2U3vQfmYP2c/tYfuFPWK/tEftV/aY/doet9/YE/Zbe9J+Z0/Z0/aM/d6etT/Yc/a8vWB/tBftT/aS/dletuHKxf2Vt3cyZCgdpaMUSqGMlJEyUSbKTJkpQQnKQlkoK2WlbJSNclAOykW5KA/loSuYmPJSXkpSkvJTfkqlVCpIBcmTpyJUhIpRMSpOxakElaCSVJJKUSkqQ2XoDrqD7qQ76S66i+6mu6kSVaIqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9ag+1aeG1JAaU2NqQk2oKTWl5tScWlALakWtqDW1pjbUhtpSW2pH7ag9tacO1IE6UkfqTJ2pC3WhrtSVulN36kk9qTf1pr7Ul/pTfxpAA2ggDaRBNIiG0BAaSkNpGA2j4TSCRtIbNIpG0xgaS+NoPE2gCTSRJtIkmkSTaTJNpak0nabTTJpJs2gWzaE5NJfm0jyaRwtoAS2iRbSYFtNSWkrLaBktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSDdtAu2kV7aA/to320n/bTATpAB+kgHaJDAQHoCB2ho3SUjtExOk7H6QSdoJN0kk7RKTpDZ+gsnaVzdI4u0AW6SD/RJfqZLlOgFJfBZXTXuEzuWpfZXef+Oc7hcrpcLrfL46zL5rL/Q0zOuVRXwBX82xLTFXWpKVceCznvCrsirqgr5Uq7Mq6su8OVc3e68r+Lq7p7XTV3n6vu7ndV3D3/ENdwD7ia7hFXyz3qarsGro5r5Oq6R1w996ir7xq4hq6Ra+FaulbuSdfaPeXauKd/Fy92S9x6t8FtdJvcfveJu+B+dMfdN+6i+8l1dd1cf/eSG+BedgPdK26QG/y7eKR7w41yo90YN9aNc+N/F09109x0N8PNdO+4WW727+JF7n031y1189x8t8At/CW+Mqal7gO3zH3olrsVbqVb5Va7NW6tW/e/x7rKbXFb3Ta3z33sdridbpfb7fa4vb/EV+ZxwH3qDrrP3DH3tTvsvnBH3Al31H31S3xlfifct+6k+86dcqfdGfe9O+t+cOfc+SvzD1fm/r372V12wQEjK9ZsOOJ0nJ5TOANn5Gs4E1/Lmfk6TvD1nIVv4Kx8I2fj7JyDc3Iuzs152DKxY+aY83I+TvJNnJ9v5lQuwAW5EHsuzEW4KBfjW7g438ol+DYuybdzKS7NZbgs38Hl+E4uz3dxBb6bK3IlrsxV+B6uyvdyNb6Pq/P9XIMf4Jr8INfiv3Btfojr8MNclx/hevwo1+cG3JAbcWN+jJvw49yUm3FzfoJbcEtuxU9ya36K2/DT3Jaf4Xb8LLfn57gDP88duRN35he4C7/IXbkbd+ce3JN7cW/uw325H/fnl3gAv8wD+RUexIN5CL/KQ/k1Hsav83AewSP5DR7Fo3kMj+VxPJ4n8Js8kd/iSfw2T+YpPJWn8XSewTP5HZ7Fs3kOv8tz+T2ex/N5AS/kRfw+L+YlvJQ/4GX8IS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+ePeAfv5F28m/fwXt7HH/N+zvDrL9xnfIg/58P8BR/hL/kof8XH+Gs+zt/wCf6WT/J3fIpP8xn+ns/yD3yOz/MF/pEv8k98iX/myxwYYoxVrGMTR3G6OH2cEmeIM8bXxJnia+PM8XVxIr4+zhLfEGeNb4yzxdnjHHHOOFecO84T25hiF3Mcx3njfHEyvinOH98cp8YF4oJxodjHheMicdG4WHxLXDy+NS4R3xaXjG+PS8Wl40fuLxvfEZeL74zLx3fFFeK744pxpbhyXCW+J64a3xtXi++Lq8f3x8XjB+Ka8YMx/Pp5lTrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuEbeMW8VPxq3jp+I28dN/uL973CPuGfeKe8Uh3KcXJBcmFyXfTy5OLkkuTX6QXJb8MLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5uSW5NbktGUKV9ODRK6+98ZFP59P7FJ/BZ/TX+Ez+Wp/ZX+cT/nqfxd/gs/obfTaf3efwOX0un9vn8daTd5597PP6fD7pb/L5/c0+1RfwBX0h731hX8Q38o19Y9/EP+6b+ma+uX/CP+Fb+pb+Sf+kf8q38U/7tv4Z384/69v75/xz/nnf0Xfynf0Lvot/0Xf13Xx339339D19b9/b9/V9fX/f3w/wA/xAP9AP8oP8ED/ED/VD/TA/zA/3w/1IP9KP8qP8GD/Gj/Pj/AQ/wU/0E/0kP8lHADDVT/XT/XQ/08/0s/wsP8fP8XNT5/p5fp5f4Bf4RX6RX+wX+6V+qV/ml/nlfrlf6Vf61X61X+vX+vV+vd/oN/rNfrPf6rf67X673+F3+F1+l9/j9/h9fp/f7/f7A/6AP+gP+kP+kD/sD/sj/kt/1H/lj/mv/XH/jT/hv/Un/Xf+lD/tz/jv/Vn/gz/nz/sL/kd/0f/kL/mf/WUf/ITEm4mJibcSkxJvJyYnpiSmJqYlpidmJGYm3knMSsxOzEm8m5ibeC8xLzE/sSCxMLEo8X5icWJJYmnig8SyxIeJ5YkViZWJVYnViTUGQu4dccgb8oVkuCnkDzeH1FAgFAyFgg+FQ5FQNBQLt4Ti4dZQItwWSobbQ6lQOpQJj4b6oUFoGBqFxuGx0CQ8HpqGZqF5eCK0CC1Dq/BkaB2eCm3C06FteCa0C8+G9uG50CE8HzqGTqFzeCF0CS+GrqFb6B56hJ6hV+gd+oS+oV/oH14KA8LLYWB4JQwKg8OQ8GoYGl4Lw8LrYXgYEUaGN8KoMDqMCWPDuDA+TAhvhonhrTApvB0mhylhapgWpocZYWZ4J8wKs8Oc8G6YG94L88L8sCAsDIvC+2FxWBKWhg/CsvBhWB5WhJVhVVgd1oS1YV1YHzaEjWFT2By2hK1hW9gePgo7ws6wK+wOe8LesC98HPaHT8KB8Gk4GD4Lh8Ln4XD4IhwJX4aj4atwLHwdjodvwonwbTgZvgunwulwJnwfzoYfwrlwPlwIP4aL4adwKfwcLv+bn1mr9OfdQBdCCCGE+P9Krz/Y3+NfPGcAQP3a/imEcO3OnEf/fr8GgM3Z/truo3K1SADAU906PPS3rWLF7t27/3rscg1RvvkAkPinE/war4Dm0BJaQzMo9i/H10d1ush/0H/yNoCMf5eTAr/Fv/X/+X/Q/2NPjFxcMr6Q5T/pfz5Aar7fcq6swv8Wr4DmV2YDzaD4f9B/9iZ/MP4MX0wAaPp3OZkAoGmGfx5/EXgcnobW/3CkEEIIIYQQQgjxV31UmXZ/tH6+sj7PZX7LSQ+/xX+0PhdCCCGEEEIIIcTV92ynzk8+1rp1s3bSkIY00lij5X9yzNX+yySEEEIIIYT4s/120f/bcxmu5oCEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQog06P/FN41d7TkKIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQV9v/CgAA//+LZDZM")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="9f639e5c75a5d0f32e9ec00758eefc1767a051730f2b4d82dcbe840059b11f9b803377cdfc1644"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(0xffffffffffffffff, &(0x7f0000000dc0)=[{{&(0x7f0000000300)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e20, @loopback}, 0x3, 0x3, 0x4, 0x3}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000380)="643529611c942d6a3c943d4dd8acf993536d52c1ecca7ceab549ce47e88360cbca96a03c7e6dfe25524d2fb1692ae0040339f6f88581da810bdf4ae66576823920ea57e2554fc6c5007cefbe978e122034abe0e411bb77f01e19d9c22ce32b3aca040bed899a8c8cfef112f8faa3cf5190eb511cbfee85495967360b5e8565f3fdc5b06e05d3e62be10063cce9253628113d95dea08a4c6e478008f73b491424db1acd", 0xa3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000800)="b00346136f0d523a09abcc59b11236c987dea31c28d86c9e27e20e6bceb3cf63da04e1d0fb145bd9e1a0fa5829033a5e29dd5ecfdc88b3403bcfe30f5a4408f7ce5948da6f9aee0f1492d374c5ac0c3b083e850a05522f15dd6488d8383ee8bfe921673ee79b572c4d2990a3f8a186e81a7f0b8175cf4d40bc138c4d7e19f0d72ac0f82abed032be8a6d8698c9e8da3578676d6f6d7c6bfe07cd10bc9251fb7b8217f7b10415ff9c197f6cabcecac4d3829892a3987e66f78ddd8629568ace87c6c65ee8776797560c22995d2afda6cd616309452e14dd8e063ca311221991a38659f068d98ce7", 0xe7}, {0x0}, {&(0x7f0000000900)="dcf5b8c7c0bd0f9dd17a889cbf385eee3ec9b3b3", 0x14}, {&(0x7f0000000940)="43379f67c2fc4642fde04e03bff3c9f987844ab51d5f884e2d32b6015cb1798d9664a13b02d2cf2f382dfb8ae47c5649b62627c93c686c9885335bf725cbc3fd7c445de9e347944f2b6e0769067255a302d1933562237373aa06e20da86481235e20b44d0b65c98355528e4186d98fd5c5c5432ec1e984f5", 0x78}], 0x5}}], 0x2, 0x24088080)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socket(0x21, 0x802, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r6}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

9.24236458s ago: executing program 1 (id=5528):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
dup(0xffffffffffffffff)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000000)={0x18}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000006f03000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0}, 0x50)

9.11556716s ago: executing program 0 (id=5529):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000080), 0x1, 0x53a, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82desEeoAKSIFCQFF2400bVb00uYBQVQlRcUAcUmNvLJPdrPGuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IBixQjATSopkdu1t7XW/j9S71fj7SaObN23nf9+LMvJm39rwAxtZzEbETEdMR8UZEzBf7k2KJO50l+9yjve2l/b3tpSTa7df/nuT52b7oOibzZFHmbER846sR30mOx21ubj1YrNWq60W63KqvlZubWzdW64sr1ZXqw0rl9sLtmy/derEysLZerf9y9yurr37zN7/+9Lu/3/nyD7JqzRV53e0YpE7Tpw7jZCYj4tXzCDYCE8V6esT14PGkEfGxiPhcfv7Px0T+vxMAuMja7floz3enAYCLLs3HwJK0VIwFzEWalkqdMbxn4lJaazRb1+83Nh4ud8bKLsdUen+1Vr15ZeaP38vvGKaSLL2Q5+X5ebpyJH0rIq5ExI9nnsjTpaVGbXl0tz0AMNaePNL//2um0//3oce3egDAR8bsqCsAAAyd/h8Axo/+HwDGTx/9f/Fl/8651wUAGA7P/wAwfvT/ADB+9P8AMFa+/tpr2dLeL95/vfzm5saDxps3lqvNB6X6xlJpqbG+VlppNFbyd/bUTyuv1misLbwQG2+VW9Vmq9zc3LpXb2w8bN3L3+t9rzo1lFYBAB/kytV3/pBExM7LT+RLdM3loK+Giy0ddQWAkZkYdQWAkTHbF4yv/p/xf3eu9QBGp+fLvGd7br7fTz9EEL9nBP9Xrn2y//F/czzDxWL8H8bX443/vzLwegDDZ/wfxle7nRyd83/6MAsAuJDO8Dv+7R8O6iYEGKnTJvMeyPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHMRcR3I0lLxVzgc5GmpVLEUxFxOaaS+6u16s2IeDquRsTUTJZeGHWlAYAzSv+aFPN/XZt/fu5o7nTy75l8HRHf/9nrP3lrsdVaX8j2/+Nw/8zB9GGV9447w7yCAECfnuvzc3n/XSnWXQ/yj/a2lw6W7s+nA67nUbt347/FVMRL+3vb+dLJmYzJfD2b30tc+mdSpDtzkT4bERMDiL/zdkR8olf7k3xs5HIx82l3/ChiPzXU+On74qd5Xmed3Xx9fAB1gXHzzt2IuNPr/EuLa2rv8382v0Kd3e7dTmEH1779rvgH17+JHvGTD3HN333ht187trM938l7O+LZyV7xk8P4yQnxn+8z/p8+9ZkfvXJCXvvnEdeid/zuWOVWfa3c3Ny6sVpfXKmuVB9WKrcXbt986daLlXI+Rl0+GKk+7m8vX3/6pLpl7b90QvzZnu2fPjz2C322/xf/eePbn/2A+F/6fO+f/zM943dkfeIX+4y/eOlXJ07fncVfPqH9p/38r/cZ/92/bC33+VEAYAiam1sPFmu16vqZNrKn0EGUc2wjq+JACzxl488xyALvnO3wqfP6Vz33jcnDe8XBlvytrMQhNycdeCvOtPGosxHnHmu01yXg/L130o+6JgAAAAAAAAAAAAAAwEmG8adLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//91qMwl")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
geteuid()
pipe2$9p(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000400"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
getsockopt$sock_buf(r6, 0x1, 0x1c, 0x0, &(0x7f00000001c0))
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])

8.151002028s ago: executing program 0 (id=5530):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000000000000000080fafffffffdffffff0000000000000a00000000000000000000000000000000000000000001000040"])

8.149908479s ago: executing program 1 (id=5531):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x20000004, 0xd}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x218, 0x130, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@dev, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 'vlan1\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
unshare(0x22000400)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x6, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0, 0x3f00, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1f000000}, @generic={0xcc}, @map_fd={0x18, 0x0, 0x1, 0x0, r5}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xfdcb, &(0x7f0000000340)=""/238}, 0x80)

8.033352218s ago: executing program 0 (id=5533):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(0x0, 0x10201, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x0, 0x2, 0x1000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x1e, 0x0, @thr={&(0x7f0000000380), &(0x7f00000004c0)="b55bc3d37c1e33c63fe5f2f7e2b5e3a8952d04962652e391d1bab8a61ca208a76e569f4eab6f69b218c583ca28746fbf7cb35383f6c6b0abd60d16cce022fd7e99"}}, &(0x7f00000002c0))
timer_gettime(0x0, &(0x7f0000000400))
poll(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$TUNSETLINK(r5, 0x400454cd, 0x304)

8.032217098s ago: executing program 4 (id=5534):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x0, 0x4, 0x6}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x4, 0x0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x0, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e00010069703665727370616e0000000800028004001200050011"], 0x44}}, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
getpgid(0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x7)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @func_proto, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}, @array={0x0, 0x0, 0x0, 0x3, 0x2500, {0x3, 0x3}}]}}, &(0x7f0000000140)=""/240, 0x56, 0xf0, 0x1}, 0x20)

6.969855984s ago: executing program 0 (id=5536):
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x0, 0x1000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x14}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

6.968515605s ago: executing program 1 (id=5537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
syz_open_procfs(0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x18}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r6}, 0x48)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r7, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r8 = getgid()
keyctl$chown(0x4, 0x0, 0x0, r8)
r9 = socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000280)='./file1\x00', &(0x7f0000000300)='./file0/../file0\x00', &(0x7f00000003c0), 0x0, &(0x7f00000008c0)={[{@rlog_wakeup_cnt}]})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps_rollup\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x4000, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff0000000c0000000000000000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bca75fdc7accc038baafb8c2ab7a5293a3617fc6d0e1c4bf27815d1aac9532398f44b1eff1ab542be4f565be25e18ed496a00636417e9070defedfae05bc5ecb6a94f81f344e7dafaa368a62132d0a6aada1aac5", @ANYBLOB="78729e49fd11833b6d76a8e78d95b0d51e7b905d0000001fa9f4ff0a2bc7d47eafe7ae7d54ecbcdf1815a96af82df49059e25854d9d9afccb8aae3896cdce1982d7eb2da85d447a7ebffc740b7925da0bcf2030290c95004f0623b0c5e195aab0ff266a9b53c6dd3d77f8f48b067a60c121237150581a5dfcbf0074395"], 0x40}}, 0x0)

5.929806489s ago: executing program 0 (id=5539):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0xfffffffffffffcb1, &(0x7f0000000240)={&(0x7f00000019c0)=@delchain={0x2c, 0x66, 0xf31}, 0x2c}, 0x1, 0x0, 0x800000000000000}, 0x0)

5.928234879s ago: executing program 1 (id=5540):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getpeername(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000100)=0x80)
sendmsg$nl_route(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)=@delneigh={0x40, 0x1d, 0x1, 0x0, 0x0, {0xa}, [@NDA_FLAGS_EXT={0x8}, @NDA_MASTER={0x8}, @NDA_DST_IPV6={0x14, 0x1, @remote}]}, 0x40}}, 0x0)
r2 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611)
io_setup(0x8, &(0x7f0000000140)=<r3=>0x0)
r4 = eventfd2(0x8e, 0x801)
r5 = socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$vcsu(&(0x7f00000019c0), 0xf, 0x80000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg2\x00', <r8=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x48, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r8}, @WGDEVICE_A_PEERS={0x2c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0xb, @a_g}]}]}]}, 0x48}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000018c0)=[{{&(0x7f00000017c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000700)=[{&(0x7f0000001840)=""/112, 0x70}], 0x1}, 0x5}], 0x1, 0x10142, &(0x7f0000001900)={0x0, 0x3938700})
r9 = eventfd(0x8)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sched_switch\x00', r10}, 0x10)
r11 = syz_open_dev$loop(&(0x7f0000001940), 0x6, 0x60000)
ioctl$BLKIOOPT(r11, 0x1279, &(0x7f0000001980))
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)
r13 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup2(r1, r1)
r14 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000004c0), 0x2, 0x0)
r15 = eventfd(0xf4)
r16 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000600), 0x600, 0x0)
io_submit(r3, 0x7, &(0x7f00000006c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x8, 0x4, r2, &(0x7f0000000180)="32bc19a71c4cd650df83dfbaf741cdc58a94a29059ff490fa0136696809542e711694e18f5dc592cb02201f6310cdbf12c3a96fec5514860aa75294cac13b5fd2db524fb998dd9527e5c2c7d9fa7c1705a961c1b5507a92e292909ad91389d63a813cdcfd92e6255767953ab2b46d920c5a660143fc507c91105e09bc5b59fe4196dbf1d325aacfdb0bdc04927c909a19241b1e0dd1e6ca99c3af741ed7a9a1071348b93f7c3a5dc69d030e659f4bd95d09975ba8ca1283d4d5c71710eac8b4e10565a98ed38ce17ccb9ecf16d24d0ecfd6ccb482120331930ee7eaed8b8b03ef0c2e9a8d603dc65af37c671", 0xec, 0xfffffffffffffffc, 0x0, 0x0, r4}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2, 0x9, r1, &(0x7f00000007c0)="d84187ff3755636d562e0b96f3a38d10a79604e4f3e83d0c5d3ec661ce39e9292b267e392af684fd418313514e92820de49811098351dca8d96214cd496cd869dd6977ea12a2fa0c91c91915f019bf5648481d16fbd1b867364acd3b265b6d622963fc7bc32312a563f96b8b3acd9e1092db4acf2778fd47a415b3a9b1c201a028b7a0b539b8e2fcde002a3db0aa2d3e75e8fea1255dc5e00e83b9808ec416e71323d016717236afcb31309c6c9fa10433a705b0fa653ac9e7726e2a8b2829ec42ee1dfc54d73e4f2690c2ce12b7ecf17c2738b334759f319568e83e92b22003b468b28f3f570d3b31cc7b1f4c0131b930e1973fda294c9b5b5a51791e3104c8712bdd2c2dffe2eb5827b1aaa3cee13d2b1599793e7ccf51a2d890a9484fce90c795a5803d3b83fa2dff519184fb8864bb4d2b5381093728bc018041f8da7eb5cafe3f2e565aa1bc2cb81d0c0e173263fe80f9d0ea5cb19b20f8609aaa3301d0c0966012f254fd698a3741ff48014d9a9cbf62c2cd0c83bc1b8d45179eefcbccc5b6d7e35c00ca7ba3d192525173335b3745d3f5bce2e70b25e8adbb754d0dd55242b7d8d087b23b5a612fe5c767e4dc8d733710dc793b48b5abccf6520b83ba71f3c5370aa662ea86a7bc96f395c9bc2df3cefa1bc181da891ed1b048acc75d2507bb3076da520902c64f42334f48f09d2a223e3168955a97a33e89cbd74f420f8b7a8578a8401854474bbe9eee1e01353c74ff4d601913dad6d68a63530dd20014bd6f7c1ae27e88684a42fa8e3f5da08a1b9de531e199627922e6275afbfdc5dea502597b0cd1728d26b68bb4f2b30ff74e1ce431f1123bb3db147cf56d0aa4868030264dc908c92b8f533e3843a866c47a53fb30605ba851980f39322a79c01bf98cb85109c4402ede93aa21fdb064d6c05b3538a9a3deb89edcbe2add11c4ae30e597b7ef78d53ffd9ed534a4561d6f59b2aa89efe986289d554134ca0e3f8aeffb33ee1e9f41203706c3f01c1696bcc2ecb007ed07ff39506e59f536f274cda908b3fdbd5fdab45b825a75ea3d4524a9e08d3bba608cbb47de074a365b136e4094b16817608cc83fab286ddc82ea143b74eab271278bc372d7e7c7db60f05239c8d68bb040a39da4e8414f4489f939c7f2e41c4c78e771a7dcf51a91f4c5521a5bf5f26c1265dd986fe759132cdf5d1e7f2ca517682cc30745e88f7d63deed247b1bc71d493aed5d7ee35d3299203dffbeacf59f6ce059d5d7a30cc80b3d0c44b88f7f2b8e5bf9e21d0ac196e5c6eb6e7a96f07ac5c5c06fd66d28d6c8aea40417b5d6f4d55cfbc4adf4f18ddc91be7f1a4249520f7135d9a8d1d70564ec7d824c07a7f37a20c727e5568ece66cea14dbc07b6ab392c8638d5f68fbde2cd6ea01fed7a8391d8928ca1e18c506d3847c366ea9b09e2488870d0cf684b3d80fdfd7a68407714c2bca10e45ec26c4cf4b7e1c0decb0cc0b58bf91b7ac284d76af4c461a4d9df8cf4759666db1840854be4d548957663a5e754ded9409ad6a91b4693ecc37254e3f37b4db2b3d0b2f1ee8914bc38a4d03b6a4676447369c23b759e297286dbd6bb07882a5330691b2a052ed71dc34daf71f1077c0d2f03032aedeac7bd88f7427d52b9ccf65e36a689559aa29e970188d077ddf0a7706bf5bc46ceec7f6a2c2ec53ec77fb8b5fdce6c0fdc1e948a6e83088370f41a262fb316211eea6680c511b3a008917e0157f6c2967d17e7d67039bcbb9d7611881078f82c72d050e107aeb680a1ae2f7f43f22b88dc9d557971e6149766f4bccbf9d151c682d5a1dda13de214526460574be68acd9b0a7035729fe3c5f11e24310fa664ebe47b10b2c8cf1ed435f8282d3c3be09389cfc4d07549d3120b6b25ba3a3f8d6fdc6015246b741eeb9f7a8637f47f28f3a95f77a8697b20a8615bb2662981f9d5f7d42b3daead9ccf54f90d123b98638f2cdcc499a95492e2250696d0e668105d91bc3fd8c747d94c4f8b910167a296b75d0919725075c997c0791eaf7d730bbafb49f1c55837e6ba0edc6638a329eb8e2ec1a6d0d0aefb05a315f8b09c3bad4e478ddb065f0231de5b6f29fd5fb1b6f62d09b9c0778327510d82c24a920bd796d1f61fda8f55e94add7e122ae67ce7af042c4f689d540acd7e1870bcebcedc6bda47eac4c6c7b5c0d24633c599b2fd49c8370a46fe98414fbedf71d0bd8abe62f26b74ff6d14ac5644568711277c9089c7b4e68b665b878251855113fb5902da9578a77d1982c30bec2973eac10dc409963b19c5b28ffc95e8ac711aebcc7f08cb4fd38f29b596eab955ba74c26676b1c7c8a2f64a7f6328b87063df9702f358438e819e79264918888bd1af217bb40522ea41a63c6d3f2e1b18dc2bd810bded5b49cc8bd7346934d5833cef627f6194cfb772969593922d20434fdffade9f79b7a14872b79ba67320065651dbc640dc15655118a5c0f3395a688e3cf07a9f91bdea82b102f4e5d11e03d0f8f12b616239708d11635fcdc74b74ee8e20a2b3b68b83966b875292c23d36ce7e7b47cea88a7ed25957df4b26c4fc7c5378bfe41c342eb7cf58b24859e13ce0c9c770112b8aea31e52929d049dc55de979a1f99135a18a5fe3a2cec392080f4a51626e1ef67faf219632e2a39f098e57dcc12d446df4808baf3a4a44f0a48f3bd01769a1a033b85562f0d7b97f8ed96ba1b37526b2cd88b6bb559439910e09da00b87a68d28186ef6e84c484473ae461beeaeeb8075480ebd2a4b48cea89150d09b0104673cd2f23606f7ecda9087e956715c455968faf511443262f7162d657b686e6dcc567c3ae1c74a8ddb89b6e74cc9fc13d298553e18608f1d42c4eb79f5df8731fcaad76ce326dc9ca64a3cb35e7bfcd66cac2b35e5594a19dc93b1bd91a80c20e2782254671a725835e825f76aba289616365575315b89bda695eee9cc153fa60115edef3f52701345dcb38772d5af06f3219ab4b14b0274adb7fe80b50471ce9d3fa981335234ea5a41914de063e292cc3752bfc8d118ff0c70345e7f20b96c9c7de98f075344f4632e7c19a147bfe99c75882ae27adb63bfee8ffebe26bbb11a201363e1c74cdba52e720499090e524c05cf857889ab48247df7990729b2b881bb9f0db13d16e1216b19bc3c9d1a09dfa710521beb9de2a6204b0cbbccf81e1d220bf13f90a75b2b678a0cfc8e6bc6a14ad81aa408006306676b6618b87df146ccd9fb7a859fbd285b910752069d749d467763342790016239872c15cddd91a6142ec1db88fb773a1fd381b8704785e883c0a50c02c0f5884c3e87c320fb04bb8b977e2b025eb3081f141bda46a4d153eba8aef23438413159bdac789e37113063bebc281108c9b022a67ca157c8384a20c6050895e5072791101fb938329b1d3b09bc07982c4fb3f8ec97d72f04c590bb35a8d7c9abaed5900f45e12168eb7476a76d540c4b153015cd1788ddcfcf1b32c6119e1ea3760c3623172abfeaedca3707d8f8a6a3d548bd53655529fdf997c9c45a0165e165eb6a6ec6bdb337241d1b2c6681296725eb83b70527e32f633af5ad77b698e4406c1c052a088424f8eeb9b9def2f04054d6a4ad7754b7a3fe768ecb8725c5de6e55c9ac61a2531af4a16038ad6a3c046a91fa22dd9d721336faa11940060debf29d67854efa26de03dc54cea26c56809c7f3f337b41bf34cd9d00c9bfeeba1f9177e38919fb6178a17c3b588bd5dec0ee9b6e0d1c287574a3bd6ba99415722ae55d71e04814ad88baa07c753d2f8afe2aff5d887ac9e1ce58d162b04b078155c2d592d2a8ad16c505eb8eaa650b57dce18b8917721b80285c0d1f3b68a85680f8cd2e96822c0a9c5cfeb4b3f963d3090dc79d74038b0d52b7252cf6c0ba0195a0557d0bd2961e868a777148dbad565a44846784101e6dacc3a9a5461ee15c8d27146b72753bd39449835e599f4ef374896eee109e3316e670feae4f2268ae3864d2de4da491077025ba159c8cc43ca6ffd96f75e90ecc6ceaabc1c25499081eaa9aed06deaa95802059069248d0bd69175a276481cd65ed8f4eb47f72ba7cb996f3eaa54c33bfb08b9a770c34358e6747fd18fadb1088d605e7e39e8ca365d03328128a22da06071ac7dc2d752d10e964f53103a8b86c23614e7111813fe08076772dd55babb4e689d468e0eb4d66445dd1f9beacef51e828f1842daca933a91e4b39359010529168cfbbcb5379b120312b73ab47d9f432d67dc4c9cc8f58da209ee7bd3d3bcda86ff22ed90e68d64149a93214e3019ad41745ad2a20a548f52fe493ad65417749113a41029a2b3c61cd3cd182fb42fb92af7c496fe7ade27970bf81f53b5e2e04a0b7f68737d91c738122264392ce8ef107ef8e6f9de2b592926a383623ac35e089f5d838437df03e0a3e51f22eb1c9f8cb25f67e48d1b4fdc5235f517d05f25ecc48f88372630ad1904ba151fa03d7be371a55fe21fa03eccd11a98aad3e3b8d7776109108c8b7d0723d4af02794fd3cf1bbd11c2383190386dc8a700dcf96600fc60d238de7c08d0fb5aaa9170ae082838a9e18cf955cf7cc416b03ba0e67f354644a1ff37b6a22347c48455e0584f65ec4695fe0c5a4967db30bbbcff562aee352f301e9578d73c98e2762871f0a1689d2b269e09fbea916ec7beac1f9d6a0bf95f0122578823a70b90c05c8f569d3562065b9bae0ac253efbd353af05ef5891643042d3baa6e0411e33958048a0d529cdaec741496eccc8fe3e08d9a145196879386a1ce43d0a26f9fe58449149098a2f4be719a00b174265a0d72df256137c197f85bd4c564e6cb333fd8483ec735d7a882aec10ab7fa47e8945e301740d784ca6d2c26ea103b63c97929969ab16293938752a00e7527b6f3419aabd251d85f85e19fcd0ec206dae310c4d63ad15beb4458fddfaa15780ea5ae6dcd6cb6c1cfa96d25e4e0ca4e4e54c461442d47deb47f2d6b3595bad4a56f66b2f540c9fce3ae1ee7cf1bf099baeb6b4642c28d3ed54748441d9d7f3eaf753730e3c0583faf2b39db746e41c7b10ab28da13d20fa243b39cbb69219075b9ee9c262b86c29311fbc9337c00ed40a2972b3d9338b5d6562e0cc22c94d78f28cb60c14df100c75896bd20278ab8660b13110a64856c6f1593690f55e96ceebaa75399cbea5a33db31d6024601d85423e8ac2a2995059fc5896723afb5c70deea87f5ba2889d2b5401cff408842c91dab21c1472027becf6ac34c587f1337dfe72cb3ecf5a351bf1618be32a3ee180cd5152db74a5e0438c7696fba1deb143ccffae024fc2796eb747b7e2e8cc4193223c54fab494f27672f8b8cc622ad9b69e6ff9845fc05be3fbd90baf6b39cdda85572e001c910e5b9f571561860545d6262eb4740a8c28a9fa87f26c0266d7a995907a8deece891e991b7333143ea06de614552732173663fc53b718258b560cce0f4c91ab21e5970c61dc9ed8128e905c5e6710a0422c18c96817545fa06e55b68b428fcb548ae379c2774ceec0a1a4d1e5d50ae11545025f27b8d181906a15fac07049039f408aa994fcc6be7b40c4277797a209722669c0086d11da9ff6d5317428c7fc77a25ada1b431962c55d2acfd38bcd699b7af52550b9290282283d6c56b75c87d8e45457e88b2bee31715731a47f5531882209b31233d341e03b6487ca7431feb31fe3f6d223c89e6860b01c682f566eb20d3f1d55cb177d65e1064e20f9632f65f9952c71030c86cda52d1e9ef1db253a26f6a9b943f64db662e417227c2821203ad", 0x1000, 0xff, 0x0, 0x1}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x0, r2, &(0x7f0000000300)="3171073c2c5bd03392e90ae4ae01078eaeede5de1be3d4700c28339742f808d5da9e12c438b55b939898e954f4f7d971779be210b4bb25ffabff8ece0b798c5fbd322031216140486e69bdfd622527672c878d79bcbe36b42a53aeacf488c97dcda89b6b22f2fa0a24576c90d4", 0x6d, 0x5c9c033, 0x0, 0x2}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x9, r2, &(0x7f00000003c0)="db685953fedce98ea3717e7931a45d39918f", 0x12, 0x5c, 0x0, 0x2, r9}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xfffe, r13, &(0x7f0000000440)="d40a4f5c4fefa3fe3c534cbea9a8ee214976d4eb95efd09ee597721e64bc15e8c5e37cbfc197fc1f5a3a088686793fe576272824a41ad5", 0x37, 0x100, 0x0, 0x6}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x5, 0x9, r14, &(0x7f0000000500)="521f2002344a3ec7d13f8ad592ee423412881bdb56d2eb44301a08b662c2841c263557d16d811e4af212a2a1507d5aaf33200cb43f0c8bd78d42a3b45cffd4e12fbcf0597c849a8416fe1bf7c856ba34508f412876cb65482f4a95c6e8abd1cd79fc81b10a0e7fff03c1", 0x6a, 0x10000, 0x0, 0x3, r15}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x3, 0xfffd, r0, &(0x7f00000005c0)="4426ecccf9016fdd6abeea31f20b5b123f6e6005371fa57f7238f0a8", 0x1c, 0x9, 0x0, 0x0, r16}])

5.927757869s ago: executing program 2 (id=5541):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000007b00b67018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
dup2(r2, r2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
get_robust_list(0x0, 0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
write$tun(0xffffffffffffffff, 0x0, 0x46)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000010000104000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)
r9 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000ac4000/0x2000)=nil, 0x2000, 0x100000d, 0x10, r9, 0x0)

4.847576047s ago: executing program 0 (id=5542):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x0, 0xfff, 0x7}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0106000000000000000009000016240004801300010062726f6164636173742d6c696e6b00000c0007800800050002"], 0x38}}, 0x0)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000fdfffff70f4000003000078008110200060000000c0003"], 0x44}}, 0x0)

4.847015506s ago: executing program 2 (id=5543):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@gettclass={0x24, 0x2a, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x4}}}, 0x24}}, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0) (async)
r2 = gettid() (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x1, 0x0, 0x8000}, 0x48) (async)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x10f000, 0x0)
openat(r4, &(0x7f0000000400)='./file0\x00', 0x100, 0x1ab)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES64=r2, @ANYRES32=r3, @ANYRES64=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
getrusage(0x0, 0x0) (async)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x600000000000000) (async)
tkill(r2, 0x0) (async)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10) (async)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="80558a3c3671acdb0100000000000000209665edb3e2787e81714f93bbc34f8dac1a5715fcf972d833d185231407de24d9a483bb2ef29afa3908ac748ed8e8a21fcc9173d60448fe5c6af80c6a9a5a5f91b09921acb33d43989ba4359298f73d8b116f425e203460f202fa2bd70fba38fc"], 0x26}}, 0x0) (async)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000b40)=ANY=[@ANYBLOB="2003810000008101877016e046aa37f10133fbad2a65b1814a15761682b6a645e58800b2fb2e8ae4c5c373c4e69d5da02bfbca862dc6f6d3852326f4abdce861448fa07494322aa05498b7532c48d68dc1ad40a86df36ff42666c8712714e0624e7f6b6b930e09aa5ec8d37e7a7c49e064686834779f67cdbcd598af1d5fa8", @ANYRES8=0x0, @ANYRES64=r5], &(0x7f0000000c00)=ANY=[@ANYBLOB="0003b8000000b803f7e44986826636e5a71a6aa0c0ba137c49ffc2b6eda4b39955989b1c373e48b1467b41037d85f3c3ae88bcc60b8d987ac8371d76185dd3b338d05e7c30d03d826b2e85a2c1dd9ab17240915e8b01b41647453c842032c5231ded66f164c4d1ac3724d0d8212a6136b8eddc2f6fe7fb6ad295f9d513b2a0bd10faf4a6c5e5d52aa5fd5df0649ae820469fb9e35d8909f2292bf7d3f8a34c9d3e3de7785cb2ad6b1e87d33cdd8e60ab237c05899a47b54464774ca81675c09e306ffd4b6837bc3b094417ba83b8d66c8b64444816a2addf5e57780a5ee0d2f5bee718430d9ffa72bf70a7b2d8dda5f7f1aed15f6b60114e2562c6a3913646393ce063471bcd1f13fb1e4eb520f88583"], &(0x7f0000000180)=ANY=[@ANYBLOB="00220e0000000484a41b2fbe864856229ac82a02bb61a8a242bf7aee52"], &(0x7f00000001c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x95c}}}}, &(0x7f00000007c0)={0x2c, &(0x7f00000004c0)=ANY=[@ANYBLOB="400f420000001913d20987ca3b5cd08d275592b8476e26679b166d47d116e2a1b5095e69232c03302ef80a420ba29c9dec532c11139bcbe938e989aad9180280cc6973b417168600"], &(0x7f0000000300)={0x0, 0xa, 0x1}, &(0x7f00000006c0)={0x0, 0x8, 0x1}, &(0x7f0000000700)=ANY=[@ANYBLOB="2001630000000ab0c17fc46900068b35f7c3a5c19a41ba7a06102daccdfeeb6e8b3373ee01f7de8693a695e8df87623bb97252f3e3070a4ff0737c51a05828602d12cf8c6ab05a99ddeda8862eaf62895595efd6445aff223612fc3206bbd0278b37badd0e0f6c38a3"], &(0x7f0000000780)={0x20, 0x3, 0x1}}) (async)
pipe(&(0x7f0000000380)={<r6=>0xffffffffffffffff})
syz_clone3(&(0x7f00000009c0)={0x384000000, &(0x7f0000000800), &(0x7f0000000840), &(0x7f0000000880), {0x3b}, &(0x7f00000008c0)=""/59, 0x3b, &(0x7f0000000900)=""/51, &(0x7f0000000940)=[0x0, r2], 0x2, {r6}}, 0x58)

3.831481879s ago: executing program 2 (id=5544):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x9, 0x114, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x4}, 0x48)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000177ff4), 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$smc(0x0, r4)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x3c1, 0x3, 0x5f0, 0x0, 0xffffff80, 0x178, 0x3b8, 0x178, 0x520, 0x22b, 0x258, 0x520, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x398, 0x3b8, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x1a, 0x64, [{0x0, 0x0, 0x0, 0x28}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}]}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "e22e50439abb066265e088a63e13552b8b2fec412753ac647d17d2ebca69d17a9722bd2f5be411676d5993fb4cc74168209fb9f43b63bab2a88206d7dd8158d916b865d0f713f772c59ad6e6b572e9a6c498fb6459888a281e8c071a9a7229f9fe02cb8e9ba7637a2591a5367c770c87034734be6eda195ce135517efa85da52"}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@ah={{0x30}}, @common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x650)

2.649756065s ago: executing program 2 (id=5545):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x80, &(0x7f0000000200), 0x1, 0x538, &(0x7f0000000700)="$eJzs3U9sHFcZAPBvJnZ2k7p1Cj0AKjSUQkBRdu1NG1W9kJ4qhCoheuSQGntjRdnNRtl1qU0OzpE7EhWc4MQZCSQOSDlxR+LCjUs5IBUaIdVISGw1s+Nkbe/aK//ZTby/nzSaN/Nm53vPo5m3+jaZF8DUuhgRmxFxNiLej4j5Yn9SLHG9t2THffbo/vLWo/vLSXS77/07yeuzfdH3mcxzxTnLEfHDdyJ+nOwK+teI9vrG7aVGo36v2FXtNO9W2+sbV241l1brq/U7tdq1xWsLb159o3ZsfX2l+btPzkXEn/741Y//svmdn2bNmivq+vtxnHpdn30cJzMTEd8/iWATMFv05+xhPnyoD3Gc0oj4QkS8mt//83Emv5o77bxM3x1j6wCAk9Dtzkd3vn97mE/nh9cBAM+SNM+BJWmlyAXMRZpWKr0c3ktxPm202p3LN1trd1Z6ubILMZvevNWoLxS5woe/v/529r1hMa/L65OsvrZr+2pEvBgRPy+dy7cry63GygS/9wDANHtu5/hfjmL8BwBOufKTYmmS7QAAxqc86QYAAGNn/AeA6WP8B4DpY/wHgOlj/AeA6WP8B4Cp8oN3382W7lbx/uuVD9bXbrc+uLJSb9+uNNeWK8ute3crq63Wav7OnuZB52u0WncXX4+1D6udertTba9v3Gi21u50buTv9b5Rnx1LrwCA/bz4ysO/JRGx+da5fIm+9/0fOFa/fNKtA05SOukGABNzZtINACZm72xfwLSQj4fp9f9utxvFe8ALDx6X+l4GOvSfCH00UpjUvKHw9Ln05SPk/4Fn2o78v/nYYaocLv/vuzycBvL/ML263WSfOf8BgNNIjh9IDqjv//1/odu3Mdrv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAqzeVLklaKucDnIk0rlYjnI+JCzCY3bzXqCxHxQjFXcLa9GBHmDQKAZ1n6z6SY/+vS/Gtzu2vPlv5bytcR8ZNfvfeLD5c6nXuLEWeTTx/v73xU7K9Nov0AwEG2x+ntcXzbZ4/uL28vB53jwTG255O3e5OLZnG3iqVXMxMz+bocsxGl8/9Jiu2epMhHHNVm1pkvDep/kudGLhQzn+6On8V+fqzx0x3x07yut87+Fl88IM4vj6GtcNo8zJ4/1wfdf2lczNeD7/9y/oQ6uu3n39ae51/6+Pl3ZkD87J6/OGqM1//8vT07u/O9ugcRX5mJ2No+ed/zZyb6JoYeEP+1EeP//eWvvTqsrvvriEsxqP/JjljVTvNutb2+ceVWc2m1vlq/U6tdW7y28ObVN2rVPEdd3c5U7/Wvty6/MCx+1v/zQ+L3rnw5jz/o7//NEfv/m/+9/6Ov7xP/298YfP1f2if+bER8a8T4S+f/UB5Wl8VfGdL/mX3iZ/sujxj/439srIx4KAAwBu31jdtLjUb93pEKm1mhvO8x6RFDjFpIIjZPOMSTQum3P3vn4INLY2vPIQsxrOrM09LCU1MoPR3NGKEw6ScTcNKe3PSTbgkAAAAAAAAAAAAAADDMOP470aT7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn1eQAAAP//5LPV4w==")

1.327466722s ago: executing program 2 (id=5546):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xf974a457bb636ff6}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xda, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd604f3fc400a40000fe8000000000000000000000000000aaff0200000000000000000000000000010010"], 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'erspan0\x00', &(0x7f00000002c0)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x2, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@rand_addr=0x64010102, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x5, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @ra={0x94, 0x4}, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
getsockopt$bt_BT_VOICE(r6, 0x112, 0xb, 0x0, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r7 = dup(r3)
r8 = openat$cgroup_devices(r7, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r8, 0x40e, &(0x7f00000003c0)=0x2)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r9, 0xae9a)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 2 (id=5547):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(0x0, 0x10201, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x0, 0x2, 0x1000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x1e, 0x0, @thr={&(0x7f0000000380), &(0x7f00000004c0)="b55bc3d37c1e33c63fe5f2f7e2b5e3a8952d04962652e391d1bab8a61ca208a76e569f4eab6f69b218c583ca28746fbf7cb35383f6c6b0abd60d16cce022fd7e99"}}, &(0x7f00000002c0))
timer_gettime(0x0, &(0x7f0000000400))
poll(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$TUNSETLINK(r5, 0x400454cd, 0x304)

kernel console output (not intermixed with test programs):

 to 7
[  816.867131][  T354] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  816.886854][  T354] usb 5-1: New USB device found, idVendor=056a, idProduct=00b1, bcdDevice= 0.00
[  816.904171][  T354] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  816.987279][  T354] usb 5-1: config 0 descriptor??
[  817.038965][T19025] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5268'.
[  817.047907][T19025] tipc: Cannot configure node identity twice
[  817.228894][   T24] audit: type=1400 audit(1073.214:5063): avc:  denied  { setcheckreqprot } for  pid=19004 comm="syz.4.5262" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  817.297334][T11494] usbhid 4-1:0.0: can't add hid device: -71
[  817.303255][T11494] usbhid: probe of 4-1:0.0 failed with error -71
[  817.315258][T19031] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  817.333508][T19031] EXT4-fs error (device loop2): __ext4_iget:4958: inode #11: block 1: comm syz.2.5271: invalid block
[  817.334569][T11494] usb 4-1: USB disconnect, device number 6
[  817.354520][T19031] EXT4-fs (loop2): Remounting filesystem read-only
[  817.364532][T19031] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5271: couldn't read orphan inode 11 (err -117)
[  817.387035][T19031] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,errors=continue,max_dir_size_kb=0x0000000000000009,data_err=abort,errors=remount-ro,noinit_itable,mblk_io_submit,i_version,acl,
[  817.458651][  T354] wacom 0003:056A:00B1.00C8: unknown main item tag 0x0
[  817.510839][  T354] wacom 0003:056A:00B1.00C8: Unknown device_type for 'HID 056a:00b1'. Assuming pen.
[  817.675218][  T354] wacom 0003:056A:00B1.00C8: hidraw0: USB HID v0.00 Device [HID 056a:00b1] on usb-dummy_hcd.4-1/input0
[  817.754480][  T354] input: Wacom Intuos3 6x8 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00B1.00C8/input/input65
[  817.932035][  T354] usb 5-1: USB disconnect, device number 54
[  818.125231][T19057] 9pnet: Insufficient options for proto=fd
[  818.594120][T19065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5282'.
[  818.627017][T19068] syz.2.5281[19068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.627143][T19068] syz.2.5281[19068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.655130][T19068] 9pnet: Insufficient options for proto=fd
[  818.781753][T19072] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  818.788821][T19072] IPv6: NLM_F_CREATE should be set when creating new route
[  818.988966][T19079] syz.3.5286[19079] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.989022][T19079] syz.3.5286[19079] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  819.307154][  T354] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  819.357312][ T4926] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  819.667419][ T4926] usb 1-1: Using ep0 maxpacket: 32
[  819.720333][T19057] F2FS-fs (loop1): Test dummy encryption mode enabled
[  819.751141][T19057] F2FS-fs (loop1): Found nat_bits in checkpoint
[  819.794401][T19057] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  819.817299][ T4926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  819.829186][ T4926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  819.839342][ T4926] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  819.848796][ T4926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.867890][ T4926] usb 1-1: config 0 descriptor??
[  819.927425][T11494] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  819.935356][ T4926] hub 1-1:0.0: USB hub found
[  819.987286][  T354] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  820.003976][  T354] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.022523][  T354] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  820.031816][  T354] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.045018][  T354] usb 4-1: config 0 descriptor??
[  820.297215][ T4926] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  820.299287][T19081] udc-core: couldn't find an available UDC or it's busy
[  820.327162][T19081] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  820.337441][T11494] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  820.353422][T11494] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.373477][T11494] usb 5-1: New USB device found, idVendor=056a, idProduct=00b1, bcdDevice= 0.00
[  820.384884][T19097] netlink: 168 bytes leftover after parsing attributes in process `syz.1.5290'.
[  820.393924][T11494] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.406323][T11494] usb 5-1: config 0 descriptor??
[  820.537221][  T354] usbhid 4-1:0.0: can't add hid device: -71
[  820.543139][  T354] usbhid: probe of 4-1:0.0 failed with error -71
[  820.550508][  T354] usb 4-1: USB disconnect, device number 7
[  820.737151][ T4897] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  820.888687][T11494] wacom 0003:056A:00B1.00C9: unknown main item tag 0x0
[  820.899106][T11494] wacom 0003:056A:00B1.00C9: Unknown device_type for 'HID 056a:00b1'. Assuming pen.
[  820.915006][T11494] wacom 0003:056A:00B1.00C9: hidraw0: USB HID v0.00 Device [HID 056a:00b1] on usb-dummy_hcd.4-1/input0
[  820.935731][T11494] input: Wacom Intuos3 6x8 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00B1.00C9/input/input68
[  820.949229][T15775] tipc: Left network mode
[  820.977411][T14956] handle_bad_sector: 7258 callbacks suppressed
[  820.977427][T14956] attempt to access beyond end of device
[  820.977427][T14956] loop0: rw=524288, want=57352, limit=40427
[  820.997402][T14956] attempt to access beyond end of device
[  820.997402][T14956] loop0: rw=0, want=57352, limit=40427
[  821.034767][T14956] attempt to access beyond end of device
[  821.034767][T14956] loop0: rw=524288, want=57352, limit=40427
[  821.067423][T14956] attempt to access beyond end of device
[  821.067423][T14956] loop0: rw=0, want=57352, limit=40427
[  821.079208][T14956] attempt to access beyond end of device
[  821.079208][T14956] loop0: rw=524288, want=57352, limit=40427
[  821.091748][T14956] attempt to access beyond end of device
[  821.091748][T14956] loop0: rw=0, want=57352, limit=40427
[  821.098845][ T4898] usb 5-1: USB disconnect, device number 55
[  821.103586][T14956] attempt to access beyond end of device
[  821.103586][T14956] loop0: rw=524288, want=57352, limit=40427
[  821.108356][ T4897] usb 2-1: config 239 has too many interfaces: 35, using maximum allowed: 32
[  821.120099][T14956] attempt to access beyond end of device
[  821.120099][T14956] loop0: rw=0, want=57352, limit=40427
[  821.141073][T14956] attempt to access beyond end of device
[  821.141073][T14956] loop0: rw=524288, want=57352, limit=40427
[  821.146506][ T4897] usb 2-1: config 239 has an invalid descriptor of length 137, skipping remainder of the config
[  821.152480][T14956] attempt to access beyond end of device
[  821.152480][T14956] loop0: rw=0, want=57352, limit=40427
[  821.193086][ T4897] usb 2-1: config 239 has 0 interfaces, different from the descriptor's value: 35
[  821.228831][T19112] bridge0: port 1(bridge_slave_0) entered blocking state
[  821.246423][T19112] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.258610][T19112] device bridge_slave_0 entered promiscuous mode
[  821.275089][T19112] bridge0: port 2(bridge_slave_1) entered blocking state
[  821.287234][ T4897] usb 2-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  821.296175][T19112] bridge0: port 2(bridge_slave_1) entered disabled state
[  821.306042][ T4897] usb 2-1: New USB device strings: Mfr=129, Product=0, SerialNumber=0
[  821.317820][T19112] device bridge_slave_1 entered promiscuous mode
[  821.326957][ T4897] usb 2-1: Manufacturer: syz
[  821.415063][T19112] bridge0: port 2(bridge_slave_1) entered blocking state
[  821.421958][T19112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  821.429053][T19112] bridge0: port 1(bridge_slave_0) entered blocking state
[  821.435798][T19112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  821.471793][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  821.480810][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.488422][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[  821.509325][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  821.517919][ T4898] bridge0: port 1(bridge_slave_0) entered blocking state
[  821.524769][ T4898] bridge0: port 1(bridge_slave_0) entered forwarding state
[  821.533032][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  821.541301][ T4898] bridge0: port 2(bridge_slave_1) entered blocking state
[  821.548182][ T4898] bridge0: port 2(bridge_slave_1) entered forwarding state
[  821.571952][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  821.588217][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  821.602262][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  821.615408][T19112] device veth0_vlan entered promiscuous mode
[  821.624023][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  821.632999][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  821.640989][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  821.655604][T19112] device veth1_macvtap entered promiscuous mode
[  821.663297][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  821.698959][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  821.756776][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  821.778356][T19118] 9pnet: Insufficient options for proto=fd
[  821.789793][T15775] device bridge_slave_1 left promiscuous mode
[  821.796044][T15775] bridge0: port 2(bridge_slave_1) entered disabled state
[  821.803681][T15775] device bridge_slave_0 left promiscuous mode
[  821.809887][T15775] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.826340][T15775] device veth1_macvtap left promiscuous mode
[  821.832348][T15775] device veth0_vlan left promiscuous mode
[  821.858714][ T4897] usb 2-1: USB disconnect, device number 12
[  822.337347][  T354] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  822.435946][T19132] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5298'.
[  822.536946][T19134] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  822.887233][   T24] audit: type=1400 audit(1078.794:5064): avc:  denied  { getopt } for  pid=19133 comm="syz.1.5299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  822.987228][  T354] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  823.002210][  T354] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.017501][   T26] INFO: task kworker/u4:3:345 blocked for more than 146 seconds.
[  823.036653][  T354] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  823.038538][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  823.054588][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  823.063188][   T26] task:kworker/u4:3    state:D stack:    0 pid:  345 ppid:     2 flags:0x00004000
[  823.068393][  T354] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.072550][   T26] Workqueue: writeback wb_workfn (flush-7:0)
[  823.086084][   T26] Call Trace:
[  823.089306][   T26]  __schedule+0xbe6/0x1330
[  823.093554][   T26]  ? release_firmware_map_entry+0x192/0x192
[  823.099354][   T26]  ? __kasan_check_write+0x14/0x20
[  823.104217][   T26]  ? kthread_data+0x53/0xc0
[  823.108692][  T354] usb 4-1: config 0 descriptor??
[  823.113610][   T26]  ? wq_worker_sleeping+0x63/0x200
[  823.118653][   T26]  schedule+0x13d/0x1d0
[  823.122665][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  823.135510][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  823.157202][ T4926] usbhid 1-1:0.0: can't add hid device: -71
[  823.164023][ T4926] usbhid: probe of 1-1:0.0 failed with error -71
[  823.182516][T19144] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5300'.
[  823.202974][   T26]  ? f2fs_inode_chksum_verify+0xd6/0x4a0
[  823.237911][   T26]  ? read_node_page+0x3b4/0x690
[  823.271104][ T4926] usb 1-1: USB disconnect, device number 27
[  823.341487][   T26]  ? f2fs_ra_node_page+0x190/0x250
[  823.357226][   T26]  ? __kasan_check_write+0x14/0x20
[  823.362176][   T26]  down_write+0x146/0x150
[  823.366342][   T26]  ? down_read_killable+0x220/0x220
[  823.380688][   T26]  ? has_not_enough_free_secs+0x416/0x930
[  823.386250][   T26]  f2fs_balance_fs+0x32d/0x3f0
[  823.397154][   T26]  ? f2fs_commit_inmem_pages+0xdb0/0xdb0
[  823.402628][   T26]  ? __kasan_check_write+0x14/0x20
[  823.417140][   T26]  ? f2fs_put_page+0x131/0x1b0
[  823.421744][   T26]  ? f2fs_update_inode_page+0x13d/0x170
[  823.427473][   T26]  ? f2fs_write_inode+0x506/0x5d0
[  823.432322][   T26]  f2fs_write_inode+0x553/0x5d0
[  823.437019][   T26]  __writeback_single_inode+0x4fa/0xac0
[  823.458464][   T26]  writeback_sb_inodes+0x99c/0x16b0
[  823.463517][   T26]  ? copy_user_enhanced_fast_string+0x27/0x40
[  823.469475][   T26]  ? queue_io+0x520/0x520
[  823.473709][   T26]  ? __kasan_check_write+0x14/0x20
[  823.478675][   T26]  ? down_read_trylock+0x179/0x1d0
[  823.489331][   T26]  ? queue_io+0x3d3/0x520
[  823.493621][   T26]  wb_writeback+0x4b7/0xc60
[  823.507154][   T26]  ? wb_io_lists_depopulated+0x180/0x180
[  823.512621][   T26]  ? do_softirq_own_stack+0x6c/0x80
[  823.527330][   T26]  ? cpumask_next+0x23/0x30
[  823.531757][   T26]  wb_workfn+0xb3d/0x1110
[  823.535926][   T26]  ? inode_wait_for_writeback+0x280/0x280
[  823.541565][   T26]  ? __switch_to_asm+0x34/0x60
[  823.546244][   T26]  ? __kasan_check_read+0x11/0x20
[  823.557130][   T26]  ? read_word_at_a_time+0x12/0x20
[  823.562061][   T26]  ? strscpy+0x9c/0x260
[  823.566058][   T26]  process_one_work+0x6dc/0xbd0
[  823.570805][   T26]  worker_thread+0xaea/0x1510
[  823.575421][   T26]  kthread+0x34b/0x3d0
[  823.579645][   T26]  ? worker_clr_flags+0x180/0x180
[  823.584490][   T26]  ? kthread_blkcg+0xd0/0xd0
[  823.588969][   T26]  ret_from_fork+0x1f/0x30
[  823.593696][   T26] INFO: task syz.0.4074:14955 blocked for more than 167 seconds.
[  823.602149][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  823.611437][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  823.620619][   T26] task:syz.0.4074      state:D stack:    0 pid:14955 ppid: 14851 flags:0x00004004
[  823.630003][   T26] Call Trace:
[  823.633156][   T26]  __schedule+0xbe6/0x1330
[  823.637662][   T26]  ? release_firmware_map_entry+0x192/0x192
[  823.643535][   T26]  ? __kasan_check_write+0x14/0x20
[  823.649133][   T26]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  823.654208][   T26]  ? _raw_spin_lock_irqsave+0x210/0x210
[  823.660028][   T26]  schedule+0x13d/0x1d0
[  823.664047][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  823.676853][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  823.687791][   T26]  ? avc_has_perm_noaudit+0x240/0x240
[  823.699229][   T26]  ? memset+0x35/0x40
[  823.706141][   T26]  ? __fsnotify_parent+0x4b9/0x6c0
[  823.711490][   T26]  down_write+0x146/0x150
[  823.715762][   T26]  ? down_read_killable+0x220/0x220
[  823.721042][   T26]  ? dentry_needs_remove_privs+0xbf/0x100
[  823.726696][   T26]  do_truncate+0x1de/0x2d0
[  823.730376][T19124] F2FS-fs (loop2): Test dummy encryption mode enabled
[  823.731275][   T26]  ? page_reporting_drain+0x1e0/0x1e0
[  823.743018][   T26]  path_openat+0x298d/0x3000
[  823.747853][   T26]  ? kmem_cache_alloc+0x168/0x2e0
[  823.752744][   T26]  ? do_syscall_64+0x34/0x70
[  823.757608][   T26]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  823.766534][   T26]  ? do_filp_open+0x460/0x460
[  823.771379][   T26]  do_filp_open+0x21c/0x460
[  823.775699][   T26]  ? vfs_tmpfile+0x2b0/0x2b0
[  823.780921][   T26]  ? get_unused_fd_flags+0x94/0xa0
[  823.785964][   T26]  do_sys_openat2+0x13f/0x6f0
[  823.787953][T19124] F2FS-fs (loop2): Invalid segment type: 8, segno: 1
[  823.790677][   T26]  ? kern_path_create+0x40/0x40
[  823.796869][T19124] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[  823.809697][   T26]  ? do_sys_open+0x220/0x220
[  823.815859][   T26]  __x64_sys_open+0x221/0x270
[  823.820689][   T26]  ? do_sys_openat2+0x6f0/0x6f0
[  823.825353][   T26]  ? __kasan_check_read+0x11/0x20
[  823.831446][  T354] arvo 0003:1E7D:30D4.00CA: unknown main item tag 0x0
[  823.840111][   T26]  do_syscall_64+0x34/0x70
[  823.844349][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  823.850495][  T354] arvo 0003:1E7D:30D4.00CA: unknown main item tag 0x0
[  823.860142][  T354] arvo 0003:1E7D:30D4.00CA: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0
[  823.871053][   T26] RIP: 0033:0x7feadf896bd9
[  823.875278][   T26] RSP: 002b:00007feadeb18048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  823.884043][   T26] RAX: ffffffffffffffda RBX: 00007feadfa24f60 RCX: 00007feadf896bd9
[  823.892011][   T26] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 00000000200029c0
[  823.900358][   T26] RBP: 00007feadf905aa1 R08: 0000000000000000 R09: 0000000000000000
[  823.908334][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  823.916233][   T26] R13: 000000000000000b R14: 00007feadfa24f60 R15: 00007ffd2d98db98
[  823.924413][   T26] NMI backtrace for cpu 0
[  823.928698][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  823.939600][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  823.949490][   T26] Call Trace:
[  823.952629][   T26]  dump_stack_lvl+0x1e2/0x24b
[  823.957139][   T26]  ? panic+0x812/0x812
[  823.961045][   T26]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  823.966337][   T26]  ? rcu_read_unlock_special+0xd8/0x4c0
[  823.971722][   T26]  ? sched_show_task+0x363/0x540
[  823.976490][   T26]  ? __rcu_read_unlock+0x90/0x90
[  823.981277][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  823.987166][   T26]  dump_stack+0x15/0x17
[  823.991168][   T26]  nmi_trigger_cpumask_backtrace+0x2b5/0x300
[  823.996974][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  824.002883][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  824.008607][   T26]  watchdog+0xe5d/0xfd0
[  824.012603][   T26]  ? hungtask_pm_notify+0x50/0x50
[  824.017463][   T26]  ? __kasan_check_read+0x11/0x20
[  824.022320][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  824.027092][   T26]  kthread+0x34b/0x3d0
[  824.030998][   T26]  ? hungtask_pm_notify+0x50/0x50
[  824.035857][   T26]  ? kthread_blkcg+0xd0/0xd0
[  824.040288][   T26]  ret_from_fork+0x1f/0x30
[  824.044636][   T26] Sending NMI from CPU 0 to CPUs 1:
[  824.050513][    C1] NMI backtrace for cpu 1
[  824.050522][    C1] CPU: 1 PID: 14956 Comm: syz.0.4074 Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  824.050529][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  824.050534][    C1] RIP: 0010:do_garbage_collect+0x1d6b/0x6dd0
[  824.050546][    C1] Code: 08 84 c0 0f 85 1f 23 00 00 44 0f af 22 89 df 44 89 e6 e8 28 50 52 ff 44 39 e3 0f 84 73 45 00 00 e8 9a 4e 52 ff 44 8b 64 24 20 <48> b8 00 00 00 00 00 fc ff df 48 8b 4c 24 70 80 3c 01 00 48 8b 5c
[  824.050551][    C1] RSP: 0018:ffffc900010f6d40 EFLAGS: 00000293
[  824.050561][    C1] RAX: ffffffff82185be6 RBX: 0000000000000001 RCX: ffff88811e8c3b40
[  824.050567][    C1] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000001
[  824.050572][    C1] RBP: ffffc900010f7370 R08: ffffffff82185bd8 R09: ffffc900010f7280
[  824.050577][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  824.050583][    C1] R13: ffff888121263e48 R14: 1ffff11023a20435 R15: 1ffff11023a20435
[  824.050589][    C1] FS:  00007feadeaf76c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  824.050594][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  824.050599][    C1] CR2: 00005642015d4000 CR3: 0000000120e76000 CR4: 00000000003526a0
[  824.050604][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  824.050610][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  824.050613][    C1] Call Trace:
[  824.050615][    C1]  <NMI>
[  824.050619][    C1]  ? show_regs+0x58/0x60
[  824.050623][    C1]  ? nmi_cpu_backtrace+0x133/0x160
[  824.050627][    C1]  ? do_garbage_collect+0x1d6b/0x6dd0
[  824.050631][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  824.050635][    C1]  ? nmi_handle+0xa8/0x280
[  824.050639][    C1]  ? do_garbage_collect+0x1d6b/0x6dd0
[  824.050643][    C1]  ? default_do_nmi+0x69/0x160
[  824.050646][    C1]  ? exc_nmi+0xad/0x100
[  824.050650][    C1]  ? end_repeat_nmi+0x16/0x31
[  824.050654][    C1]  ? do_garbage_collect+0x1d58/0x6dd0
[  824.050659][    C1]  ? do_garbage_collect+0x1d66/0x6dd0
[  824.050663][    C1]  ? do_garbage_collect+0x1d6b/0x6dd0
[  824.050667][    C1]  ? do_garbage_collect+0x1d6b/0x6dd0
[  824.050671][    C1]  ? do_garbage_collect+0x1d6b/0x6dd0
[  824.050674][    C1]  </NMI>
[  824.050678][    C1]  ? __switch_to_asm+0x34/0x60
[  824.050682][    C1]  ? __kasan_check_write+0x14/0x20
[  824.050686][    C1]  ? has_not_enough_free_secs+0x950/0x950
[  824.050690][    C1]  ? _raw_spin_unlock_irq+0x4e/0x70
[  824.050694][    C1]  ? preempt_schedule_notrace+0x140/0x140
[  824.050698][    C1]  ? preempt_schedule_irq+0xe7/0x140
[  824.050702][    C1]  ? set_page_private_gcing+0x130/0x130
[  824.050706][    C1]  ? irqentry_exit+0x4f/0x60
[  824.050710][    C1]  ? sysvec_reschedule_ipi+0x83/0x160
[  824.050714][    C1]  ? __kasan_check_write+0x14/0x20
[  824.050718][    C1]  f2fs_gc+0xa86/0x1db0
[  824.050722][    C1]  ? f2fs_start_bidx_of_node+0x370/0x370
[  824.050726][    C1]  ? __kasan_check_write+0x14/0x20
[  824.050730][    C1]  ? down_read_killable+0x220/0x220
[  824.050734][    C1]  ? has_not_enough_free_secs+0x416/0x930
[  824.050738][    C1]  f2fs_balance_fs+0x341/0x3f0
[  824.050743][    C1]  ? f2fs_commit_inmem_pages+0xdb0/0xdb0
[  824.050746][    C1]  ? _raw_spin_unlock+0x4d/0x70
[  824.050750][    C1]  f2fs_map_blocks+0x2b9e/0x3e50
[  824.050754][    C1]  ? f2fs_do_map_lock+0x280/0x280
[  824.050758][    C1]  ? __kasan_check_write+0x14/0x20
[  824.050762][    C1]  expand_inode_data+0x682/0xc10
[  824.050766][    C1]  ? f2fs_insert_range+0x590/0x590
[  824.050770][    C1]  ? file_update_time+0x34e/0x460
[  824.050774][    C1]  ? file_remove_privs+0x570/0x570
[  824.050778][    C1]  f2fs_fallocate+0x429/0x770
[  824.050782][    C1]  vfs_fallocate+0x492/0x570
[  824.050785][    C1]  do_vfs_ioctl+0x1686/0x1a30
[  824.050789][    C1]  ? ioctl_has_perm+0x3f0/0x560
[  824.050793][    C1]  ? __kasan_check_read+0x11/0x20
[  824.050797][    C1]  ? __x32_compat_sys_ioctl+0x90/0x90
[  824.050801][    C1]  ? has_cap_mac_admin+0x3c0/0x3c0
[  824.050805][    C1]  ? kmem_cache_free+0x1c0/0x1e0
[  824.050809][    C1]  ? sysvec_reschedule_ipi+0x83/0x160
[  824.050813][    C1]  ? selinux_file_ioctl+0x3cc/0x540
[  824.050817][    C1]  ? selinux_file_alloc_security+0x120/0x120
[  824.050820][    C1]  ? __fget_files+0x31e/0x380
[  824.050824][    C1]  ? security_file_ioctl+0x84/0xb0
[  824.050827][    C1]  __se_sys_ioctl+0x99/0x190
[  824.050830][    C1]  __x64_sys_ioctl+0x7b/0x90
[  824.050833][    C1]  do_syscall_64+0x34/0x70
[  824.050837][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  824.050839][    C1] RIP: 0033:0x7feadf896bd9
[  824.050850][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.050853][    C1] RSP: 002b:00007feadeaf7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  824.050861][    C1] RAX: ffffffffffffffda RBX: 00007feadfa25038 RCX: 00007feadf896bd9
[  824.050866][    C1] RDX: 00000000200000c0 RSI: 0000000040305828 RDI: 0000000000000008
[  824.050871][    C1] RBP: 00007feadf905aa1 R08: 0000000000000000 R09: 0000000000000000
[  824.050875][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  824.050880][    C1] R13: 000000000000000b R14: 00007feadfa25038 R15: 00007ffd2d98db98
[  824.782358][   T24] audit: type=1400 audit(1080.764:5065): avc:  denied  { compute_member } for  pid=19172 comm="syz.4.5309" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  824.839124][ T4898] usb 4-1: USB disconnect, device number 8
[  824.875831][   T24] audit: type=1400 audit(1080.764:5066): avc:  denied  { mount } for  pid=19166 comm="syz.1.5307" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  824.898400][   T24] audit: type=1400 audit(1080.824:5067): avc:  denied  { unmount } for  pid=18538 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  825.402621][T19189] bridge0: port 3(gretap0) entered blocking state
[  825.409028][T19189] bridge0: port 3(gretap0) entered disabled state
[  825.417616][T19189] device gretap0 entered promiscuous mode
[  825.423621][T19189] bridge0: port 3(gretap0) entered blocking state
[  825.429866][T19189] bridge0: port 3(gretap0) entered forwarding state
[  825.444239][T19189] xt_CT: You must specify a L4 protocol and not use inversions on it
[  825.463623][   T24] audit: type=1400 audit(1081.384:5068): avc:  denied  { ioctl } for  pid=19183 comm="syz.1.5310" path="socket:[98873]" dev="sockfs" ino=98873 ioctlcmd=0x89a2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  825.772064][T19196] netlink: 220 bytes leftover after parsing attributes in process `syz.3.5314'.
[  825.807193][T19196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5314'.
[  825.857237][T11494] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  825.967279][T11484] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  825.987407][T14956] handle_bad_sector: 4663 callbacks suppressed
[  825.987437][T14956] attempt to access beyond end of device
[  825.987437][T14956] loop0: rw=0, want=57352, limit=40427
[  826.004988][T14956] attempt to access beyond end of device
[  826.004988][T14956] loop0: rw=524288, want=57352, limit=40427
[  826.016833][T14956] attempt to access beyond end of device
[  826.016833][T14956] loop0: rw=0, want=57352, limit=40427
[  826.031834][T14956] attempt to access beyond end of device
[  826.031834][T14956] loop0: rw=524288, want=57352, limit=40427
[  826.043343][T14956] attempt to access beyond end of device
[  826.043343][T14956] loop0: rw=0, want=57352, limit=40427
[  826.057613][T14956] attempt to access beyond end of device
[  826.057613][T14956] loop0: rw=524288, want=57352, limit=40427
[  826.069403][T14956] attempt to access beyond end of device
[  826.069403][T14956] loop0: rw=0, want=57352, limit=40427
[  826.081205][T14956] attempt to access beyond end of device
[  826.081205][T14956] loop0: rw=524288, want=57352, limit=40427
[  826.094807][T14956] attempt to access beyond end of device
[  826.094807][T14956] loop0: rw=0, want=57352, limit=40427
[  826.105993][ T4926] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  826.113620][T11494] usb 5-1: Using ep0 maxpacket: 16
[  826.120262][T19206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19206 comm=syz.1.5319
[  826.120686][T14956] attempt to access beyond end of device
[  826.120686][T14956] loop0: rw=524288, want=57352, limit=40427
[  826.157284][T11494] usb 5-1: too many configurations: 218, using maximum allowed: 8
[  826.182317][   T24] audit: type=1400 audit(1082.164:5069): avc:  denied  { relabelfrom } for  pid=19207 comm="syz.1.5320" name="" dev="pipefs" ino=98953 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  826.223250][   T24] audit: type=1400 audit(1082.164:5070): avc:  denied  { mac_admin } for  pid=19207 comm="syz.1.5320" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  826.271969][   T24] audit: type=1400 audit(1082.164:5071): avc:  denied  { relabelto } for  pid=19207 comm="syz.1.5320" name="" dev="pipefs" ino=98953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:"
[  826.337332][T11494] usb 5-1: unable to read config index 0 descriptor/start: -61
[  826.345000][T11494] usb 5-1: can't read configurations, error -61
[  826.360586][T11484] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  826.375479][T11484] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  826.385964][ T4926] usb 1-1: Using ep0 maxpacket: 8
[  826.391109][T11484] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  826.400643][T11484] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.421752][T11484] usb 3-1: config 0 descriptor??
[  826.507173][T11494] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  826.514959][T19221] netlink: 236 bytes leftover after parsing attributes in process `syz.3.5324'.
[  826.523976][ T4926] usb 1-1: config 135 has an invalid interface number: 230 but max is 0
[  826.532405][ T4926] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  826.537191][ T4898] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  826.546419][ T4926] usb 1-1: config 135 has no interface number 0
[  826.566220][ T4926] usb 1-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  826.777558][ T4926] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  826.796400][ T4926] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.857181][T11494] usb 5-1: Using ep0 maxpacket: 16
[  826.907843][T11494] usb 5-1: too many configurations: 218, using maximum allowed: 8
[  826.926782][ T4926] usb 1-1: Product: syz
[  826.965046][T11484] sony 0003:054C:0268.00CB: unknown main item tag 0x0
[  827.005718][ T4926] usb 1-1: Manufacturer: syz
[  827.027041][T11484] sony 0003:054C:0268.00CB: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0
[  827.040720][ T4926] usb 1-1: SerialNumber: syz
[  827.045598][T11484] sony 0003:054C:0268.00CB: failed to claim input
[  827.057249][T11494] usb 5-1: unable to read config index 0 descriptor/start: -61
[  827.066793][T11494] usb 5-1: can't read configurations, error -61
[  827.079485][T11494] usb usb5-port1: attempt power cycle
[  827.167264][ T4898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  827.178213][ T4898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  827.187992][ T4898] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  827.196886][ T4898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  827.205691][ T4898] usb 2-1: config 0 descriptor??
[  827.212203][ T4926] usb 3-1: USB disconnect, device number 23
[  827.288982][T19198] udc-core: couldn't find an available UDC or it's busy
[  827.296038][T19198] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  827.320918][ T4927] usb 1-1: USB disconnect, device number 28
[  827.487185][T11494] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  827.510806][T19229] xt_hashlimit: Unknown mode mask 2003, kernel too old?
[  827.577231][ T4898] usbhid 2-1:0.0: can't add hid device: -71
[  827.583109][ T4898] usbhid: probe of 2-1:0.0 failed with error -71
[  827.593430][ T4898] usb 2-1: USB disconnect, device number 13
[  827.607329][T11494] usb 5-1: Using ep0 maxpacket: 16
[  827.667243][T11494] usb 5-1: too many configurations: 218, using maximum allowed: 8
[  827.807227][ T8140] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  827.817249][T11494] usb 5-1: unable to read config index 0 descriptor/start: -61
[  827.824625][T11494] usb 5-1: can't read configurations, error -61
[  827.850632][T19236] syz.0.5329[19236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  827.850697][T19236] syz.0.5329[19236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  827.977184][T11494] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  828.037187][T11484] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  828.047141][ T8140] usb 4-1: Using ep0 maxpacket: 8
[  828.087241][T11494] usb 5-1: Using ep0 maxpacket: 16
[  828.167242][ T8140] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  828.207443][T11494] usb 5-1: device descriptor read/all, error -71
[  828.215075][T11494] usb usb5-port1: unable to enumerate USB device
[  828.257239][ T4926] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  828.267238][ T8140] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  828.276085][ T8140] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  828.297130][ T8140] usb 4-1: SerialNumber: syz
[  828.307596][ T8140] usb 4-1: config 0 descriptor??
[  828.427291][T11484] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  828.447253][T11484] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[  828.547285][T11484] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  828.556323][T11484] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  828.564444][T11484] usb 3-1: SerialNumber: syz
[  828.567250][ T8140] uvcvideo: Found UVC 0.00 device <unnamed> (05ac:8501)
[  828.575786][ T8140] uvcvideo: No valid video chain found.
[  828.657280][ T4926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  828.668120][ T4926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  828.678017][ T4926] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  828.687624][ T4926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  828.707463][ T4926] usb 2-1: config 0 descriptor??
[  828.789506][   T24] audit: type=1400 audit(1084.774:5072): avc:  denied  { mounton } for  pid=19230 comm="syz.3.5327" path="/9/file0" dev="9p" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  828.819650][  T354] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  828.832102][ T4919] usb 4-1: USB disconnect, device number 9
[  828.837302][   T24] audit: type=1400 audit(1084.814:5073): avc:  denied  { sys_module } for  pid=19233 comm="syz.2.5328" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  828.937844][T11484] usb 3-1: USB disconnect, device number 24
[  829.037544][ T4926] usbhid 2-1:0.0: can't add hid device: -71
[  829.046903][ T4926] usbhid: probe of 2-1:0.0 failed with error -71
[  829.188505][ T4926] usb 2-1: USB disconnect, device number 14
[  829.347192][  T354] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  829.361307][  T354] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  829.391845][  T354] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  829.453079][T15775] tipc: Left network mode
[  829.587241][  T354] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  829.647312][  T354] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.658195][  T354] usb 5-1: Product: syz
[  829.662213][  T354] usb 5-1: Manufacturer: syz
[  829.666716][  T354] usb 5-1: SerialNumber: syz
[  829.707706][  T354] usb 5-1: selecting invalid altsetting 1
[  829.835633][T19267] bridge0: port 1(bridge_slave_0) entered blocking state
[  829.851341][T19267] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.950793][T19267] device bridge_slave_0 entered promiscuous mode
[  830.117346][T19267] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.137419][T19267] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.144945][T19267] device bridge_slave_1 entered promiscuous mode
[  830.146089][T19247] netlink: 172 bytes leftover after parsing attributes in process `syz.4.5334'.
[  830.195134][T19247] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5334'.
[  830.207607][ T8140] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  830.221345][T19267] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.228218][T19267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  830.235317][T19267] bridge0: port 1(bridge_slave_0) entered blocking state
[  830.242133][T19267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  830.313699][T19247] kvm: pic: non byte write
[  830.322059][T15775] device bridge_slave_1 left promiscuous mode
[  830.328333][T15775] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.335677][T15775] device bridge_slave_0 left promiscuous mode
[  830.352182][T15775] bridge0: port 1(bridge_slave_0) entered disabled state
[  830.360469][T15775] device veth1_macvtap left promiscuous mode
[  830.366302][T15775] device veth0_vlan left promiscuous mode
[  830.482739][ T4919] bridge0: port 1(bridge_slave_0) entered disabled state
[  830.490214][ T4919] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.506215][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  830.513899][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  830.521552][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  830.530227][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  830.538703][ T4919] bridge0: port 1(bridge_slave_0) entered blocking state
[  830.545596][ T4919] bridge0: port 1(bridge_slave_0) entered forwarding state
[  830.553591][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  830.564847][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  830.573152][ T4919] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.580024][ T4919] bridge0: port 2(bridge_slave_1) entered forwarding state
[  830.599002][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  830.607825][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  830.612873][ T8140] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  830.616229][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  830.634869][ T8140] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  830.637162][ T4926] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  830.651909][ T8140] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  830.655384][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  830.670866][ T8140] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.679129][T19267] device veth0_vlan entered promiscuous mode
[  830.687630][T11494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  830.689152][ T8140] usb 4-1: config 0 descriptor??
[  830.698524][T11494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  830.709887][T11494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  830.718775][T11494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  830.744091][T19267] device veth1_macvtap entered promiscuous mode
[  830.755040][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  830.762506][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  830.767256][  T354] cdc_ncm 5-1:1.0: bind() failure
[  830.769846][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  830.777618][  T354] cdc_ncm 5-1:1.1: skipping garbage
[  830.793110][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  830.797318][  T354] cdc_ncm 5-1:1.1: bind() failure
[  830.802133][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  830.810918][  T354] usb 5-1: USB disconnect, device number 60
[  830.850381][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  830.867498][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  830.875929][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  830.884866][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  830.927225][ T4926] usb 2-1: Using ep0 maxpacket: 8
[  830.999270][T19289] netlink: 'syz.0.5343': attribute type 1 has an invalid length.
[  831.017007][T14956] handle_bad_sector: 10405 callbacks suppressed
[  831.017022][T14956] attempt to access beyond end of device
[  831.017022][T14956] loop0: rw=524288, want=57352, limit=40427
[  831.034850][T19289] netlink: 492 bytes leftover after parsing attributes in process `syz.0.5343'.
[  831.047240][ T4926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  831.053517][T14956] attempt to access beyond end of device
[  831.053517][T14956] loop0: rw=0, want=57352, limit=40427
[  831.062295][ T4926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  831.085868][T14956] attempt to access beyond end of device
[  831.085868][T14956] loop0: rw=524288, want=57352, limit=40427
[  831.097147][ T4926] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  831.097161][ T4926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.114493][ T4926] usb 2-1: config 0 descriptor??
[  831.148460][T14956] attempt to access beyond end of device
[  831.148460][T14956] loop0: rw=0, want=57352, limit=40427
[  831.176191][T14956] attempt to access beyond end of device
[  831.176191][T14956] loop0: rw=524288, want=57352, limit=40427
[  831.188924][ T8140] sony 0003:054C:0268.00CC: unknown main item tag 0x0
[  831.201538][T14956] attempt to access beyond end of device
[  831.201538][T14956] loop0: rw=0, want=57352, limit=40427
[  831.202514][ T8140] sony 0003:054C:0268.00CC: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0
[  831.213432][T14956] attempt to access beyond end of device
[  831.213432][T14956] loop0: rw=524288, want=57352, limit=40427
[  831.234245][ T8140] sony 0003:054C:0268.00CC: failed to claim input
[  831.242016][T14956] attempt to access beyond end of device
[  831.242016][T14956] loop0: rw=0, want=57352, limit=40427
[  831.255975][T14956] attempt to access beyond end of device
[  831.255975][T14956] loop0: rw=524288, want=57352, limit=40427
[  831.274334][T14956] attempt to access beyond end of device
[  831.274334][T14956] loop0: rw=0, want=57352, limit=40427
[  831.307091][T19288] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  831.315483][T19288] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  831.360138][T19288] F2FS-fs (loop2): Found nat_bits in checkpoint
[  831.409949][T19288] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  831.440731][T19288] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  831.447656][T19288] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  831.490851][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.490864][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.537703][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.587148][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.604240][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.637153][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.657144][T19267] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  831.667310][T11494] usb 4-1: USB disconnect, device number 10
[  831.680980][   T24] audit: type=1400 audit(1087.664:5074): avc:  denied  { bind } for  pid=19291 comm="syz.4.5344" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  831.700457][T19300] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.712859][T19300] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.720903][T19300] device bridge_slave_0 entered promiscuous mode
[  831.728416][T19300] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.735378][T19300] bridge0: port 2(bridge_slave_1) entered disabled state
[  831.743833][T19300] device bridge_slave_1 entered promiscuous mode
[  831.792065][   T24] audit: type=1400 audit(1087.664:5075): avc:  denied  { node_bind } for  pid=19291 comm="syz.4.5344" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  831.827248][ T4926] usbhid 2-1:0.0: can't add hid device: -71
[  831.839516][ T4926] usbhid: probe of 2-1:0.0 failed with error -71
[  831.864495][ T4926] usb 2-1: USB disconnect, device number 15
[  831.870863][   T24] audit: type=1400 audit(1087.684:5076): avc:  denied  { connect } for  pid=19291 comm="syz.4.5344" laddr=172.20.20.170 lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  831.907211][   T24] audit: type=1400 audit(1087.704:5077): avc:  denied  { remount } for  pid=19291 comm="syz.4.5344" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  831.956501][T19300] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.963392][T19300] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.970500][T19300] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.977256][T19300] bridge0: port 1(bridge_slave_0) entered forwarding state
[  832.102578][ T8140] bridge0: port 1(bridge_slave_0) entered disabled state
[  832.113789][ T8140] bridge0: port 2(bridge_slave_1) entered disabled state
[  832.147757][ T8140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  832.155114][ T8140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  832.207972][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  832.216013][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.222889][  T354] bridge0: port 1(bridge_slave_0) entered forwarding state
[  832.245880][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  832.258441][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.265319][  T354] bridge0: port 2(bridge_slave_1) entered forwarding state
[  832.301309][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  832.321259][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  832.337747][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  832.352268][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  832.361904][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  832.378588][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  832.389610][T19300] device veth0_vlan entered promiscuous mode
[  832.410975][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  832.436672][T19300] device veth1_macvtap entered promiscuous mode
[  832.477768][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  832.486216][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  832.540698][T19312] device ip6_vti0 entered promiscuous mode
[  832.546360][T19312] device vlan2 entered promiscuous mode
[  832.581846][T19312] device ip6_vti0 left promiscuous mode
[  832.613321][   T24] audit: type=1400 audit(1088.594:5078): avc:  denied  { getopt } for  pid=19317 comm="syz.0.5350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  832.665016][T19310] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.677577][T19310] bridge0: port 1(bridge_slave_0) entered disabled state
[  832.695084][T19310] device bridge_slave_0 entered promiscuous mode
[  832.705980][T19310] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.715453][T19310] bridge0: port 2(bridge_slave_1) entered disabled state
[  832.724565][T19310] device bridge_slave_1 entered promiscuous mode
[  832.829884][   T24] audit: type=1400 audit(1088.814:5079): avc:  denied  { read } for  pid=78 comm="acpid" name="mouse0" dev="devtmpfs" ino=2864 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  832.922631][T15775] device bridge_slave_1 left promiscuous mode
[  832.944471][T15775] bridge0: port 2(bridge_slave_1) entered disabled state
[  833.015303][T15775] device bridge_slave_0 left promiscuous mode
[  833.137054][   T24] audit: type=1400 audit(1088.814:5080): avc:  denied  { open } for  pid=78 comm="acpid" path="/dev/input/mouse0" dev="devtmpfs" ino=2864 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  833.154352][T15775] bridge0: port 1(bridge_slave_0) entered disabled state
[  833.174931][T15775] device veth1_macvtap left promiscuous mode
[  833.185030][T15775] device veth0_vlan left promiscuous mode
[  833.207287][   T24] audit: type=1400 audit(1088.814:5081): avc:  denied  { ioctl } for  pid=78 comm="acpid" path="/dev/input/mouse0" dev="devtmpfs" ino=2864 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  833.403826][T19310] bridge0: port 2(bridge_slave_1) entered blocking state
[  833.410719][T19310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  833.417850][T19310] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.424711][T19310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  833.486239][T11484] bridge0: port 1(bridge_slave_0) entered disabled state
[  833.495838][T11484] bridge0: port 2(bridge_slave_1) entered disabled state
[  833.515003][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  833.530577][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  833.564200][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  833.573429][ T4926] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.580334][ T4926] bridge0: port 1(bridge_slave_0) entered forwarding state
[  833.647246][ T8142] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  833.649490][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  833.663074][ T4926] bridge0: port 2(bridge_slave_1) entered blocking state
[  833.669936][ T4926] bridge0: port 2(bridge_slave_1) entered forwarding state
[  833.701009][T19347] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  833.722163][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  833.730520][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  833.768492][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  833.807397][   T24] kauditd_printk_skb: 1 callbacks suppressed
[  833.807415][   T24] audit: type=1400 audit(1089.764:5083): avc:  denied  { ioctl } for  pid=19348 comm="syz.3.5361" path="/dev/binderfs/binder0" dev="binder" ino=15 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  833.847769][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  833.861905][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  833.869858][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  833.874701][   T24] audit: type=1400 audit(1089.764:5084): avc:  denied  { set_context_mgr } for  pid=19348 comm="syz.3.5361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  833.878560][T19310] device veth0_vlan entered promiscuous mode
[  833.903637][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  833.913795][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  833.983794][T19354] 9pnet: Insufficient options for proto=fd
[  834.047877][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  834.087438][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  834.136635][T19310] device veth1_macvtap entered promiscuous mode
[  834.198409][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  834.206936][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  834.215378][ T4926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  834.277294][ T8142] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  834.286539][ T8142] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  834.307406][ T8142] usb 5-1: config 1 has no interface number 1
[  834.308495][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  834.320809][ T8142] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  834.321806][T11484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  834.638774][ T8142] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  834.704668][T19366] bridge0: port 3(vlan2) entered blocking state
[  834.727319][T19366] bridge0: port 3(vlan2) entered disabled state
[  834.757323][T19367] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5364'.
[  834.807361][ T8142] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  834.826768][ T8142] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.843185][T19371] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x2
[  834.853180][ T8142] usb 5-1: Product: syz
[  834.861328][ T8142] usb 5-1: Manufacturer: syz
[  834.870953][ T8142] usb 5-1: SerialNumber: syz
[  834.872149][T19373] overlayfs: overlapping lowerdir path
[  834.948659][T15775] bridge0: port 3(gretap0) entered disabled state
[  834.956501][T15775] device gretap0 left promiscuous mode
[  834.961866][T15775] bridge0: port 3(gretap0) entered disabled state
[  835.047168][  T354] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  835.108028][T19375] netlink: 220 bytes leftover after parsing attributes in process `syz.0.5367'.
[  835.117012][T19375] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5367'.
[  835.128525][T15775] device bridge_slave_1 left promiscuous mode
[  835.135622][T15775] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.142988][T19375] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5367'.
[  835.151989][T15775] device bridge_slave_0 left promiscuous mode
[  835.158012][T11484] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  835.166457][T15775] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.175044][T15775] device veth1_macvtap left promiscuous mode
[  835.181019][T15775] device veth0_vlan left promiscuous mode
[  835.437211][  T354] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  835.439950][T11484] usb 4-1: Using ep0 maxpacket: 16
[  835.447796][  T354] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  835.537413][  T354] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  835.548387][  T354] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  835.557348][ T8142] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  835.567141][ T8142] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  835.567319][T11484] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  835.576451][  T354] usb 3-1: SerialNumber: syz
[  835.590535][T11484] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  835.595701][ T8142] usb 5-1: found format II with max.bitrate = 47978, frame size=0
[  835.600281][T11484] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  835.617232][T11484] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  835.625210][ T8142] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  835.638313][T11484] usb 4-1: config 0 descriptor??
[  835.653571][ T8142] usb 5-1: USB disconnect, device number 61
[  835.887761][T19371] udc-core: couldn't find an available UDC or it's busy
[  835.894660][T19371] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  835.898434][  T354] usb 3-1: 0:2 : does not exist
[  835.906964][  T354] usb 3-1: unit 5 not found!
[  835.927063][  T354] usb 3-1: USB disconnect, device number 25
[  836.018316][T14956] handle_bad_sector: 5116 callbacks suppressed
[  836.018332][T14956] attempt to access beyond end of device
[  836.018332][T14956] loop0: rw=524288, want=57352, limit=40427
[  836.037301][T14956] attempt to access beyond end of device
[  836.037301][T14956] loop0: rw=0, want=57352, limit=40427
[  836.048911][T14956] attempt to access beyond end of device
[  836.048911][T14956] loop0: rw=524288, want=57352, limit=40427
[  836.063382][T14956] attempt to access beyond end of device
[  836.063382][T14956] loop0: rw=0, want=57352, limit=40427
[  836.074786][T19388] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3012553984 (6025107968 ns) > initial count (1441794 ns). Using initial count to start timer.
[  836.075336][T14956] attempt to access beyond end of device
[  836.075336][T14956] loop0: rw=524288, want=57352, limit=40427
[  836.106597][T14956] attempt to access beyond end of device
[  836.106597][T14956] loop0: rw=0, want=57352, limit=40427
[  836.118964][T14956] attempt to access beyond end of device
[  836.118964][T14956] loop0: rw=524288, want=57352, limit=40427
[  836.131011][T14956] attempt to access beyond end of device
[  836.131011][T14956] loop0: rw=0, want=57352, limit=40427
[  836.194071][T14956] attempt to access beyond end of device
[  836.194071][T14956] loop0: rw=524288, want=57352, limit=40427
[  836.208893][T14956] attempt to access beyond end of device
[  836.208893][T14956] loop0: rw=0, want=57352, limit=40427
[  836.220110][   T24] audit: type=1400 audit(1092.194:5085): avc:  denied  { connect } for  pid=19393 comm="syz.4.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  836.758767][T19405] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  837.217277][T11484] usbhid 4-1:0.0: can't add hid device: -71
[  837.223100][T11484] usbhid: probe of 4-1:0.0 failed with error -71
[  837.246679][   T24] audit: type=1400 audit(1093.224:5086): avc:  denied  { read } for  pid=19414 comm="syz.1.5379" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  837.254382][T11484] usb 4-1: USB disconnect, device number 11
[  837.277246][ T8142] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  837.307179][ T4924] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  837.316844][   T24] audit: type=1400 audit(1093.224:5087): avc:  denied  { open } for  pid=19414 comm="syz.1.5379" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  837.557155][ T8142] usb 5-1: device descriptor read/64, error -71
[  837.592571][ T4924] usb 1-1: Using ep0 maxpacket: 32
[  837.630347][T19421] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5381'.
[  837.706661][T19425] xt_bpf: check failed: parse error
[  837.741998][   T24] audit: type=1400 audit(1093.724:5088): avc:  denied  { create } for  pid=19422 comm="syz.2.5382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  837.763154][T19427] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19427 comm=syz.3.5384
[  837.801500][   T24] audit: type=1400 audit(1093.754:5089): avc:  denied  { bind } for  pid=19429 comm="syz.1.5385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  837.907384][ T4924] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  837.916912][T19428] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xafdad3fc, utbl_chksum : 0xe619d30d)
[  837.937272][ T4924] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  837.947159][ T8142] usb 5-1: device descriptor read/64, error -71
[  837.967168][ T4924] usb 1-1: Product: syz
[  837.987165][ T4924] usb 1-1: Manufacturer: syz
[  837.999088][ T4924] usb 1-1: SerialNumber: syz
[  838.046408][ T4924] usb 1-1: config 0 descriptor??
[  838.071229][   T24] audit: type=1400 audit(1094.054:5090): avc:  denied  { block_suspend } for  pid=19438 comm="syz.3.5388" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  838.187325][T11484] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  838.217170][ T8142] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  838.497137][ T8142] usb 5-1: device descriptor read/64, error -71
[  838.577331][T11484] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  838.589191][T19443] netlink: 236 bytes leftover after parsing attributes in process `syz.2.5389'.
[  838.603486][T11484] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  838.623249][T11484] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  838.643422][T11484] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  838.658205][T11484] usb 2-1: config 0 descriptor??
[  839.043495][T19412] Unknown ioctl 35108
[  839.097509][ T4924] (unnamed net_device) (uninitialized): Assigned a random MAC address: 7a:30:ee:b2:38:14
[  839.131172][ T8142] usb 5-1: device descriptor read/64, error -71
[  839.150759][T11484] hid-multitouch 0003:1FD2:6007.00CD: unknown main item tag 0x0
[  839.161425][ T4924] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  839.175165][T11484] hid-multitouch 0003:1FD2:6007.00CD: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  839.197403][ T4924] usb 1-1: USB disconnect, device number 29
[  839.257225][ T8142] usb usb5-port1: attempt power cycle
[  839.281338][T19443] F2FS-fs (loop2): invalid crc value
[  839.298515][T19443] F2FS-fs (loop2): Found nat_bits in checkpoint
[  839.397209][T19443] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  839.430494][T19435] FAT-fs (loop1): IO charset 866 not found
[  839.615534][T19457] syz.2.5389[19457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.616003][T19457] syz.2.5389[19457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.651637][T19457] overlayfs: failed to resolve './file0': -2
[  839.726137][T19435] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.5386: bad orphan inode 8192
[  839.885391][T19435] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,,errors=continue
[  840.008201][T11494] usb 2-1: USB disconnect, device number 16
[  840.685517][ T8142] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  840.917244][ T8142] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  840.930181][ T8142] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  840.977156][T11494] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  841.028073][T14956] handle_bad_sector: 4983 callbacks suppressed
[  841.028087][T14956] attempt to access beyond end of device
[  841.028087][T14956] loop0: rw=524288, want=57352, limit=40427
[  841.045947][T14956] attempt to access beyond end of device
[  841.045947][T14956] loop0: rw=0, want=57352, limit=40427
[  841.097332][ T8142] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  841.107741][T14956] attempt to access beyond end of device
[  841.107741][T14956] loop0: rw=524288, want=57352, limit=40427
[  841.117829][T19500] netlink: 236 bytes leftover after parsing attributes in process `syz.2.5404'.
[  841.119093][ T8142] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.137962][ T8142] usb 5-1: Product: syz
[  841.143315][T14956] attempt to access beyond end of device
[  841.143315][T14956] loop0: rw=0, want=57352, limit=40427
[  841.155030][ T8142] usb 5-1: Manufacturer: syz
[  841.159622][ T8142] usb 5-1: SerialNumber: syz
[  841.165671][T14956] attempt to access beyond end of device
[  841.165671][T14956] loop0: rw=524288, want=57352, limit=40427
[  841.177601][T14956] attempt to access beyond end of device
[  841.177601][T14956] loop0: rw=0, want=57352, limit=40427
[  841.189565][T14956] attempt to access beyond end of device
[  841.189565][T14956] loop0: rw=524288, want=57352, limit=40427
[  841.202522][T14956] attempt to access beyond end of device
[  841.202522][T14956] loop0: rw=0, want=57352, limit=40427
[  841.214762][T14956] attempt to access beyond end of device
[  841.214762][T14956] loop0: rw=524288, want=57352, limit=40427
[  841.226816][T14956] attempt to access beyond end of device
[  841.226816][T14956] loop0: rw=0, want=57352, limit=40427
[  841.390800][T19500] F2FS-fs (loop2): invalid crc value
[  841.397204][T11494] usb 4-1: config 1 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  841.410913][T19500] F2FS-fs (loop2): Found nat_bits in checkpoint
[  841.437154][T11494] usb 4-1: config 1 interface 0 has no altsetting 0
[  841.460930][T19500] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  841.627411][T11494] usb 4-1: New USB device found, idVendor=05ac, idProduct=021f, bcdDevice= 0.40
[  841.636677][T11494] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.656979][T11494] usb 4-1: Product: syz
[  841.664471][T19506] syz.2.5404[19506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  841.664813][T19506] syz.2.5404[19506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  841.702438][T19506] overlayfs: failed to resolve './file0': -2
[  841.731691][T11494] usb 4-1: Manufacturer: 휅櫄贴ग़닰
[  841.752749][T11494] usb 4-1: SerialNumber: syz
[  842.087841][T19478] udc-core: couldn't find an available UDC or it's busy
[  842.094717][T19478] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  842.107717][   T24] audit: type=1400 audit(1098.094:5091): avc:  denied  { create } for  pid=19477 comm="syz.3.5398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  842.108303][T19478] udc-core: couldn't find an available UDC or it's busy
[  842.147144][T19478] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  842.297745][T19518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5408'.
[  842.377292][T11494] usbhid 4-1:1.0: can't add hid device: -71
[  842.383195][T11494] usbhid: probe of 4-1:1.0 failed with error -71
[  842.399481][T11494] usb 4-1: USB disconnect, device number 12
[  842.587184][ T4923] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  842.857296][ T4923] usb 3-1: Using ep0 maxpacket: 16
[  842.883916][ T8142] cdc_ncm 5-1:1.0: bind() failure
[  842.907892][ T8142] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  842.927207][ T8142] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  842.937810][ T8142] usb 5-1: USB disconnect, device number 64
[  843.067556][ T4923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  843.112863][T19529] 9pnet: Insufficient options for proto=fd
[  843.139215][ T4923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  843.187357][ T4923] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  843.229150][ T4923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.359193][ T4923] usb 3-1: config 0 descriptor??
[  843.602443][T19536] fuse: Bad value for 'fd'
[  843.618804][   T24] audit: type=1400 audit(1099.594:5092): avc:  denied  { getopt } for  pid=19531 comm="syz.0.5412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  843.985434][   T24] audit: type=1400 audit(1099.594:5093): avc:  denied  { accept } for  pid=19531 comm="syz.0.5412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  844.240533][T19518] udc-core: couldn't find an available UDC or it's busy
[  844.254471][T19518] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  844.342637][ T4923] hid (null): unknown global tag 0xff
[  844.355253][   T24] audit: type=1400 audit(1100.334:5094): avc:  denied  { connect } for  pid=19544 comm="syz.4.5416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  844.375713][ T4923] hid-generic 0003:0158:0100.00CE: unknown main item tag 0x1
[  844.391000][ T4923] hid-generic 0003:0158:0100.00CE: unexpected long global item
[  844.408915][   T24] audit: type=1400 audit(1100.334:5095): avc:  denied  { write } for  pid=19544 comm="syz.4.5416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  844.472674][ T4923] hid-generic: probe of 0003:0158:0100.00CE failed with error -22
[  844.637853][T19550] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=6 sclass=netlink_xfrm_socket pid=19550 comm=syz.4.5417
[  844.737530][   T26] INFO: task kworker/u4:3:345 blocked for more than 168 seconds.
[  844.783388][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  844.802565][ T4923] usb 3-1: USB disconnect, device number 26
[  844.821563][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  844.838787][   T26] task:kworker/u4:3    state:D stack:    0 pid:  345 ppid:     2 flags:0x00004000
[  844.857131][   T26] Workqueue: writeback wb_workfn (flush-7:0)
[  844.869575][   T26] Call Trace:
[  844.876104][   T26]  __schedule+0xbe6/0x1330
[  844.884829][   T26]  ? release_firmware_map_entry+0x192/0x192
[  844.897170][   T26]  ? __kasan_check_write+0x14/0x20
[  844.907305][   T26]  ? kthread_data+0x53/0xc0
[  844.917085][   T26]  ? wq_worker_sleeping+0x63/0x200
[  844.926721][   T26]  schedule+0x13d/0x1d0
[  844.935182][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  844.947279][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  844.958452][   T26]  ? f2fs_inode_chksum_verify+0xd6/0x4a0
[  844.970555][   T26]  ? read_node_page+0x3b4/0x690
[  844.979660][   T26]  ? f2fs_ra_node_page+0x190/0x250
[  844.990007][   T26]  ? __kasan_check_write+0x14/0x20
[  845.000461][   T26]  down_write+0x146/0x150
[  845.008980][   T26]  ? down_read_killable+0x220/0x220
[  845.020844][   T26]  ? has_not_enough_free_secs+0x416/0x930
[  845.031878][   T26]  f2fs_balance_fs+0x32d/0x3f0
[  845.041956][   T26]  ? f2fs_commit_inmem_pages+0xdb0/0xdb0
[  845.052874][   T26]  ? __kasan_check_write+0x14/0x20
[  845.063349][   T26]  ? f2fs_put_page+0x131/0x1b0
[  845.073431][   T26]  ? f2fs_update_inode_page+0x13d/0x170
[  845.084273][   T26]  ? f2fs_write_inode+0x506/0x5d0
[  845.089432][   T26]  f2fs_write_inode+0x553/0x5d0
[  845.094138][   T26]  __writeback_single_inode+0x4fa/0xac0
[  845.099834][   T26]  writeback_sb_inodes+0x99c/0x16b0
[  845.109641][   T26]  ? copy_user_enhanced_fast_string+0x27/0x40
[  845.125738][   T26]  ? queue_io+0x520/0x520
[  845.130146][   T26]  ? __kasan_check_write+0x14/0x20
[  845.135093][   T26]  ? down_read_trylock+0x179/0x1d0
[  845.140369][   T26]  ? queue_io+0x3d3/0x520
[  845.144517][   T26]  wb_writeback+0x4b7/0xc60
[  845.157182][   T26]  ? wb_io_lists_depopulated+0x180/0x180
[  845.162841][   T26]  ? do_softirq_own_stack+0x6c/0x80
[  845.172935][   T26]  ? cpumask_next+0x23/0x30
[  845.177487][   T26]  wb_workfn+0xb3d/0x1110
[  845.181655][   T26]  ? inode_wait_for_writeback+0x280/0x280
[  845.197149][   T26]  ? __switch_to_asm+0x34/0x60
[  845.201837][   T26]  ? __kasan_check_read+0x11/0x20
[  845.206598][   T26]  ? read_word_at_a_time+0x12/0x20
[  845.215108][   T26]  ? strscpy+0x9c/0x260
[  845.228294][   T26]  process_one_work+0x6dc/0xbd0
[  845.232979][   T26]  worker_thread+0xaea/0x1510
[  845.237870][   T26]  kthread+0x34b/0x3d0
[  845.241777][   T26]  ? worker_clr_flags+0x180/0x180
[  845.246613][   T26]  ? kthread_blkcg+0xd0/0xd0
[  845.251466][   T26]  ret_from_fork+0x1f/0x30
[  845.304219][   T26] INFO: task syz.0.4074:14955 blocked for more than 189 seconds.
[  845.327067][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  845.352155][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  845.368649][   T26] task:syz.0.4074      state:D stack:    0 pid:14955 ppid: 14851 flags:0x00004004
[  845.387892][   T26] Call Trace:
[  845.391205][   T26]  __schedule+0xbe6/0x1330
[  845.395572][   T26]  ? release_firmware_map_entry+0x192/0x192
[  845.401578][   T26]  ? __kasan_check_write+0x14/0x20
[  845.406508][   T26]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  845.411640][   T26]  ? _raw_spin_lock_irqsave+0x210/0x210
[  845.417003][   T26]  schedule+0x13d/0x1d0
[  845.421181][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  845.426771][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  845.432593][   T26]  ? avc_has_perm_noaudit+0x240/0x240
[  845.437918][   T26]  ? memset+0x35/0x40
[  845.441710][   T26]  ? __fsnotify_parent+0x4b9/0x6c0
[  845.446856][   T26]  down_write+0x146/0x150
[  845.452430][   T26]  ? down_read_killable+0x220/0x220
[  845.459465][   T26]  ? dentry_needs_remove_privs+0xbf/0x100
[  845.465274][   T26]  do_truncate+0x1de/0x2d0
[  845.470721][   T26]  ? page_reporting_drain+0x1e0/0x1e0
[  845.476216][   T26]  path_openat+0x298d/0x3000
[  845.482096][   T26]  ? kmem_cache_alloc+0x168/0x2e0
[  845.487036][   T26]  ? do_syscall_64+0x34/0x70
[  845.548049][   T26]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  845.602099][   T26]  ? do_filp_open+0x460/0x460
[  845.683554][   T26]  do_filp_open+0x21c/0x460
[  845.716016][   T26]  ? vfs_tmpfile+0x2b0/0x2b0
[  845.725806][   T24] audit: type=1326 audit(1101.704:5096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19558 comm="syz.4.5420" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffb010f4bd9 code=0x0
[  845.726714][   T26]  ? get_unused_fd_flags+0x94/0xa0
[  845.759194][   T26]  do_sys_openat2+0x13f/0x6f0
[  845.767311][   T26]  ? kern_path_create+0x40/0x40
[  845.775740][T19560] IPv6: Can't replace route, no match found
[  845.776169][   T26]  ? do_sys_open+0x220/0x220
[  845.794170][   T26]  __x64_sys_open+0x221/0x270
[  845.803894][   T26]  ? do_sys_openat2+0x6f0/0x6f0
[  845.812717][   T26]  ? __kasan_check_read+0x11/0x20
[  845.822757][   T26]  do_syscall_64+0x34/0x70
[  845.831129][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  845.842062][   T26] RIP: 0033:0x7feadf896bd9
[  845.850438][   T26] RSP: 002b:00007feadeb18048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  845.866981][   T26] RAX: ffffffffffffffda RBX: 00007feadfa24f60 RCX: 00007feadf896bd9
[  845.882025][   T26] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 00000000200029c0
[  845.898148][   T26] RBP: 00007feadf905aa1 R08: 0000000000000000 R09: 0000000000000000
[  845.935190][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  845.950694][   T26] R13: 000000000000000b R14: 00007feadfa24f60 R15: 00007ffd2d98db98
[  845.970724][   T26] NMI backtrace for cpu 0
[  845.974937][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  845.985821][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  845.995707][   T26] Call Trace:
[  845.998843][   T26]  dump_stack_lvl+0x1e2/0x24b
[  846.003356][   T26]  ? panic+0x812/0x812
[  846.007261][   T26]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  846.012555][   T26]  ? rcu_read_unlock_special+0xd8/0x4c0
[  846.017942][   T26]  ? sched_show_task+0x363/0x540
[  846.022709][   T26]  ? __rcu_read_unlock+0x90/0x90
[  846.027510][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  846.033386][   T26]  dump_stack+0x15/0x17
[  846.037380][   T26]  nmi_trigger_cpumask_backtrace+0x2b5/0x300
[  846.043191][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  846.049092][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  846.054817][   T26]  watchdog+0xe5d/0xfd0
[  846.058814][   T26]  ? hungtask_pm_notify+0x50/0x50
[  846.063677][   T26]  ? __kasan_check_read+0x11/0x20
[  846.068531][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  846.073305][   T26]  kthread+0x34b/0x3d0
[  846.077206][   T26]  ? hungtask_pm_notify+0x50/0x50
[  846.082069][   T26]  ? kthread_blkcg+0xd0/0xd0
[  846.086490][   T26]  ret_from_fork+0x1f/0x30
[  846.091650][   T26] Sending NMI from CPU 0 to CPUs 1:
[  846.097160][    C1] NMI backtrace for cpu 1
[  846.097169][    C1] CPU: 1 PID: 19561 Comm: syz.2.5421 Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  846.097176][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  846.097179][    C1] RIP: 0033:0x7f7e45b1806b
[  846.097191][    C1] Code: 01 00 00 00 45 31 e4 4c 8d 3d b1 af 29 00 44 89 f2 4c 89 e0 4d 8b 65 30 49 8d 14 d1 4e 03 24 12 80 3d 00 0a 2b 00 00 4c 89 e3 <74> 28 25 ff 0f 00 00 83 f0 3d 8d 04 c0 89 c3 c1 eb 04 31 c3 69 db
[  846.097196][    C1] RSP: 002b:00007fff7754a2d0 EFLAGS: 00000202
[  846.097206][    C1] RAX: ffffffff81a6de87 RBX: ffffffff81a6dede RCX: 0000000000001053
[  846.097211][    C1] RDX: 00007f7e45664568 RSI: 0000000081a6d053 RDI: 0000000081a6d057
[  846.097217][    C1] RBP: 00007f7e468f8720 R08: 0000000000000001 R09: 00007f7e454c2000
[  846.097222][    C1] R10: 0000000000000008 R11: 0000000081a6d053 R12: ffffffff81a6dede
[  846.097228][    C1] R13: 00007f7e45dc6ff8 R14: 00000000000344ad R15: 00007f7e45db3000
[  846.097233][    C1] FS:  000055555660a500 GS:  0000000000000000
[  846.241183][T14956] handle_bad_sector: 6507 callbacks suppressed
[  846.241210][T14956] attempt to access beyond end of device
[  846.241210][T14956] loop0: rw=524288, want=57352, limit=40427
[  846.259423][T14956] attempt to access beyond end of device
[  846.259423][T14956] loop0: rw=0, want=57352, limit=40427
[  846.273346][T14956] attempt to access beyond end of device
[  846.273346][T14956] loop0: rw=524288, want=57352, limit=40427
[  846.291669][T14956] attempt to access beyond end of device
[  846.291669][T14956] loop0: rw=0, want=57352, limit=40427
[  846.303131][T14956] attempt to access beyond end of device
[  846.303131][T14956] loop0: rw=524288, want=57352, limit=40427
[  846.314553][T14956] attempt to access beyond end of device
[  846.314553][T14956] loop0: rw=0, want=57352, limit=40427
[  846.345247][T14956] attempt to access beyond end of device
[  846.345247][T14956] loop0: rw=524288, want=57352, limit=40427
[  846.357149][T14956] attempt to access beyond end of device
[  846.357149][T14956] loop0: rw=0, want=57352, limit=40427
[  846.370571][T14956] attempt to access beyond end of device
[  846.370571][T14956] loop0: rw=524288, want=57352, limit=40427
[  846.382205][T14956] attempt to access beyond end of device
[  846.382205][T14956] loop0: rw=0, want=57352, limit=40427
[  846.464241][T19573] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5423'.
[  846.910739][T19577] 9pnet: Insufficient options for proto=fd
[  847.210017][T19585] udc-core: couldn't find an available UDC or it's busy
[  847.216875][T19585] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  847.224231][   T24] audit: type=1400 audit(1103.194:5097): avc:  denied  { ioctl } for  pid=19584 comm="syz.2.5428" path="socket:[101005]" dev="sockfs" ino=101005 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  847.365915][T19598] tipc: Started in network mode
[  847.371091][T19598] tipc: Own node identity 00000000000004800000000000000001, cluster identity 4711
[  847.380264][T19598] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  847.797169][  T354] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  848.037131][  T354] usb 3-1: Using ep0 maxpacket: 16
[  848.122283][   T24] audit: type=1400 audit(1104.104:5098): avc:  denied  { listen } for  pid=19613 comm="syz.0.5435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  848.155896][   T24] audit: type=1400 audit(1104.124:5099): avc:  denied  { read } for  pid=19613 comm="syz.0.5435" name="rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  848.178542][  T354] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  848.189571][  T354] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  848.199199][  T354] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  848.207226][   T24] audit: type=1400 audit(1104.124:5100): avc:  denied  { open } for  pid=19613 comm="syz.0.5435" path="/dev/rtc0" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  848.231220][  T354] usb 3-1: config 0 descriptor??
[  848.677644][T19586] tipc: Started in network mode
[  848.682463][T19586] tipc: Own node identity 00000000000000000000000000000001, cluster identity 4711
[  848.731043][T19586] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  848.770163][T19586] tipc: Enabled bearer <udp:s>, priority 10
[  848.785919][T19630] overlayfs: missing 'lowerdir'
[  848.794699][T19585] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  848.917056][   T24] audit: type=1400 audit(1104.894:5101): avc:  denied  { create } for  pid=19629 comm="syz.3.5439" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  848.937635][  T354] usbhid 3-1:0.0: can't add hid device: -71
[  849.005366][T19641] 9pnet: Insufficient options for proto=fd
[  849.485624][  T354] usbhid: probe of 3-1:0.0 failed with error -71
[  849.496009][  T354] usb 3-1: USB disconnect, device number 27
[  849.610275][   T24] audit: type=1400 audit(1105.594:5102): avc:  denied  { unlink } for  pid=19112 comm="syz-executor" name="file1" dev="tmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  849.771698][T11494] tipc: 32-bit node address hash set to 1000000
[  849.899015][ T8142] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  850.275003][  T354] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  850.397131][ T8142] usb 4-1: Using ep0 maxpacket: 16
[  850.517241][ T8142] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  850.526124][  T354] usb 3-1: Using ep0 maxpacket: 32
[  850.647191][  T354] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  850.705545][ T8142] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  850.718844][ T8142] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  850.726812][ T8142] usb 4-1: Product: syz
[  850.730848][ T8142] usb 4-1: Manufacturer: syz
[  850.735229][ T8142] usb 4-1: SerialNumber: syz
[  850.741431][ T8142] usb 4-1: config 0 descriptor??
[  850.778029][ T8142] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  850.785779][ T8142] usb 4-1: Detected FT232RL
[  850.897511][  T354] usb 3-1: New USB device found, idVendor=1d6f, idProduct=0010, bcdDevice= a.a7
[  850.916634][  T354] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  850.952920][  T354] usb 3-1: Product: syz
[  850.971698][  T354] usb 3-1: Manufacturer: syz
[  850.987291][ T8142] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  851.008294][  T354] usb 3-1: SerialNumber: syz
[  851.060422][  T354] usb 3-1: config 0 descriptor??
[  851.117683][  T354] rndis_host 3-1:0.0: skipping garbage
[  851.128759][  T354] usb 3-1: bad CDC descriptors
[  851.233147][   T24] audit: type=1400 audit(1107.214:5103): avc:  denied  { setopt } for  pid=19644 comm="syz.3.5443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  851.253645][ T8142] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  851.255452][T14956] handle_bad_sector: 7302 callbacks suppressed
[  851.255468][T14956] attempt to access beyond end of device
[  851.255468][T14956] loop0: rw=524288, want=57352, limit=40427
[  851.322038][T19665] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.328991][T19665] bridge0: port 1(bridge_slave_0) entered disabled state
[  851.399312][T14956] attempt to access beyond end of device
[  851.399312][T14956] loop0: rw=0, want=57352, limit=40427
[  851.432216][T19651] udc-core: couldn't find an available UDC or it's busy
[  851.476646][T19665] device bridge_slave_0 entered promiscuous mode
[  851.483792][T14956] attempt to access beyond end of device
[  851.483792][T14956] loop0: rw=524288, want=57352, limit=40427
[  851.495323][T19651] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  851.504581][T19665] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.512428][ T4924] usb 3-1: USB disconnect, device number 28
[  851.519800][T14956] attempt to access beyond end of device
[  851.519800][T14956] loop0: rw=0, want=57352, limit=40427
[  851.525030][T19665] bridge0: port 2(bridge_slave_1) entered disabled state
[  851.537913][T14956] attempt to access beyond end of device
[  851.537913][T14956] loop0: rw=524288, want=57352, limit=40427
[  851.549628][T14956] attempt to access beyond end of device
[  851.549628][T14956] loop0: rw=0, want=57352, limit=40427
[  851.564814][T19665] device bridge_slave_1 entered promiscuous mode
[  851.578697][T14956] attempt to access beyond end of device
[  851.578697][T14956] loop0: rw=524288, want=57352, limit=40427
[  851.592405][T14956] attempt to access beyond end of device
[  851.592405][T14956] loop0: rw=0, want=57352, limit=40427
[  851.603800][T14956] attempt to access beyond end of device
[  851.603800][T14956] loop0: rw=524288, want=57352, limit=40427
[  851.615175][T14956] attempt to access beyond end of device
[  851.615175][T14956] loop0: rw=0, want=57352, limit=40427
[  851.638920][T19673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5450'.
[  851.684489][T19665] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.691368][T19665] bridge0: port 2(bridge_slave_1) entered forwarding state
[  851.698482][T19665] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.705235][T19665] bridge0: port 1(bridge_slave_0) entered forwarding state
[  851.950253][ T4924] bridge0: port 1(bridge_slave_0) entered disabled state
[  851.964233][ T4924] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.000777][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  852.036287][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  852.073957][ T4923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  852.082262][ T4923] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.089146][ T4923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  852.099400][ T4923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  852.108069][ T4923] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.114924][ T4923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  852.122487][ T4923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  852.130402][ T4923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  852.159286][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  852.173973][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  852.189392][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  852.207512][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  852.215974][T19665] device veth0_vlan entered promiscuous mode
[  852.229563][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  852.239178][T19665] device veth1_macvtap entered promiscuous mode
[  852.251443][ T8142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  852.269847][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  852.280232][  T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  852.389619][T19685] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  852.404018][   T24] audit: type=1400 audit(1108.384:5104): avc:  denied  { getopt } for  pid=19692 comm="syz.1.5449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  852.444170][T19685] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[  852.624946][ T8142] usb 4-1: USB disconnect, device number 13
[  852.838878][ T8142] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  852.855124][ T8142] ftdi_sio 4-1:0.0: device disconnected
[  852.929593][  T354] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  852.971399][T19708] 9pnet: Insufficient options for proto=fd
[  853.302740][T19715] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5461'.
[  853.457511][  T354] usb 2-1: device descriptor read/64, error -71
[  853.570120][T19735] 9pnet: Insufficient options for proto=fd
[  853.607788][   T24] audit: type=1400 audit(1109.594:5105): avc:  denied  { write } for  pid=19736 comm="syz.2.5470" path="socket:[102582]" dev="sockfs" ino=102582 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  853.800273][T19730] bridge0: port 1(bridge_slave_0) entered disabled state
[  853.820708][T19730] device bridge_slave_0 left promiscuous mode
[  853.833126][T19730] bridge0: port 1(bridge_slave_0) entered disabled state
[  853.867146][  T354] usb 2-1: device descriptor read/64, error -71
[  854.323097][  T354] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  854.663770][T19763] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  854.733415][  T354] usb 2-1: device descriptor read/64, error -71
[  854.807569][ T4898] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  855.867390][T19789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5484'.
[  855.886739][T19789] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  856.037187][ T4898] usb 1-1: device descriptor read/64, error -71
[  856.071390][T19801] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  856.147825][T19804] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5488'.
[  856.262616][T14956] handle_bad_sector: 3998 callbacks suppressed
[  856.262649][T14956] attempt to access beyond end of device
[  856.262649][T14956] loop0: rw=524288, want=57352, limit=40427
[  856.283291][T14956] attempt to access beyond end of device
[  856.283291][T14956] loop0: rw=0, want=57352, limit=40427
[  856.298835][T14956] attempt to access beyond end of device
[  856.298835][T14956] loop0: rw=524288, want=57352, limit=40427
[  856.311429][T14956] attempt to access beyond end of device
[  856.311429][T14956] loop0: rw=0, want=57352, limit=40427
[  856.326172][T14956] attempt to access beyond end of device
[  856.326172][T14956] loop0: rw=524288, want=57352, limit=40427
[  856.337727][T14956] attempt to access beyond end of device
[  856.337727][T14956] loop0: rw=0, want=57352, limit=40427
[  856.349151][T14956] attempt to access beyond end of device
[  856.349151][T14956] loop0: rw=524288, want=57352, limit=40427
[  856.360635][T14956] attempt to access beyond end of device
[  856.360635][T14956] loop0: rw=0, want=57352, limit=40427
[  856.371833][T14956] attempt to access beyond end of device
[  856.371833][T14956] loop0: rw=524288, want=57352, limit=40427
[  856.387139][  T354] usb 2-1: device descriptor read/64, error -71
[  856.395607][T14956] attempt to access beyond end of device
[  856.395607][T14956] loop0: rw=0, want=57352, limit=40427
[  856.507263][  T354] usb usb2-port1: attempt power cycle
[  856.516110][T19806] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  856.525695][T19806] EXT4-fs (loop2): Unrecognized mount option "euid>18446744073709551615" or missing value
[  856.587156][ T4898] usb 1-1: device descriptor read/64, error -71
[  856.907239][ T4927] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  856.921923][T19814] syz.3.5493[19814] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  856.922065][T19814] syz.3.5493[19814] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  856.987144][ T4898] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  857.005743][  T354] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  857.013165][ T8142] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  857.167147][ T4927] usb 5-1: Using ep0 maxpacket: 16
[  857.227295][  T354] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  857.238209][  T354] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  857.248072][  T354] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  857.257283][  T354] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.265942][  T354] usb 2-1: config 0 descriptor??
[  857.287182][ T4898] usb 1-1: device descriptor read/64, error -71
[  857.387249][ T8142] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  857.398208][ T8142] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  857.408115][ T8142] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  857.417338][ T8142] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.429750][ T8142] usb 3-1: config 0 descriptor??
[  857.557215][ T4927] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  857.566070][ T4927] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  857.575930][ T4927] usb 5-1: Product: syz
[  857.580487][ T4927] usb 5-1: Manufacturer: syz
[  857.584897][ T4927] usb 5-1: SerialNumber: syz
[  857.597709][ T4927] usb 5-1: config 0 descriptor??
[  857.647873][ T4927] usb 5-1: selecting invalid altsetting 1
[  857.654105][ T4927] snd-usb-audio: probe of 5-1:0.0 failed with error -22
[  857.748158][  T354] holtek_kbd 0003:04D9:A055.00CF: unknown main item tag 0x0
[  857.759546][T19822] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5496'.
[  857.765791][  T354] holtek_kbd 0003:04D9:A055.00CF: item fetching failed at offset 3/5
[  857.797187][  T354] holtek_kbd: probe of 0003:04D9:A055.00CF failed with error -22
[  857.968165][ T4897] usb 2-1: USB disconnect, device number 19
[  858.107607][T19806] udc-core: couldn't find an available UDC or it's busy
[  858.114532][T19806] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  858.123254][T19806] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5492'.
[  858.132853][T19806] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5492'.
[  858.187214][ T8142] usbhid 3-1:0.0: can't add hid device: -71
[  858.193337][ T8142] usbhid: probe of 3-1:0.0 failed with error -71
[  858.203785][ T8142] usb 3-1: USB disconnect, device number 29
[  858.529289][   T24] audit: type=1400 audit(1114.514:5106): avc:  denied  { setattr } for  pid=19829 comm="syz.0.5499" name="" dev="pipefs" ino=102776 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  858.725210][T19834] device syzkaller0 entered promiscuous mode
[  858.738909][T19832] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5498'.
[  858.776902][T19839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5502'.
[  858.866820][T19844] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5504'.
[  858.961869][T19847] device wireguard0 entered promiscuous mode
[  859.085723][ T4927] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  859.327715][   T24] audit: type=1400 audit(1115.314:5107): avc:  denied  { read } for  pid=19849 comm="poweroff" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  859.460433][T11484] usb 5-1: USB disconnect, device number 65
[  859.644361][T19857] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5506'.
[  859.880038][   T24] audit: type=1400 audit(1115.754:5108): avc:  denied  { write } for  pid=19850 comm="syz.1.5505" name="uinput" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  860.680886][   T24] audit: type=1400 audit(1115.794:5109): avc:  denied  { create } for  pid=19850 comm="syz.1.5505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  860.768855][   T24] audit: type=1400 audit(1116.604:5110): avc:  denied  { map } for  pid=19863 comm="syz.2.5507" path="socket:[103618]" dev="sockfs" ino=103618 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  860.793778][   T24] audit: type=1400 audit(1116.604:5111): avc:  denied  { accept } for  pid=19863 comm="syz.2.5507" path="socket:[103618]" dev="sockfs" ino=103618 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  860.817788][ T4927] usb 1-1: unable to get BOS descriptor or descriptor too short
[  860.887128][  T353] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  860.947155][ T4927] usb 1-1: unable to read config index 0 descriptor/start: -71
[  860.967466][ T4927] usb 1-1: can't read configurations, error -71
[  860.989107][T19881] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  861.097562][T19887] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=e040e01c, mo2=0000]
[  861.105151][T19887] System zones: 0-2, 18-18, 34-34
[  861.114650][T19887] EXT4-fs (loop2): orphan cleanup on readonly fs
[  861.122499][T19887] EXT4-fs (loop2): 1 orphan inode deleted
[  861.128810][T19887] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[  861.247131][ T4924] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  861.267214][T14956] handle_bad_sector: 8774 callbacks suppressed
[  861.267225][T14956] attempt to access beyond end of device
[  861.267225][T14956] loop0: rw=524288, want=57352, limit=40427
[  861.284733][T14956] attempt to access beyond end of device
[  861.284733][T14956] loop0: rw=0, want=57352, limit=40427
[  861.296298][T14956] attempt to access beyond end of device
[  861.296298][T14956] loop0: rw=524288, want=57352, limit=40427
[  861.296892][T19891] netlink: 88 bytes leftover after parsing attributes in process `syz.2.5516'.
[  861.308041][T14956] attempt to access beyond end of device
[  861.308041][T14956] loop0: rw=0, want=57352, limit=40427
[  861.327350][  T353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  861.328087][T14956] attempt to access beyond end of device
[  861.328087][T14956] loop0: rw=524288, want=57352, limit=40427
[  861.349271][  T353] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  861.349975][T14956] attempt to access beyond end of device
[  861.349975][T14956] loop0: rw=0, want=57352, limit=40427
[  861.370447][T14956] attempt to access beyond end of device
[  861.370447][T14956] loop0: rw=524288, want=57352, limit=40427
[  861.373311][  T353] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  861.382772][T14956] attempt to access beyond end of device
[  861.382772][T14956] loop0: rw=0, want=57352, limit=40427
[  861.410137][T14956] attempt to access beyond end of device
[  861.410137][T14956] loop0: rw=524288, want=57352, limit=40427
[  861.415166][  T353] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  861.422146][T14956] attempt to access beyond end of device
[  861.422146][T14956] loop0: rw=0, want=57352, limit=40427
[  861.438946][  T353] usb 4-1: config 0 descriptor??
[  861.865232][T19898] device wireguard0 entered promiscuous mode
[  861.907203][ T4924] usb 2-1: config index 0 descriptor too short (expected 64575, got 68)
[  861.915371][ T4924] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  861.925663][ T4924] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[  861.936871][ T4924] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  862.047260][ T4924] usb 2-1: config index 1 descriptor too short (expected 64575, got 68)
[  862.055411][ T4924] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  862.065776][ T4924] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[  862.076763][ T4924] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  862.077172][  T354] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  862.096924][  T353] usbhid 4-1:0.0: can't add hid device: -71
[  862.102854][  T353] usbhid: probe of 4-1:0.0 failed with error -71
[  862.113085][  T353] usb 4-1: USB disconnect, device number 14
[  862.157146][ T4924] usb 2-1: string descriptor 0 read error: -71
[  862.163244][ T4924] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  862.172257][ T4924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.197181][ T4924] usb 2-1: can't set config #1, error -71
[  862.217248][ T4924] usb 2-1: USB disconnect, device number 20
[  862.403181][T19909] syz.2.5521[19909] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  862.403250][T19909] syz.2.5521[19909] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  862.496891][T19910] xt_CT: You must specify a L4 protocol and not use inversions on it
[  862.647256][  T354] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  862.658993][  T354] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  862.820680][  T354] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  862.838896][  T354] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.038029][  T354] usb 5-1: config 0 descriptor??
[  863.214378][T19923] FAULT_INJECTION: forcing a failure.
[  863.214378][T19923] name failslab, interval 1, probability 0, space 0, times 0
[  863.226853][T19923] CPU: 0 PID: 19923 Comm: syz.0.5524 Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  863.237982][T19923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  863.247872][T19923] Call Trace:
[  863.251003][T19923]  dump_stack_lvl+0x1e2/0x24b
[  863.255538][T19923]  ? panic+0x812/0x812
[  863.259415][T19923]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  863.264722][T19923]  dump_stack+0x15/0x17
[  863.268702][T19923]  should_fail+0x3c6/0x510
[  863.272953][T19923]  ? __alloc_skb+0x80/0x510
[  863.277306][T19923]  __should_failslab+0xa4/0xe0
[  863.281921][T19923]  should_failslab+0x9/0x20
[  863.286236][T19923]  kmem_cache_alloc+0x3d/0x2e0
[  863.290840][T19923]  ? __copy_skb_header+0x397/0x500
[  863.295783][T19923]  __alloc_skb+0x80/0x510
[  863.299951][T19923]  skb_segment+0xef8/0x4130
[  863.304318][T19923]  ? skb_gro_receive_list+0x4d0/0x4d0
[  863.309597][T19923]  ? udp6_ufo_fragment+0x713/0xcd0
[  863.314552][T19923]  ? memmove+0x56/0x70
[  863.318446][T19923]  udp6_ufo_fragment+0x866/0xcd0
[  863.323209][T19923]  ? udpv6_offload_exit+0x20/0x20
[  863.328073][T19923]  ? ipv6_gso_pull_exthdrs+0x42c/0x480
[  863.333365][T19923]  ipv6_gso_segment+0x64a/0x1120
[  863.338150][T19923]  ? inet6_del_offload+0x50/0x50
[  863.342908][T19923]  ? handle_mm_fault+0x1736/0x1a10
[  863.347857][T19923]  ? inet6_del_offload+0x50/0x50
[  863.352629][T19923]  skb_mac_gso_segment+0x27c/0x490
[  863.357575][T19923]  ? skb_network_protocol+0x7a0/0x7a0
[  863.362786][T19923]  ? can_reuse_spf_vma+0xe0/0xe0
[  863.367568][T19923]  ? __alloc_pages_nodemask+0x435/0xaf0
[  863.372946][T19923]  __skb_gso_segment+0x32d/0x4c0
[  863.377717][T19923]  validate_xmit_skb+0x30a/0xc50
[  863.382490][T19923]  ? validate_xmit_skb_list+0x130/0x130
[  863.387871][T19923]  ? netdev_core_pick_tx+0xce/0x300
[  863.392904][T19923]  __dev_queue_xmit+0x1144/0x28e0
[  863.397772][T19923]  ? dev_queue_xmit+0x20/0x20
[  863.402274][T19923]  ? virtio_net_hdr_to_skb+0xa10/0x1130
[  863.407661][T19923]  ? fanout_demux_rollover+0xbe0/0xbe0
[  863.412951][T19923]  dev_queue_xmit+0x17/0x20
[  863.417288][T19923]  packet_sendmsg+0x4526/0x60a0
[  863.421980][T19923]  ? avc_has_perm+0x14d/0x400
[  863.426591][T19923]  ? memset+0x35/0x40
[  863.430410][T19923]  ? selinux_socket_sendmsg+0x243/0x340
[  863.435786][T19923]  ? selinux_socket_accept+0x5b0/0x5b0
[  863.441084][T19923]  ? packet_getsockopt+0xea0/0xea0
[  863.446030][T19923]  ? check_stack_object+0xf4/0x130
[  863.451068][T19923]  ? security_socket_sendmsg+0x82/0xb0
[  863.456357][T19923]  ? packet_getsockopt+0xea0/0xea0
[  863.461304][T19923]  __sys_sendto+0x545/0x700
[  863.465648][T19923]  ? __ia32_sys_getpeername+0x90/0x90
[  863.470859][T19923]  ? __ia32_sys_read+0x90/0x90
[  863.475453][T19923]  __x64_sys_sendto+0xe5/0x100
[  863.480051][T19923]  do_syscall_64+0x34/0x70
[  863.484336][T19923]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  863.490030][T19923] RIP: 0033:0x7f0005b9ebd9
[  863.494467][T19923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  863.513905][T19923] RSP: 002b:00007f0004e20048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  863.522146][T19923] RAX: ffffffffffffffda RBX: 00007f0005d2cf60 RCX: 00007f0005b9ebd9
[  863.529952][T19923] RDX: 000000000000b318 RSI: 00000000200000c0 RDI: 0000000000000006
[  863.537764][T19923] RBP: 00007f0004e200a0 R08: 0000000020000540 R09: 0000000000000014
[  863.545580][T19923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  863.553388][T19923] R13: 000000000000000b R14: 00007f0005d2cf60 R15: 00007ffeb88475f8
[  864.402648][T19902] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5519'.
[  864.477187][  T354] usbhid 5-1:0.0: can't add hid device: -71
[  864.483113][  T354] usbhid: probe of 5-1:0.0 failed with error -71
[  864.497784][  T354] usb 5-1: USB disconnect, device number 66
[  864.506407][   T24] audit: type=1400 audit(1120.484:5112): avc:  denied  { write } for  pid=19936 comm="syz.0.5527" name="001" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  865.022354][ T2695] device bridge_slave_1 left promiscuous mode
[  865.156761][ T2695] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.196500][ T2695] device bridge_slave_0 left promiscuous mode
[  865.227962][ T2695] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.287425][ T2695] device veth1_macvtap left promiscuous mode
[  865.293305][ T2695] device veth0_vlan left promiscuous mode
[  865.737456][T19956] syz.1.5531[19956] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  865.737525][T19956] syz.1.5531[19956] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  866.277455][T14956] handle_bad_sector: 5535 callbacks suppressed
[  866.277470][T14956] attempt to access beyond end of device
[  866.277470][T14956] loop0: rw=0, want=57352, limit=40427
[  866.308109][T14956] attempt to access beyond end of device
[  866.308109][T14956] loop0: rw=524288, want=57352, limit=40427
[  866.317051][T19965] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.326283][T19965] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.326491][T14956] attempt to access beyond end of device
[  866.326491][T14956] loop0: rw=0, want=57352, limit=40427
[  866.334242][T19965] device bridge_slave_0 entered promiscuous mode
[  866.344894][T14956] attempt to access beyond end of device
[  866.344894][T14956] loop0: rw=524288, want=57352, limit=40427
[  866.361798][T14956] attempt to access beyond end of device
[  866.361798][T14956] loop0: rw=0, want=57352, limit=40427
[  866.373474][T14956] attempt to access beyond end of device
[  866.373474][T14956] loop0: rw=524288, want=57352, limit=40427
[  866.373566][T19965] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.385214][T14956] attempt to access beyond end of device
[  866.385214][T14956] loop0: rw=0, want=57352, limit=40427
[  866.391777][T19965] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.410412][T14956] attempt to access beyond end of device
[  866.410412][T14956] loop0: rw=524288, want=57352, limit=40427
[  866.422752][T19965] device bridge_slave_1 entered promiscuous mode
[  866.466115][T14956] attempt to access beyond end of device
[  866.466115][T14956] loop0: rw=0, want=57352, limit=40427
[  866.472421][T19965] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.477879][T14956] attempt to access beyond end of device
[  866.477879][T14956] loop0: rw=524288, want=57352, limit=40427
[  866.483746][T19965] bridge0: port 2(bridge_slave_1) entered forwarding state
[  866.497645][   T26] INFO: task kworker/u4:3:345 blocked for more than 190 seconds.
[  866.502067][T19965] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.516366][T19965] bridge0: port 1(bridge_slave_0) entered forwarding state
[  866.523558][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  866.537904][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  866.546391][   T26] task:kworker/u4:3    state:D stack:    0 pid:  345 ppid:     2 flags:0x00004000
[  866.555901][   T26] Workqueue: writeback wb_workfn (flush-7:0)
[  866.561821][   T26] Call Trace:
[  866.564832][   T26]  __schedule+0xbe6/0x1330
[  866.569138][   T26]  ? release_firmware_map_entry+0x192/0x192
[  866.574811][   T26]  ? __kasan_check_write+0x14/0x20
[  866.579826][   T26]  ? kthread_data+0x53/0xc0
[  866.584104][   T26]  ? wq_worker_sleeping+0x63/0x200
[  866.589068][   T26]  schedule+0x13d/0x1d0
[  866.593039][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  866.598614][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  866.604325][   T26]  ? f2fs_inode_chksum_verify+0xd6/0x4a0
[  866.609828][   T26]  ? read_node_page+0x3b4/0x690
[  866.614478][   T26]  ? f2fs_ra_node_page+0x190/0x250
[  866.619452][   T26]  ? __kasan_check_write+0x14/0x20
[  866.624373][   T26]  down_write+0x146/0x150
[  866.628557][   T26]  ? down_read_killable+0x220/0x220
[  866.633577][   T26]  ? has_not_enough_free_secs+0x416/0x930
[  866.639181][   T26]  f2fs_balance_fs+0x32d/0x3f0
[  866.643724][   T26]  ? f2fs_commit_inmem_pages+0xdb0/0xdb0
[  866.649224][   T26]  ? __kasan_check_write+0x14/0x20
[  866.654139][   T26]  ? f2fs_put_page+0x131/0x1b0
[  866.658767][   T26]  ? f2fs_update_inode_page+0x13d/0x170
[  866.664120][   T26]  ? f2fs_write_inode+0x506/0x5d0
[  866.669011][   T26]  f2fs_write_inode+0x553/0x5d0
[  866.673671][   T26]  __writeback_single_inode+0x4fa/0xac0
[  866.679080][   T26]  writeback_sb_inodes+0x99c/0x16b0
[  866.684085][   T26]  ? copy_user_enhanced_fast_string+0x27/0x40
[  866.690016][   T26]  ? queue_io+0x520/0x520
[  866.694157][   T26]  ? __kasan_check_write+0x14/0x20
[  866.699133][   T26]  ? down_read_trylock+0x179/0x1d0
[  866.704045][   T26]  ? queue_io+0x3d3/0x520
[  866.708232][   T26]  wb_writeback+0x4b7/0xc60
[  866.712555][   T26]  ? wb_io_lists_depopulated+0x180/0x180
[  866.718049][   T26]  ? do_softirq_own_stack+0x6c/0x80
[  866.723055][   T26]  ? cpumask_next+0x23/0x30
[  866.728193][   T26]  wb_workfn+0xb3d/0x1110
[  866.732346][   T26]  ? inode_wait_for_writeback+0x280/0x280
[  866.738098][   T26]  ? __switch_to_asm+0x34/0x60
[  866.806084][   T26]  ? __kasan_check_read+0x11/0x20
[  866.819945][   T26]  ? read_word_at_a_time+0x12/0x20
[  866.824921][   T26]  ? strscpy+0x9c/0x260
[  866.828941][   T26]  process_one_work+0x6dc/0xbd0
[  866.840342][   T26]  worker_thread+0xaea/0x1510
[  866.854262][   T26]  kthread+0x34b/0x3d0
[  866.903879][   T26]  ? worker_clr_flags+0x180/0x180
[  866.927726][   T26]  ? kthread_blkcg+0xd0/0xd0
[  866.943952][   T26]  ret_from_fork+0x1f/0x30
[  866.960215][   T26] INFO: task syz.0.4074:14955 blocked for more than 211 seconds.
[  866.988184][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  867.030086][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  867.067812][   T26] task:syz.0.4074      state:D stack:    0 pid:14955 ppid: 14851 flags:0x10004004
[  867.100915][   T26] Call Trace:
[  867.113655][   T26]  __schedule+0xbe6/0x1330
[  867.129746][   T26]  ? release_firmware_map_entry+0x192/0x192
[  867.150289][   T26]  ? __kasan_check_write+0x14/0x20
[  867.174589][   T26]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  867.184794][   T26]  ? _raw_spin_lock_irqsave+0x210/0x210
[  867.205703][   T26]  schedule+0x13d/0x1d0
[  867.210265][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  867.215923][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  867.221834][   T26]  ? avc_has_perm_noaudit+0x240/0x240
[  867.227307][   T26]  ? memset+0x35/0x40
[  867.231166][   T26]  ? __fsnotify_parent+0x4b9/0x6c0
[  867.236098][   T26]  down_write+0x146/0x150
[  867.240553][   T26]  ? down_read_killable+0x220/0x220
[  867.245620][   T26]  ? dentry_needs_remove_privs+0xbf/0x100
[  867.251504][   T26]  do_truncate+0x1de/0x2d0
[  867.255796][   T26]  ? page_reporting_drain+0x1e0/0x1e0
[  867.261186][   T26]  path_openat+0x298d/0x3000
[  867.265676][   T26]  ? kmem_cache_alloc+0x168/0x2e0
[  867.270678][   T26]  ? do_syscall_64+0x34/0x70
[  867.275130][   T26]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  867.281233][   T26]  ? do_filp_open+0x460/0x460
[  867.285768][   T26]  do_filp_open+0x21c/0x460
[  867.290297][   T26]  ? vfs_tmpfile+0x2b0/0x2b0
[  867.294807][   T26]  ? get_unused_fd_flags+0x94/0xa0
[  867.299849][   T26]  do_sys_openat2+0x13f/0x6f0
[  867.304386][   T26]  ? kern_path_create+0x40/0x40
[  867.309307][   T26]  ? do_sys_open+0x220/0x220
[  867.313766][   T26]  __x64_sys_open+0x221/0x270
[  867.318438][   T26]  ? do_sys_openat2+0x6f0/0x6f0
[  867.323179][   T26]  ? __kasan_check_read+0x11/0x20
[  867.328165][   T26]  do_syscall_64+0x34/0x70
[  867.332563][   T26]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  867.338606][   T26] RIP: 0033:0x7feadf896bd9
[  867.342890][   T26] RSP: 002b:00007feadeb18048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  867.351521][   T26] RAX: ffffffffffffffda RBX: 00007feadfa24f60 RCX: 00007feadf896bd9
[  867.359575][   T26] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 00000000200029c0
[  867.367629][   T26] RBP: 00007feadf905aa1 R08: 0000000000000000 R09: 0000000000000000
[  867.375484][   T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  867.383553][   T26] R13: 000000000000000b R14: 00007feadfa24f60 R15: 00007ffd2d98db98
[  867.394464][   T26] NMI backtrace for cpu 0
[  867.398731][   T26] CPU: 0 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  867.409568][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  867.419437][   T26] Call Trace:
[  867.422574][   T26]  dump_stack_lvl+0x1e2/0x24b
[  867.427096][   T26]  ? panic+0x812/0x812
[  867.430995][   T26]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  867.436291][   T26]  ? rcu_read_unlock_special+0xd8/0x4c0
[  867.441664][   T26]  ? sched_show_task+0x363/0x540
[  867.446435][   T26]  ? __rcu_read_unlock+0x90/0x90
[  867.451217][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  867.454589][T19965] device veth0_vlan entered promiscuous mode
[  867.457129][   T26]  dump_stack+0x15/0x17
[  867.466926][   T26]  nmi_trigger_cpumask_backtrace+0x2b5/0x300
[  867.472737][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  867.478640][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  867.484372][   T26]  watchdog+0xe5d/0xfd0
[  867.484963][T19965] device veth1_macvtap entered promiscuous mode
[  867.488362][   T26]  ? hungtask_pm_notify+0x50/0x50
[  867.488377][   T26]  ? __kasan_check_read+0x11/0x20
[  867.488409][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  867.508932][   T26]  kthread+0x34b/0x3d0
[  867.512837][   T26]  ? hungtask_pm_notify+0x50/0x50
[  867.517696][   T26]  ? kthread_blkcg+0xd0/0xd0
[  867.522115][   T26]  ret_from_fork+0x1f/0x30
[  867.526506][   T26] Sending NMI from CPU 0 to CPUs 1:
[  867.531792][    C1] NMI backtrace for cpu 1
[  867.531800][    C1] CPU: 1 PID: 19977 Comm: syz.2.5538 Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  867.531807][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  867.531811][    C1] RIP: 0010:__rdgsbase_inactive+0x0/0x30
[  867.531823][    C1] Code: 31 ed 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 db 45 31 e4 45 31 ed 45 31 f6 45 31 ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc <55> 48 89 e5 eb 0f 0f 1f 00 bf 02 01 00 c0 e8 7d 68 7c fc 5d c3 0f
[  867.531827][    C1] RSP: 0018:ffffc90000e578b8 EFLAGS: 00000046
[  867.531836][    C1] RAX: 1ffff11022f81e2d RBX: ffff888117c0f168 RCX: dffffc0000000000
[  867.531842][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888117c0e2c0
[  867.531847][    C1] RBP: ffffc90000e57a70 R08: dffffc0000000000 R09: ffffed1022f81c59
[  867.531852][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  867.531857][    C1] R13: dffffc0000000000 R14: 00007f7e44eba6c0 R15: 0000000000000001
[  867.531863][    C1] FS:  00007f7e44eba6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  867.531867][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  867.531873][    C1] CR2: 0000000020404030 CR3: 000000011243c000 CR4: 00000000003506a0
[  867.531878][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  867.531884][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  867.531887][    C1] Call Trace:
[  867.531889][    C1]  <NMI>
[  867.531892][    C1]  ? show_regs+0x58/0x60
[  867.531896][    C1]  ? nmi_cpu_backtrace+0x133/0x160
[  867.531900][    C1]  ? __svm_vcpu_run+0xf0/0xf0
[  867.531904][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  867.531908][    C1]  ? nmi_handle+0xa8/0x280
[  867.531911][    C1]  ? __svm_vcpu_run+0xf0/0xf0
[  867.531915][    C1]  ? default_do_nmi+0x69/0x160
[  867.531918][    C1]  ? exc_nmi+0xad/0x100
[  867.531922][    C1]  ? end_repeat_nmi+0x16/0x31
[  867.531925][    C1]  ? __svm_vcpu_run+0xf0/0xf0
[  867.531929][    C1]  ? __svm_vcpu_run+0xf0/0xf0
[  867.531932][    C1]  ? __svm_vcpu_run+0xf0/0xf0
[  867.531935][    C1]  </NMI>
[  867.756991][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  867.769956][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  867.791432][T19988] syz.0.5539[19988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  867.791498][T19988] syz.0.5539[19988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  867.878407][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  867.931973][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  867.947714][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  867.956667][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  867.975829][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  867.985640][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  867.999009][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  868.017245][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  868.024856][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  868.045559][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  868.106609][   T24] audit: type=1400 audit(1124.084:5113): avc:  denied  { append } for  pid=19989 comm="syz.1.5540" name="hwrng" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  869.087243][  T353] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  869.457248][  T353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  869.477119][  T353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  869.496850][  T353] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  869.517062][  T353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  869.530535][  T353] usb 3-1: config 0 descriptor??
[  869.867195][  T353] usbhid 3-1:0.0: can't add hid device: -71
[  869.873136][  T353] usbhid: probe of 3-1:0.0 failed with error -71
[  869.895348][  T353] usb 3-1: USB disconnect, device number 30
[  871.138159][T20016] EXT4-fs error (device loop2): ext4_quota_enable:6419: comm syz.2.5545: Bad quota inum: 5, type: 0
[  871.159094][T20016] EXT4-fs warning (device loop2): ext4_enable_quotas:6467: Failed to enable quota tracking (type=0, err=-117, ino=5). Please run e2fsck to fix.
[  871.187631][T20016] EXT4-fs (loop2): mount failed
[  871.292529][T14956] handle_bad_sector: 9707 callbacks suppressed
[  871.292544][T14956] attempt to access beyond end of device
[  871.292544][T14956] loop0: rw=524288, want=57352, limit=40427
[  871.313118][T14956] attempt to access beyond end of device
[  871.313118][T14956] loop0: rw=0, want=57352, limit=40427
[  871.329553][T14956] attempt to access beyond end of device
[  871.329553][T14956] loop0: rw=524288, want=57352, limit=40427
[  871.340922][T14956] attempt to access beyond end of device
[  871.340922][T14956] loop0: rw=0, want=57352, limit=40427
[  871.352714][T14956] attempt to access beyond end of device
[  871.352714][T14956] loop0: rw=524288, want=57352, limit=40427
[  871.364206][T14956] attempt to access beyond end of device
[  871.364206][T14956] loop0: rw=0, want=57352, limit=40427
[  871.375629][T14956] attempt to access beyond end of device
[  871.375629][T14956] loop0: rw=524288, want=57352, limit=40427
[  871.387175][T14956] attempt to access beyond end of device
[  871.387175][T14956] loop0: rw=0, want=57352, limit=40427
[  871.398493][T14956] attempt to access beyond end of device
[  871.398493][T14956] loop0: rw=524288, want=57352, limit=40427
[  871.409900][T14956] attempt to access beyond end of device
[  871.409900][T14956] loop0: rw=0, want=57352, limit=40427
[  876.297123][T14956] handle_bad_sector: 13236 callbacks suppressed
[  876.297136][T14956] attempt to access beyond end of device
[  876.297136][T14956] loop0: rw=524288, want=57352, limit=40427
[  876.314882][T14956] attempt to access beyond end of device
[  876.314882][T14956] loop0: rw=0, want=57352, limit=40427
[  876.326465][T14956] attempt to access beyond end of device
[  876.326465][T14956] loop0: rw=524288, want=57352, limit=40427
[  876.338176][T14956] attempt to access beyond end of device
[  876.338176][T14956] loop0: rw=0, want=57352, limit=40427
[  876.349581][T14956] attempt to access beyond end of device
[  876.349581][T14956] loop0: rw=524288, want=57352, limit=40427
[  876.361123][T14956] attempt to access beyond end of device
[  876.361123][T14956] loop0: rw=0, want=57352, limit=40427
[  876.372532][T14956] attempt to access beyond end of device
[  876.372532][T14956] loop0: rw=524288, want=57352, limit=40427
[  876.384081][T14956] attempt to access beyond end of device
[  876.384081][T14956] loop0: rw=0, want=57352, limit=40427
[  876.395473][T14956] attempt to access beyond end of device
[  876.395473][T14956] loop0: rw=524288, want=57352, limit=40427
[  876.407009][T14956] attempt to access beyond end of device
[  876.407009][T14956] loop0: rw=0, want=57352, limit=40427
[  881.307533][T14956] handle_bad_sector: 15168 callbacks suppressed
[  881.307548][T14956] attempt to access beyond end of device
[  881.307548][T14956] loop0: rw=524288, want=57352, limit=40427
[  881.325231][T14956] attempt to access beyond end of device
[  881.325231][T14956] loop0: rw=0, want=57352, limit=40427
[  881.336575][T14956] attempt to access beyond end of device
[  881.336575][T14956] loop0: rw=524288, want=57352, limit=40427
[  881.348142][T14956] attempt to access beyond end of device
[  881.348142][T14956] loop0: rw=0, want=57352, limit=40427
[  881.359564][T14956] attempt to access beyond end of device
[  881.359564][T14956] loop0: rw=524288, want=57352, limit=40427
[  881.371043][T14956] attempt to access beyond end of device
[  881.371043][T14956] loop0: rw=0, want=57352, limit=40427
[  881.382561][T14956] attempt to access beyond end of device
[  881.382561][T14956] loop0: rw=524288, want=57352, limit=40427
[  881.394014][T14956] attempt to access beyond end of device
[  881.394014][T14956] loop0: rw=0, want=57352, limit=40427
[  881.405365][T14956] attempt to access beyond end of device
[  881.405365][T14956] loop0: rw=524288, want=57352, limit=40427
[  881.417119][T14956] attempt to access beyond end of device
[  881.417119][T14956] loop0: rw=0, want=57352, limit=40427
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
remote cover enable write trace failed (errno 17)
SYZFAIL: repeatedly failed to execute the program
proc=3 req=5522 state=1 status=1 (errno 9: Bad file descriptor)
[  886.142305][   T24] audit: type=1400 audit(1142.124:5114): avc:  denied  { write } for  pid=273 comm="syz-executor" path="pipe:[13327]" dev="pipefs" ino=13327 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  886.317263][T14956] handle_bad_sector: 15632 callbacks suppressed
[  886.317276][T14956] attempt to access beyond end of device
[  886.317276][T14956] loop0: rw=524288, want=57352, limit=40427
[  886.334943][T14956] attempt to access beyond end of device
[  886.334943][T14956] loop0: rw=0, want=57352, limit=40427
[  886.346508][T14956] attempt to access beyond end of device
[  886.346508][T14956] loop0: rw=524288, want=57352, limit=40427
[  886.358164][T14956] attempt to access beyond end of device
[  886.358164][T14956] loop0: rw=0, want=57352, limit=40427
[  886.369603][T14956] attempt to access beyond end of device
[  886.369603][T14956] loop0: rw=524288, want=57352, limit=40427
[  886.381051][T14956] attempt to access beyond end of device
[  886.381051][T14956] loop0: rw=0, want=57352, limit=40427
[  886.392416][T14956] attempt to access beyond end of device
[  886.392416][T14956] loop0: rw=524288, want=57352, limit=40427
[  886.403903][T14956] attempt to access beyond end of device
[  886.403903][T14956] loop0: rw=0, want=57352, limit=40427
[  886.415234][T14956] attempt to access beyond end of device
[  886.415234][T14956] loop0: rw=524288, want=57352, limit=40427
[  886.426680][T14956] attempt to access beyond end of device
[  886.426680][T14956] loop0: rw=0, want=57352, limit=40427
[  887.617160][   T26] INFO: task kworker/u4:3:345 blocked for more than 211 seconds.
[  887.624701][   T26]       Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  887.647086][   T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  887.655569][   T26] task:kworker/u4:3    state:D stack:    0 pid:  345 ppid:     2 flags:0x00004000
[  887.687082][   T26] Workqueue: writeback wb_workfn (flush-7:0)
[  887.692872][   T26] Call Trace:
[  887.696008][   T26]  __schedule+0xbe6/0x1330
[  887.717098][   T26]  ? release_firmware_map_entry+0x192/0x192
[  887.722805][   T26]  ? __kasan_check_write+0x14/0x20
[  887.747146][   T26]  ? kthread_data+0x53/0xc0
[  887.751468][   T26]  ? wq_worker_sleeping+0x63/0x200
[  887.756408][   T26]  schedule+0x13d/0x1d0
[  887.767133][   T26]  rwsem_down_write_slowpath+0x858/0x11b0
[  887.772661][   T26]  ? rwsem_down_read_slowpath+0x1000/0x1000
[  887.787104][   T26]  ? f2fs_inode_chksum_verify+0xd6/0x4a0
[  887.792544][   T26]  ? read_node_page+0x3b4/0x690
[  887.817082][   T26]  ? f2fs_ra_node_page+0x190/0x250
[  887.822004][   T26]  ? __kasan_check_write+0x14/0x20
[  887.826949][   T26]  down_write+0x146/0x150
[  887.847097][   T26]  ? down_read_killable+0x220/0x220
[  887.852101][   T26]  ? has_not_enough_free_secs+0x416/0x930
[  887.857840][   T26]  f2fs_balance_fs+0x32d/0x3f0
[  887.862450][   T26]  ? f2fs_commit_inmem_pages+0xdb0/0xdb0
[  887.887080][   T26]  ? __kasan_check_write+0x14/0x20
[  887.892002][   T26]  ? f2fs_put_page+0x131/0x1b0
[  887.896600][   T26]  ? f2fs_update_inode_page+0x13d/0x170
[  887.917088][   T26]  ? f2fs_write_inode+0x506/0x5d0
[  887.921916][   T26]  f2fs_write_inode+0x553/0x5d0
[  887.926603][   T26]  __writeback_single_inode+0x4fa/0xac0
[  887.937090][   T26]  writeback_sb_inodes+0x99c/0x16b0
[  887.942092][   T26]  ? copy_user_enhanced_fast_string+0x27/0x40
[  887.967087][   T26]  ? queue_io+0x520/0x520
[  887.971222][   T26]  ? __kasan_check_write+0x14/0x20
[  887.976171][   T26]  ? down_read_trylock+0x179/0x1d0
[  887.987095][   T26]  ? queue_io+0x3d3/0x520
[  887.991230][   T26]  wb_writeback+0x4b7/0xc60
[  887.995572][   T26]  ? wb_io_lists_depopulated+0x180/0x180
[  888.017091][   T26]  ? do_softirq_own_stack+0x6c/0x80
[  888.022094][   T26]  ? cpumask_next+0x23/0x30
[  888.026436][   T26]  wb_workfn+0xb3d/0x1110
[  888.047085][   T26]  ? inode_wait_for_writeback+0x280/0x280
[  888.052613][   T26]  ? __switch_to_asm+0x34/0x60
[  888.067080][   T26]  ? __kasan_check_read+0x11/0x20
[  888.071908][   T26]  ? read_word_at_a_time+0x12/0x20
[  888.076851][   T26]  ? strscpy+0x9c/0x260
[  888.097103][   T26]  process_one_work+0x6dc/0xbd0
[  888.101766][   T26]  worker_thread+0xaea/0x1510
[  888.106275][   T26]  kthread+0x34b/0x3d0
[  888.117091][   T26]  ? worker_clr_flags+0x180/0x180
[  888.121920][   T26]  ? kthread_blkcg+0xd0/0xd0
[  888.126347][   T26]  ret_from_fork+0x1f/0x30
[  888.130682][   T26] NMI backtrace for cpu 1
[  888.134766][   T26] CPU: 1 PID: 26 Comm: khungtaskd Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  888.145702][   T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  888.155588][   T26] Call Trace:
[  888.158724][   T26]  dump_stack_lvl+0x1e2/0x24b
[  888.163230][   T26]  ? panic+0x812/0x812
[  888.167138][   T26]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  888.172434][   T26]  ? rcu_read_unlock_special+0xd8/0x4c0
[  888.177831][   T26]  ? sched_show_task+0x363/0x540
[  888.182585][   T26]  ? __rcu_read_unlock+0x90/0x90
[  888.187365][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  888.193266][   T26]  dump_stack+0x15/0x17
[  888.197266][   T26]  nmi_trigger_cpumask_backtrace+0x2b5/0x300
[  888.203075][   T26]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  888.208978][   T26]  arch_trigger_cpumask_backtrace+0x10/0x20
[  888.214719][   T26]  watchdog+0xe5d/0xfd0
[  888.218699][   T26]  ? hungtask_pm_notify+0x50/0x50
[  888.223571][   T26]  ? __kasan_check_read+0x11/0x20
[  888.228418][   T26]  ? __kthread_parkme+0xb9/0x1c0
[  888.233195][   T26]  kthread+0x34b/0x3d0
[  888.237093][   T26]  ? hungtask_pm_notify+0x50/0x50
[  888.241950][   T26]  ? kthread_blkcg+0xd0/0xd0
[  888.246377][   T26]  ret_from_fork+0x1f/0x30
[  888.250832][   T26] Sending NMI from CPU 1 to CPUs 0:
[  888.256674][    C0] NMI backtrace for cpu 0
[  888.256683][    C0] CPU: 0 PID: 19998 Comm: syz.1.5540 Tainted: G        W         5.10.218-syzkaller-00638-g3feee789f446 #0
[  888.256690][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  888.256694][    C0] RIP: 0010:radix_tree_lookup+0x18d/0x1d0
[  888.256707][    C0] Code: 07 38 c1 0f 8c 17 ff ff ff 48 89 df e8 dc 36 37 ff e9 0a ff ff ff e8 82 a3 f9 fe eb 05 e8 7b a3 f9 fe 4c 89 e0 48 83 c4 10 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 e8 64 a3 f9 fe 45 31 e4 eb e4 e8 5a
[  888.256711][    C0] RSP: 0018:ffffc90001146800 EFLAGS: 00000282
[  888.256721][    C0] RAX: fffffffffffffff0 RBX: ffff88811584ee30 RCX: 0000000000040000
[  888.256727][    C0] RDX: ffffc9000542a000 RSI: 000000000003ffff RDI: 0000000000040000
[  888.256732][    C0] RBP: ffffc90001146820 R08: ffffffff82710673 R09: fffff52000228cf9
[  888.256738][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: fffffffffffffff0
[  888.256744][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: dffffc0000000000
[  888.256750][    C0] FS:  00007f76912916c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  888.256755][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  888.256761][    C0] CR2: 00007ffe8d769ff8 CR3: 0000000125694000 CR4: 00000000003506b0
[  888.256767][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  888.256773][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  888.256776][    C0] Call Trace:
[  888.256779][    C0]  <NMI>
[  888.256782][    C0]  ? show_regs+0x58/0x60
[  888.256786][    C0]  ? nmi_cpu_backtrace+0x133/0x160
[  888.256790][    C0]  ? radix_tree_lookup+0x18d/0x1d0
[  888.256795][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  888.256798][    C0]  ? nmi_handle+0xa8/0x280
[  888.256803][    C0]  ? radix_tree_lookup+0x18d/0x1d0
[  888.256806][    C0]  ? default_do_nmi+0x69/0x160
[  888.256810][    C0]  ? exc_nmi+0xad/0x100
[  888.256814][    C0]  ? end_repeat_nmi+0x16/0x31
[  888.256818][    C0]  ? radix_tree_lookup+0xf3/0x1d0
[  888.256822][    C0]  ? radix_tree_lookup+0x18d/0x1d0
[  888.256826][    C0]  ? radix_tree_lookup+0x18d/0x1d0
[  888.256830][    C0]  ? radix_tree_lookup+0x18d/0x1d0
[  888.256833][    C0]  </NMI>
[  888.256835][    C0]  idr_find+0x40/0x60
[  888.256839][    C0]  tcf_idr_check_alloc+0x89/0x3b0
[  888.256842][    C0]  tcf_police_init+0x2db/0x1510
[  888.256845][    C0]  ? tcf_police_search+0x90/0x90
[  888.256849][    C0]  ? tcf_police_search+0x90/0x90
[  888.256852][    C0]  tcf_action_init_1+0x584/0x830
[  888.256855][    C0]  ? tc_action_load_ops+0x520/0x520
[  888.256859][    C0]  ? tc_action_load_ops+0x2b5/0x520
[  888.256862][    C0]  tcf_action_init+0x2b5/0x800
[  888.256865][    C0]  ? tcf_action_init_1+0x830/0x830
[  888.256869][    C0]  ? __nla_validate_parse+0x1e53/0x2700
[  888.256872][    C0]  ? cap_capable+0x1ce/0x270
[  888.256875][    C0]  ? security_capable+0x87/0xb0
[  888.256878][    C0]  tc_ctl_action+0x42b/0x9c0
[  888.256882][    C0]  ? tcf_free_cookie_rcu+0x50/0x50
[  888.256885][    C0]  ? _raw_spin_lock+0xa4/0x1b0
[  888.256888][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  888.256891][    C0]  ? mutex_trylock+0xa0/0xa0
[  888.256894][    C0]  ? ns_capable+0x89/0xe0
[  888.256898][    C0]  ? netlink_net_capable+0x125/0x160
[  888.256901][    C0]  ? tcf_free_cookie_rcu+0x50/0x50
[  888.256904][    C0]  rtnetlink_rcv_msg+0x955/0xc50
[  888.256908][    C0]  ? is_bpf_text_address+0x172/0x190
[  888.256911][    C0]  ? rtnetlink_bind+0x80/0x80
[  888.256914][    C0]  ? arch_stack_walk+0xf3/0x140
[  888.256918][    C0]  ? stack_trace_save+0x113/0x1c0
[  888.256922][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  888.256925][    C0]  ? bpf_send_signal_common+0x341/0x420
[  888.256929][    C0]  ? avc_has_perm+0x14d/0x400
[  888.256932][    C0]  ? memcpy+0x56/0x70
[  888.256935][    C0]  ? avc_has_perm+0x275/0x400
[  888.256938][    C0]  ? __kasan_slab_alloc+0xb1/0xe0
[  888.256942][    C0]  ? slab_post_alloc_hook+0x61/0x2f0
[  888.256945][    C0]  ? kmem_cache_alloc+0x168/0x2e0
[  888.256949][    C0]  ? avc_has_perm_noaudit+0x240/0x240
[  888.256952][    C0]  ? iov_iter_advance+0x258/0xb20
[  888.256955][    C0]  netlink_rcv_skb+0x1cf/0x410
[  888.256958][    C0]  ? rtnetlink_bind+0x80/0x80
[  888.256961][    C0]  ? netlink_ack+0xb30/0xb30
[  888.256964][    C0]  ? __netlink_lookup+0x37b/0x3a0
[  888.256968][    C0]  rtnetlink_rcv+0x1c/0x20
[  888.256971][    C0]  netlink_unicast+0x8df/0xac0
[  888.256974][    C0]  ? netlink_detachskb+0x90/0x90
[  888.256978][    C0]  ? security_netlink_send+0x7b/0xa0
[  888.256981][    C0]  netlink_sendmsg+0xa46/0xd00
[  888.256984][    C0]  ? netlink_getsockopt+0x5c0/0x5c0
[  888.256988][    C0]  ? security_socket_sendmsg+0x82/0xb0
[  888.256991][    C0]  ? netlink_getsockopt+0x5c0/0x5c0
[  888.256994][    C0]  ____sys_sendmsg+0x59e/0x8f0
[  888.256998][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[  888.257001][    C0]  ? import_iovec+0xe5/0x120
[  888.257004][    C0]  ___sys_sendmsg+0x252/0x2e0
[  888.257007][    C0]  ? __sys_sendmsg+0x280/0x280
[  888.257011][    C0]  ? percpu_counter_add_batch+0x13d/0x160
[  888.257014][    C0]  ? __fdget+0x1bc/0x240
[  888.257017][    C0]  __se_sys_sendmsg+0x1b1/0x280
[  888.257020][    C0]  ? __x64_sys_sendmsg+0x90/0x90
[  888.257023][    C0]  ? fpu__clear_all+0x20/0x20
[  888.257027][    C0]  ? __kasan_check_read+0x11/0x20
[  888.257030][    C0]  __x64_sys_sendmsg+0x7b/0x90
[  888.257033][    C0]  do_syscall_64+0x34/0x70
[  888.257037][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  888.257040][    C0] RIP: 0033:0x7f7692051bd9
[  888.257054][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  888.257058][    C0] RSP: 002b:00007f7691291048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  888.257066][    C0] RAX: ffffffffffffffda RBX: 00007f76921e0110 RCX: 00007f7692051bd9
[  888.257071][    C0] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 000000000000000b
[  888.257076][    C0] RBP: 00007f76920c0aa1 R08: 0000000000000000 R09: 0000000000000000
[  888.257080][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  888.257085][    C0] R13: 000000000000006e R14: 00007f76921e0110 R15: 00007ffe6690a7a8
serialport: VM disconnected.